A voir également:
- Page d accueil
- Page d'accueil iphone - Guide
- Supprimer une page word - Guide
- Mettre google en page d'accueil - Guide
- Traduire une page web - Guide
- Créer une page facebook - Guide
62 réponses
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 16:36
6 déc. 2008 à 16:36
bonjour
Télécharge HijackThis (outils de dignostic) ici :
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
Télécharge HijackThis (outils de dignostic) ici :
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:39:34, on 06/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - Global Startup: Digimax Viewer 2.0.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Scan saved at 16:39:34, on 06/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - Global Startup: Digimax Viewer 2.0.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 16:50
6 déc. 2008 à 16:50
--------------------rechercher--------------------------
Important! Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent et actif)
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Important! Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent et actif)
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
VOILA NEOR -----------\\ ToolBar S&D 1.2.6 XP/Vista
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 06/12/2008|17:08 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(SERRELI) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.free.fr/freebox/index.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/12/2008|17:09 - Option : [1]
-----------\\ Fin du rapport a 17:09:13,01
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 06/12/2008|17:08 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(SERRELI) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.free.fr/freebox/index.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/12/2008|17:09 - Option : [1]
-----------\\ Fin du rapport a 17:09:13,01
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
VOILA NEOR -----------\\ ToolBar S&D 1.2.6 XP/Vista
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 06/12/2008|17:08 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(SERRELI) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.free.fr/freebox/index.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/12/2008|17:09 - Option : [1]
-----------\\ Fin du rapport a 17:09:13,01
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 06/12/2008|17:08 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(SERRELI) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.free.fr/freebox/index.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/12/2008|17:09 - Option : [1]
-----------\\ Fin du rapport a 17:09:13,01
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 17:13
6 déc. 2008 à 17:13
--------------nettoyage----------------------------
Relance Toolbar-S&D
Important! Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent et actif)
en double-cliquant sur le raccourci.
Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Relance Toolbar-S&D
Important! Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent et actif)
en double-cliquant sur le raccourci.
Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
crapoulou
Messages postés
28161
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 992
6 déc. 2008 à 17:38
6 déc. 2008 à 17:38
Salut,
A quoi bon ?
Crapoulou.
A quoi bon ?
Crapoulou.
-----------\\ ToolBar S&D 1.2.6 XP/Vista
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [2] ( 06/12/2008|17:21 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(SERRELI) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.free.fr/freebox/index.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/12/2008|17:09 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/12/2008|17:18 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 06/12/2008|17:21 - Option : [2]
-----------\\ Fin du rapport a 17:21:51,96
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [2] ( 06/12/2008|17:21 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(SERRELI) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.free.fr/freebox/index.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/12/2008|17:09 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/12/2008|17:18 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 06/12/2008|17:21 - Option : [2]
-----------\\ Fin du rapport a 17:21:51,96
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 17:27
6 déc. 2008 à 17:27
--------------recherche----------------------------
Télécharge Lop S&D :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Déconnecte toi et ferme toutes tes applications en cours .
Double-clique sur sur l'.exe que tu viens de télécharger pour lancer l'installe .
Une fois l'installation faite, clique sur le raccourci pour lancer l'outil .
Là,laisses toi guider:
--->choisis l'option 1 (recherche) et valides.
(Tu ne fais pas l'option de nettoyage ( 2 ou 3) ).
Une fois le scan terminer ,le Bloc-Notes contenant le rapport va s'ouvrir.
Poste ce rapport dans ta prochaine réponse pour analyse .
Télécharge Lop S&D :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Déconnecte toi et ferme toutes tes applications en cours .
Double-clique sur sur l'.exe que tu viens de télécharger pour lancer l'installe .
Une fois l'installation faite, clique sur le raccourci pour lancer l'outil .
Là,laisses toi guider:
--->choisis l'option 1 (recherche) et valides.
(Tu ne fais pas l'option de nettoyage ( 2 ou 3) ).
Une fois le scan terminer ,le Bloc-Notes contenant le rapport va s'ouvrir.
Poste ce rapport dans ta prochaine réponse pour analyse .
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 06/12/2008|17:39 )
--------------------\\ Listing des dossiers dans APPLIC~1
[05/12/2008|06:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/07/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[23/09/2003|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Canon
[04/08/2003|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[31/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/12/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[29/07/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/09/2003|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[04/08/2003|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2002|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[28/09/2003|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[10/05/2004|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/10/2004|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[16/08/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[30/09/2002|12:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[30/09/2002|11:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/08/2003|15:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[14/10/2008|17:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[03/01/2007|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/12/2006|12:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[07/08/2006|12:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/06/2005|10:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[05/12/2008|07:18] C:\DOCUME~1\SERRELI\APPLIC~1\Adobe
[29/10/2008|20:07] C:\DOCUME~1\SERRELI\APPLIC~1\AdobeUM
[31/07/2007|06:39] C:\DOCUME~1\SERRELI\APPLIC~1\Anuman Interactive
[14/02/2006|15:21] C:\DOCUME~1\SERRELI\APPLIC~1\COWON
[19/10/2003|17:45] C:\DOCUME~1\SERRELI\APPLIC~1\CyberLink
[23/11/2008|16:12] C:\DOCUME~1\SERRELI\APPLIC~1\dvdcss
[06/12/2008|15:33] C:\DOCUME~1\SERRELI\APPLIC~1\EoRezo
[27/01/2008|18:56] C:\DOCUME~1\SERRELI\APPLIC~1\Google
[31/10/2003|12:58] C:\DOCUME~1\SERRELI\APPLIC~1\Help
[30/09/2002|12:09] C:\DOCUME~1\SERRELI\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\SERRELI\APPLIC~1\InterTrust
[20/11/2003|20:17] C:\DOCUME~1\SERRELI\APPLIC~1\Kazaa Lite
[17/08/2004|14:08] C:\DOCUME~1\SERRELI\APPLIC~1\Macromedia
[05/12/2008|17:54] C:\DOCUME~1\SERRELI\APPLIC~1\Malwarebytes
[20/02/2007|13:45] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft
[28/09/2003|11:11] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft Web Folders
[03/07/2007|15:01] C:\DOCUME~1\SERRELI\APPLIC~1\Mozilla
[19/04/2006|16:56] C:\DOCUME~1\SERRELI\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\SERRELI\APPLIC~1\NCH Swift Sound
[07/07/2007|08:04] C:\DOCUME~1\SERRELI\APPLIC~1\Real
[20/08/2006|09:26] C:\DOCUME~1\SERRELI\APPLIC~1\Sun
[30/01/2004|18:20] C:\DOCUME~1\SERRELI\APPLIC~1\Symantec
[22/11/2003|19:01] C:\DOCUME~1\SERRELI\APPLIC~1\VERITAS
[01/12/2008|19:51] C:\DOCUME~1\SERRELI\APPLIC~1\vlc
[21/02/2006|17:09] C:\DOCUME~1\SERRELI\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[05/12/2008 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
[05/12/2008 17:30][--a------] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[06/12/2008 15:17][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[06/12/2008 15:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/12/2008|06:37] C:\Program Files\Adobe
[26/02/2004|20:17] C:\Program Files\Alcatel
[11/03/2006|15:51] C:\Program Files\BitComet
[16/02/2007|17:16] C:\Program Files\blonde004
[19/11/2005|11:49] C:\Program Files\Cannon Smash
[09/11/2003|09:44] C:\Program Files\Canon
[18/03/2006|15:37] C:\Program Files\CDBurnerXP Pro 3
[04/08/2003|15:43] C:\Program Files\CyberLink
[07/03/2007|18:38] C:\Program Files\DivX
[23/06/2007|10:07] C:\Program Files\doc
[26/08/2005|16:05] C:\Program Files\EasyBurning
[09/12/2007|10:49] C:\Program Files\EHMINSTALL
[06/12/2008|15:33] C:\Program Files\Fichiers communs
[28/06/2006|12:25] C:\Program Files\Free
[09/12/2007|10:45] C:\Program Files\Freeplayer
[28/01/2008|10:49] C:\Program Files\Google
[30/03/2008|11:27] C:\Program Files\GSM
[01/04/2008|17:49] C:\Program Files\Guitar Pro 5
[14/10/2008|16:37] C:\Program Files\htm
[23/08/2006|15:04] C:\Program Files\InstallShield Installation Information
[15/10/2003|16:50] C:\Program Files\InterActual
[15/10/2008|18:08] C:\Program Files\Internet Explorer
[03/12/2008|19:54] C:\Program Files\Java
[16/09/2003|18:02] C:\Program Files\JavaSoft
[10/06/2007|08:57] C:\Program Files\Jeux classiques
[01/01/2004|17:36] C:\Program Files\Labtec
[21/02/2006|17:09] C:\Program Files\Learn2.com
[05/12/2008|17:54] C:\Program Files\Malwarebytes' Anti-Malware
[03/09/2008|13:53] C:\Program Files\Messenger
[30/09/2002|12:05] C:\Program Files\microsoft frontpage
[05/05/2005|17:36] C:\Program Files\Microsoft Office
[06/05/2005|16:59] C:\Program Files\Microsoft Visual Studio
[24/05/2006|16:13] C:\Program Files\Mindscape
[04/08/2003|15:26] C:\Program Files\MouseWare
[03/09/2008|13:45] C:\Program Files\Movie Maker
[16/02/2007|17:17] C:\Program Files\mp3
[17/07/2004|23:37] C:\Program Files\MSN
[25/07/2004|16:10] C:\Program Files\MSN Apps
[30/09/2002|12:00] C:\Program Files\MSN Gaming Zone
[30/04/2004|16:21] C:\Program Files\Nabisco
[26/06/2008|18:08] C:\Program Files\NCH Swift Sound
[03/09/2008|13:42] C:\Program Files\NetMeeting
[01/07/2008|09:01] C:\Program Files\Norton AntiVirus
[25/11/2008|10:33] C:\Program Files\Norton SystemWorks
[18/09/2003|18:03] C:\Program Files\Nullsoft
[03/09/2008|13:42] C:\Program Files\Outlook Express
[11/03/2007|18:27] C:\Program Files\photo
[16/02/2007|17:18] C:\Program Files\ppt
[04/12/2007|11:06] C:\Program Files\QuickTime
[04/03/2005|14:59] C:\Program Files\QuickZip
[28/04/2005|17:33] C:\Program Files\QuickZip4
[03/07/2007|14:55] C:\Program Files\Real
[09/01/2005|11:26] C:\Program Files\Samsung
[30/09/2002|12:00] C:\Program Files\Services en ligne
[12/12/2003|05:23] C:\Program Files\ShareMonkey
[01/02/2004|17:30] C:\Program Files\SLD CODEC PACK 1.5.3
[21/05/2005|13:29] C:\Program Files\Smart Projects
[28/09/2003|11:12] C:\Program Files\Snapshot Viewer
[13/07/2008|17:50] C:\Program Files\Sun
[01/11/2006|11:03] C:\Program Files\Symantec
[15/03/2005|17:20] C:\Program Files\SymNetDrv
[06/12/2008|16:39] C:\Program Files\Trend Micro
[03/07/2004|07:50] C:\Program Files\Uninstall Information
[03/08/2007|17:22] C:\Program Files\VideoLAN
[18/09/2003|18:03] C:\Program Files\Viewpoint
[04/08/2003|15:40] C:\Program Files\Virtual CD v4 SDK
[07/10/2004|18:13] C:\Program Files\WildTangent
[11/03/2006|15:52] C:\Program Files\Winamp
[03/03/2005|18:11] C:\Program Files\Wind
[14/11/2004|16:10] C:\Program Files\Windows Media Components
[06/01/2007|11:27] C:\Program Files\Windows Media Connect 2
[03/09/2008|13:42] C:\Program Files\Windows Media Player
[03/09/2008|13:42] C:\Program Files\Windows NT
[03/09/2008|10:59] C:\Program Files\WindowsUpdate
[14/12/2006|07:14] C:\Program Files\WinMX
[14/12/2006|07:21] C:\Program Files\WinZip
[30/09/2002|12:05] C:\Program Files\xerox
[03/08/2004|19:44] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/12/2008|06:38] C:\Program Files\Fichiers communs\Adobe
[01/02/2004|19:21] C:\Program Files\Fichiers communs\Borland Shared
[06/05/2005|16:59] C:\Program Files\Fichiers communs\Designer
[01/02/2004|16:38] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|17:37] C:\Program Files\Fichiers communs\Logitech
[22/11/2008|08:54] C:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2002|12:02] C:\Program Files\Fichiers communs\MSSoap
[21/02/2006|17:08] C:\Program Files\Fichiers communs\Nullsoft
[18/03/2006|15:37] C:\Program Files\Fichiers communs\ODBC
[07/07/2007|08:04] C:\Program Files\Fichiers communs\Real
[29/01/2006|10:54] C:\Program Files\Fichiers communs\Services
[30/09/2002|11:55] C:\Program Files\Fichiers communs\SpeechEngines
[29/11/2008|15:14] C:\Program Files\Fichiers communs\Symantec Shared
[03/09/2008|13:41] C:\Program Files\Fichiers communs\System
[04/08/2003|15:36] C:\Program Files\Fichiers communs\TVNavigTechnologies Shared
[21/05/2005|17:20] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 50 Processes )
iexplore.exe ~ [PID:1596]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\SERRELI\Cookies\serreli@advertstream[2].txt
C:\DOCUME~1\SERRELI\Cookies\serreli@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-06 17:40:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:40][D:13]-> C:\DOCUME~1\SERRELI\LOCALS~1\Temp
[F:189][D:0]-> C:\DOCUME~1\SERRELI\Cookies
[F:5564][D:16]-> C:\DOCUME~1\SERRELI\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|17:41 - Option : [1]
--------------------\\ Fin du rapport a 17:41:39
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 06/12/2008|17:39 )
--------------------\\ Listing des dossiers dans APPLIC~1
[05/12/2008|06:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/07/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[23/09/2003|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Canon
[04/08/2003|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[31/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/12/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[29/07/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/09/2003|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[04/08/2003|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2002|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[28/09/2003|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[10/05/2004|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/10/2004|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[16/08/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[30/09/2002|12:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[30/09/2002|11:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/08/2003|15:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[14/10/2008|17:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[03/01/2007|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/12/2006|12:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[07/08/2006|12:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/06/2005|10:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[05/12/2008|07:18] C:\DOCUME~1\SERRELI\APPLIC~1\Adobe
[29/10/2008|20:07] C:\DOCUME~1\SERRELI\APPLIC~1\AdobeUM
[31/07/2007|06:39] C:\DOCUME~1\SERRELI\APPLIC~1\Anuman Interactive
[14/02/2006|15:21] C:\DOCUME~1\SERRELI\APPLIC~1\COWON
[19/10/2003|17:45] C:\DOCUME~1\SERRELI\APPLIC~1\CyberLink
[23/11/2008|16:12] C:\DOCUME~1\SERRELI\APPLIC~1\dvdcss
[06/12/2008|15:33] C:\DOCUME~1\SERRELI\APPLIC~1\EoRezo
[27/01/2008|18:56] C:\DOCUME~1\SERRELI\APPLIC~1\Google
[31/10/2003|12:58] C:\DOCUME~1\SERRELI\APPLIC~1\Help
[30/09/2002|12:09] C:\DOCUME~1\SERRELI\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\SERRELI\APPLIC~1\InterTrust
[20/11/2003|20:17] C:\DOCUME~1\SERRELI\APPLIC~1\Kazaa Lite
[17/08/2004|14:08] C:\DOCUME~1\SERRELI\APPLIC~1\Macromedia
[05/12/2008|17:54] C:\DOCUME~1\SERRELI\APPLIC~1\Malwarebytes
[20/02/2007|13:45] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft
[28/09/2003|11:11] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft Web Folders
[03/07/2007|15:01] C:\DOCUME~1\SERRELI\APPLIC~1\Mozilla
[19/04/2006|16:56] C:\DOCUME~1\SERRELI\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\SERRELI\APPLIC~1\NCH Swift Sound
[07/07/2007|08:04] C:\DOCUME~1\SERRELI\APPLIC~1\Real
[20/08/2006|09:26] C:\DOCUME~1\SERRELI\APPLIC~1\Sun
[30/01/2004|18:20] C:\DOCUME~1\SERRELI\APPLIC~1\Symantec
[22/11/2003|19:01] C:\DOCUME~1\SERRELI\APPLIC~1\VERITAS
[01/12/2008|19:51] C:\DOCUME~1\SERRELI\APPLIC~1\vlc
[21/02/2006|17:09] C:\DOCUME~1\SERRELI\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[05/12/2008 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
[05/12/2008 17:30][--a------] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[06/12/2008 15:17][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[06/12/2008 15:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/12/2008|06:37] C:\Program Files\Adobe
[26/02/2004|20:17] C:\Program Files\Alcatel
[11/03/2006|15:51] C:\Program Files\BitComet
[16/02/2007|17:16] C:\Program Files\blonde004
[19/11/2005|11:49] C:\Program Files\Cannon Smash
[09/11/2003|09:44] C:\Program Files\Canon
[18/03/2006|15:37] C:\Program Files\CDBurnerXP Pro 3
[04/08/2003|15:43] C:\Program Files\CyberLink
[07/03/2007|18:38] C:\Program Files\DivX
[23/06/2007|10:07] C:\Program Files\doc
[26/08/2005|16:05] C:\Program Files\EasyBurning
[09/12/2007|10:49] C:\Program Files\EHMINSTALL
[06/12/2008|15:33] C:\Program Files\Fichiers communs
[28/06/2006|12:25] C:\Program Files\Free
[09/12/2007|10:45] C:\Program Files\Freeplayer
[28/01/2008|10:49] C:\Program Files\Google
[30/03/2008|11:27] C:\Program Files\GSM
[01/04/2008|17:49] C:\Program Files\Guitar Pro 5
[14/10/2008|16:37] C:\Program Files\htm
[23/08/2006|15:04] C:\Program Files\InstallShield Installation Information
[15/10/2003|16:50] C:\Program Files\InterActual
[15/10/2008|18:08] C:\Program Files\Internet Explorer
[03/12/2008|19:54] C:\Program Files\Java
[16/09/2003|18:02] C:\Program Files\JavaSoft
[10/06/2007|08:57] C:\Program Files\Jeux classiques
[01/01/2004|17:36] C:\Program Files\Labtec
[21/02/2006|17:09] C:\Program Files\Learn2.com
[05/12/2008|17:54] C:\Program Files\Malwarebytes' Anti-Malware
[03/09/2008|13:53] C:\Program Files\Messenger
[30/09/2002|12:05] C:\Program Files\microsoft frontpage
[05/05/2005|17:36] C:\Program Files\Microsoft Office
[06/05/2005|16:59] C:\Program Files\Microsoft Visual Studio
[24/05/2006|16:13] C:\Program Files\Mindscape
[04/08/2003|15:26] C:\Program Files\MouseWare
[03/09/2008|13:45] C:\Program Files\Movie Maker
[16/02/2007|17:17] C:\Program Files\mp3
[17/07/2004|23:37] C:\Program Files\MSN
[25/07/2004|16:10] C:\Program Files\MSN Apps
[30/09/2002|12:00] C:\Program Files\MSN Gaming Zone
[30/04/2004|16:21] C:\Program Files\Nabisco
[26/06/2008|18:08] C:\Program Files\NCH Swift Sound
[03/09/2008|13:42] C:\Program Files\NetMeeting
[01/07/2008|09:01] C:\Program Files\Norton AntiVirus
[25/11/2008|10:33] C:\Program Files\Norton SystemWorks
[18/09/2003|18:03] C:\Program Files\Nullsoft
[03/09/2008|13:42] C:\Program Files\Outlook Express
[11/03/2007|18:27] C:\Program Files\photo
[16/02/2007|17:18] C:\Program Files\ppt
[04/12/2007|11:06] C:\Program Files\QuickTime
[04/03/2005|14:59] C:\Program Files\QuickZip
[28/04/2005|17:33] C:\Program Files\QuickZip4
[03/07/2007|14:55] C:\Program Files\Real
[09/01/2005|11:26] C:\Program Files\Samsung
[30/09/2002|12:00] C:\Program Files\Services en ligne
[12/12/2003|05:23] C:\Program Files\ShareMonkey
[01/02/2004|17:30] C:\Program Files\SLD CODEC PACK 1.5.3
[21/05/2005|13:29] C:\Program Files\Smart Projects
[28/09/2003|11:12] C:\Program Files\Snapshot Viewer
[13/07/2008|17:50] C:\Program Files\Sun
[01/11/2006|11:03] C:\Program Files\Symantec
[15/03/2005|17:20] C:\Program Files\SymNetDrv
[06/12/2008|16:39] C:\Program Files\Trend Micro
[03/07/2004|07:50] C:\Program Files\Uninstall Information
[03/08/2007|17:22] C:\Program Files\VideoLAN
[18/09/2003|18:03] C:\Program Files\Viewpoint
[04/08/2003|15:40] C:\Program Files\Virtual CD v4 SDK
[07/10/2004|18:13] C:\Program Files\WildTangent
[11/03/2006|15:52] C:\Program Files\Winamp
[03/03/2005|18:11] C:\Program Files\Wind
[14/11/2004|16:10] C:\Program Files\Windows Media Components
[06/01/2007|11:27] C:\Program Files\Windows Media Connect 2
[03/09/2008|13:42] C:\Program Files\Windows Media Player
[03/09/2008|13:42] C:\Program Files\Windows NT
[03/09/2008|10:59] C:\Program Files\WindowsUpdate
[14/12/2006|07:14] C:\Program Files\WinMX
[14/12/2006|07:21] C:\Program Files\WinZip
[30/09/2002|12:05] C:\Program Files\xerox
[03/08/2004|19:44] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/12/2008|06:38] C:\Program Files\Fichiers communs\Adobe
[01/02/2004|19:21] C:\Program Files\Fichiers communs\Borland Shared
[06/05/2005|16:59] C:\Program Files\Fichiers communs\Designer
[01/02/2004|16:38] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|17:37] C:\Program Files\Fichiers communs\Logitech
[22/11/2008|08:54] C:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2002|12:02] C:\Program Files\Fichiers communs\MSSoap
[21/02/2006|17:08] C:\Program Files\Fichiers communs\Nullsoft
[18/03/2006|15:37] C:\Program Files\Fichiers communs\ODBC
[07/07/2007|08:04] C:\Program Files\Fichiers communs\Real
[29/01/2006|10:54] C:\Program Files\Fichiers communs\Services
[30/09/2002|11:55] C:\Program Files\Fichiers communs\SpeechEngines
[29/11/2008|15:14] C:\Program Files\Fichiers communs\Symantec Shared
[03/09/2008|13:41] C:\Program Files\Fichiers communs\System
[04/08/2003|15:36] C:\Program Files\Fichiers communs\TVNavigTechnologies Shared
[21/05/2005|17:20] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 50 Processes )
iexplore.exe ~ [PID:1596]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\SERRELI\Cookies\serreli@advertstream[2].txt
C:\DOCUME~1\SERRELI\Cookies\serreli@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-06 17:40:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:40][D:13]-> C:\DOCUME~1\SERRELI\LOCALS~1\Temp
[F:189][D:0]-> C:\DOCUME~1\SERRELI\Cookies
[F:5564][D:16]-> C:\DOCUME~1\SERRELI\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|17:41 - Option : [1]
--------------------\\ Fin du rapport a 17:41:39
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 17:45
6 déc. 2008 à 17:45
--------------nettoyage------------------------------
Relance Lop S&D :
Là,laisses toi guider:
--->choisis l'option 2 (suppression) et valides.
Relance Lop S&D :
Là,laisses toi guider:
--->choisis l'option 2 (suppression) et valides.
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 06/12/2008|17:48 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\SERRELI\Cookies\serreli@advertstream[2].txt
Supprime! - C:\DOCUME~1\SERRELI\Cookies\serreli@advertising[2].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[05/12/2008|06:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/07/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[23/09/2003|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Canon
[04/08/2003|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[31/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/12/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[29/07/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/09/2003|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[04/08/2003|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2002|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[28/09/2003|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[10/05/2004|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[16/08/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[30/09/2002|12:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[30/09/2002|11:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/08/2003|15:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[14/10/2008|17:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[03/01/2007|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/12/2006|12:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[07/08/2006|12:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/06/2005|10:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[05/12/2008|07:18] C:\DOCUME~1\SERRELI\APPLIC~1\Adobe
[29/10/2008|20:07] C:\DOCUME~1\SERRELI\APPLIC~1\AdobeUM
[31/07/2007|06:39] C:\DOCUME~1\SERRELI\APPLIC~1\Anuman Interactive
[14/02/2006|15:21] C:\DOCUME~1\SERRELI\APPLIC~1\COWON
[19/10/2003|17:45] C:\DOCUME~1\SERRELI\APPLIC~1\CyberLink
[23/11/2008|16:12] C:\DOCUME~1\SERRELI\APPLIC~1\dvdcss
[06/12/2008|15:33] C:\DOCUME~1\SERRELI\APPLIC~1\EoRezo
[27/01/2008|18:56] C:\DOCUME~1\SERRELI\APPLIC~1\Google
[31/10/2003|12:58] C:\DOCUME~1\SERRELI\APPLIC~1\Help
[30/09/2002|12:09] C:\DOCUME~1\SERRELI\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\SERRELI\APPLIC~1\InterTrust
[20/11/2003|20:17] C:\DOCUME~1\SERRELI\APPLIC~1\Kazaa Lite
[17/08/2004|14:08] C:\DOCUME~1\SERRELI\APPLIC~1\Macromedia
[05/12/2008|17:54] C:\DOCUME~1\SERRELI\APPLIC~1\Malwarebytes
[20/02/2007|13:45] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft
[28/09/2003|11:11] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft Web Folders
[03/07/2007|15:01] C:\DOCUME~1\SERRELI\APPLIC~1\Mozilla
[19/04/2006|16:56] C:\DOCUME~1\SERRELI\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\SERRELI\APPLIC~1\NCH Swift Sound
[07/07/2007|08:04] C:\DOCUME~1\SERRELI\APPLIC~1\Real
[20/08/2006|09:26] C:\DOCUME~1\SERRELI\APPLIC~1\Sun
[30/01/2004|18:20] C:\DOCUME~1\SERRELI\APPLIC~1\Symantec
[22/11/2003|19:01] C:\DOCUME~1\SERRELI\APPLIC~1\VERITAS
[01/12/2008|19:51] C:\DOCUME~1\SERRELI\APPLIC~1\vlc
[21/02/2006|17:09] C:\DOCUME~1\SERRELI\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[05/12/2008 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
[05/12/2008 17:30][--a------] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[06/12/2008 15:17][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[06/12/2008 15:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/12/2008|06:37] C:\Program Files\Adobe
[26/02/2004|20:17] C:\Program Files\Alcatel
[11/03/2006|15:51] C:\Program Files\BitComet
[16/02/2007|17:16] C:\Program Files\blonde004
[19/11/2005|11:49] C:\Program Files\Cannon Smash
[09/11/2003|09:44] C:\Program Files\Canon
[18/03/2006|15:37] C:\Program Files\CDBurnerXP Pro 3
[04/08/2003|15:43] C:\Program Files\CyberLink
[07/03/2007|18:38] C:\Program Files\DivX
[23/06/2007|10:07] C:\Program Files\doc
[26/08/2005|16:05] C:\Program Files\EasyBurning
[09/12/2007|10:49] C:\Program Files\EHMINSTALL
[06/12/2008|15:33] C:\Program Files\Fichiers communs
[28/06/2006|12:25] C:\Program Files\Free
[09/12/2007|10:45] C:\Program Files\Freeplayer
[28/01/2008|10:49] C:\Program Files\Google
[30/03/2008|11:27] C:\Program Files\GSM
[01/04/2008|17:49] C:\Program Files\Guitar Pro 5
[14/10/2008|16:37] C:\Program Files\htm
[23/08/2006|15:04] C:\Program Files\InstallShield Installation Information
[15/10/2003|16:50] C:\Program Files\InterActual
[15/10/2008|18:08] C:\Program Files\Internet Explorer
[03/12/2008|19:54] C:\Program Files\Java
[16/09/2003|18:02] C:\Program Files\JavaSoft
[10/06/2007|08:57] C:\Program Files\Jeux classiques
[01/01/2004|17:36] C:\Program Files\Labtec
[21/02/2006|17:09] C:\Program Files\Learn2.com
[05/12/2008|17:54] C:\Program Files\Malwarebytes' Anti-Malware
[03/09/2008|13:53] C:\Program Files\Messenger
[30/09/2002|12:05] C:\Program Files\microsoft frontpage
[05/05/2005|17:36] C:\Program Files\Microsoft Office
[06/05/2005|16:59] C:\Program Files\Microsoft Visual Studio
[24/05/2006|16:13] C:\Program Files\Mindscape
[04/08/2003|15:26] C:\Program Files\MouseWare
[03/09/2008|13:45] C:\Program Files\Movie Maker
[16/02/2007|17:17] C:\Program Files\mp3
[17/07/2004|23:37] C:\Program Files\MSN
[25/07/2004|16:10] C:\Program Files\MSN Apps
[30/09/2002|12:00] C:\Program Files\MSN Gaming Zone
[30/04/2004|16:21] C:\Program Files\Nabisco
[26/06/2008|18:08] C:\Program Files\NCH Swift Sound
[03/09/2008|13:42] C:\Program Files\NetMeeting
[01/07/2008|09:01] C:\Program Files\Norton AntiVirus
[25/11/2008|10:33] C:\Program Files\Norton SystemWorks
[18/09/2003|18:03] C:\Program Files\Nullsoft
[03/09/2008|13:42] C:\Program Files\Outlook Express
[11/03/2007|18:27] C:\Program Files\photo
[16/02/2007|17:18] C:\Program Files\ppt
[04/12/2007|11:06] C:\Program Files\QuickTime
[04/03/2005|14:59] C:\Program Files\QuickZip
[28/04/2005|17:33] C:\Program Files\QuickZip4
[03/07/2007|14:55] C:\Program Files\Real
[09/01/2005|11:26] C:\Program Files\Samsung
[30/09/2002|12:00] C:\Program Files\Services en ligne
[12/12/2003|05:23] C:\Program Files\ShareMonkey
[01/02/2004|17:30] C:\Program Files\SLD CODEC PACK 1.5.3
[21/05/2005|13:29] C:\Program Files\Smart Projects
[28/09/2003|11:12] C:\Program Files\Snapshot Viewer
[13/07/2008|17:50] C:\Program Files\Sun
[01/11/2006|11:03] C:\Program Files\Symantec
[15/03/2005|17:20] C:\Program Files\SymNetDrv
[06/12/2008|16:39] C:\Program Files\Trend Micro
[03/07/2004|07:50] C:\Program Files\Uninstall Information
[03/08/2007|17:22] C:\Program Files\VideoLAN
[04/08/2003|15:40] C:\Program Files\Virtual CD v4 SDK
[07/10/2004|18:13] C:\Program Files\WildTangent
[11/03/2006|15:52] C:\Program Files\Winamp
[03/03/2005|18:11] C:\Program Files\Wind
[14/11/2004|16:10] C:\Program Files\Windows Media Components
[06/01/2007|11:27] C:\Program Files\Windows Media Connect 2
[03/09/2008|13:42] C:\Program Files\Windows Media Player
[03/09/2008|13:42] C:\Program Files\Windows NT
[03/09/2008|10:59] C:\Program Files\WindowsUpdate
[14/12/2006|07:14] C:\Program Files\WinMX
[14/12/2006|07:21] C:\Program Files\WinZip
[30/09/2002|12:05] C:\Program Files\xerox
[03/08/2004|19:44] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/12/2008|06:38] C:\Program Files\Fichiers communs\Adobe
[01/02/2004|19:21] C:\Program Files\Fichiers communs\Borland Shared
[06/05/2005|16:59] C:\Program Files\Fichiers communs\Designer
[01/02/2004|16:38] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|17:37] C:\Program Files\Fichiers communs\Logitech
[22/11/2008|08:54] C:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2002|12:02] C:\Program Files\Fichiers communs\MSSoap
[21/02/2006|17:08] C:\Program Files\Fichiers communs\Nullsoft
[18/03/2006|15:37] C:\Program Files\Fichiers communs\ODBC
[07/07/2007|08:04] C:\Program Files\Fichiers communs\Real
[29/01/2006|10:54] C:\Program Files\Fichiers communs\Services
[30/09/2002|11:55] C:\Program Files\Fichiers communs\SpeechEngines
[29/11/2008|15:14] C:\Program Files\Fichiers communs\Symantec Shared
[03/09/2008|13:41] C:\Program Files\Fichiers communs\System
[04/08/2003|15:36] C:\Program Files\Fichiers communs\TVNavigTechnologies Shared
[21/05/2005|17:20] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 48 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-06 17:49:44
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:40][D:13]-> C:\DOCUME~1\SERRELI\LOCALS~1\Temp
[F:187][D:0]-> C:\DOCUME~1\SERRELI\Cookies
[F:5593][D:16]-> C:\DOCUME~1\SERRELI\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|17:41 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/12/2008|17:50 - Option : [2]
--------------------\\ Fin du rapport a 17:50:35
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 06/12/2008|17:48 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\SERRELI\Cookies\serreli@advertstream[2].txt
Supprime! - C:\DOCUME~1\SERRELI\Cookies\serreli@advertising[2].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[05/12/2008|06:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/07/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[23/09/2003|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Canon
[04/08/2003|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[31/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/12/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[29/07/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/09/2003|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[04/08/2003|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2002|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[28/09/2003|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[10/05/2004|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[16/08/2006|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[30/09/2002|12:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[30/09/2002|11:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/08/2003|15:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[14/10/2008|17:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[03/01/2007|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/12/2006|12:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[07/08/2006|12:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/06/2005|10:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[05/12/2008|07:18] C:\DOCUME~1\SERRELI\APPLIC~1\Adobe
[29/10/2008|20:07] C:\DOCUME~1\SERRELI\APPLIC~1\AdobeUM
[31/07/2007|06:39] C:\DOCUME~1\SERRELI\APPLIC~1\Anuman Interactive
[14/02/2006|15:21] C:\DOCUME~1\SERRELI\APPLIC~1\COWON
[19/10/2003|17:45] C:\DOCUME~1\SERRELI\APPLIC~1\CyberLink
[23/11/2008|16:12] C:\DOCUME~1\SERRELI\APPLIC~1\dvdcss
[06/12/2008|15:33] C:\DOCUME~1\SERRELI\APPLIC~1\EoRezo
[27/01/2008|18:56] C:\DOCUME~1\SERRELI\APPLIC~1\Google
[31/10/2003|12:58] C:\DOCUME~1\SERRELI\APPLIC~1\Help
[30/09/2002|12:09] C:\DOCUME~1\SERRELI\APPLIC~1\Identities
[04/08/2003|15:34] C:\DOCUME~1\SERRELI\APPLIC~1\InterTrust
[20/11/2003|20:17] C:\DOCUME~1\SERRELI\APPLIC~1\Kazaa Lite
[17/08/2004|14:08] C:\DOCUME~1\SERRELI\APPLIC~1\Macromedia
[05/12/2008|17:54] C:\DOCUME~1\SERRELI\APPLIC~1\Malwarebytes
[20/02/2007|13:45] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft
[28/09/2003|11:11] C:\DOCUME~1\SERRELI\APPLIC~1\Microsoft Web Folders
[03/07/2007|15:01] C:\DOCUME~1\SERRELI\APPLIC~1\Mozilla
[19/04/2006|16:56] C:\DOCUME~1\SERRELI\APPLIC~1\MSN6
[26/06/2008|18:08] C:\DOCUME~1\SERRELI\APPLIC~1\NCH Swift Sound
[07/07/2007|08:04] C:\DOCUME~1\SERRELI\APPLIC~1\Real
[20/08/2006|09:26] C:\DOCUME~1\SERRELI\APPLIC~1\Sun
[30/01/2004|18:20] C:\DOCUME~1\SERRELI\APPLIC~1\Symantec
[22/11/2003|19:01] C:\DOCUME~1\SERRELI\APPLIC~1\VERITAS
[01/12/2008|19:51] C:\DOCUME~1\SERRELI\APPLIC~1\vlc
[21/02/2006|17:09] C:\DOCUME~1\SERRELI\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[05/12/2008 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
[05/12/2008 17:30][--a------] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[06/12/2008 15:17][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[06/12/2008 15:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/12/2008|06:37] C:\Program Files\Adobe
[26/02/2004|20:17] C:\Program Files\Alcatel
[11/03/2006|15:51] C:\Program Files\BitComet
[16/02/2007|17:16] C:\Program Files\blonde004
[19/11/2005|11:49] C:\Program Files\Cannon Smash
[09/11/2003|09:44] C:\Program Files\Canon
[18/03/2006|15:37] C:\Program Files\CDBurnerXP Pro 3
[04/08/2003|15:43] C:\Program Files\CyberLink
[07/03/2007|18:38] C:\Program Files\DivX
[23/06/2007|10:07] C:\Program Files\doc
[26/08/2005|16:05] C:\Program Files\EasyBurning
[09/12/2007|10:49] C:\Program Files\EHMINSTALL
[06/12/2008|15:33] C:\Program Files\Fichiers communs
[28/06/2006|12:25] C:\Program Files\Free
[09/12/2007|10:45] C:\Program Files\Freeplayer
[28/01/2008|10:49] C:\Program Files\Google
[30/03/2008|11:27] C:\Program Files\GSM
[01/04/2008|17:49] C:\Program Files\Guitar Pro 5
[14/10/2008|16:37] C:\Program Files\htm
[23/08/2006|15:04] C:\Program Files\InstallShield Installation Information
[15/10/2003|16:50] C:\Program Files\InterActual
[15/10/2008|18:08] C:\Program Files\Internet Explorer
[03/12/2008|19:54] C:\Program Files\Java
[16/09/2003|18:02] C:\Program Files\JavaSoft
[10/06/2007|08:57] C:\Program Files\Jeux classiques
[01/01/2004|17:36] C:\Program Files\Labtec
[21/02/2006|17:09] C:\Program Files\Learn2.com
[05/12/2008|17:54] C:\Program Files\Malwarebytes' Anti-Malware
[03/09/2008|13:53] C:\Program Files\Messenger
[30/09/2002|12:05] C:\Program Files\microsoft frontpage
[05/05/2005|17:36] C:\Program Files\Microsoft Office
[06/05/2005|16:59] C:\Program Files\Microsoft Visual Studio
[24/05/2006|16:13] C:\Program Files\Mindscape
[04/08/2003|15:26] C:\Program Files\MouseWare
[03/09/2008|13:45] C:\Program Files\Movie Maker
[16/02/2007|17:17] C:\Program Files\mp3
[17/07/2004|23:37] C:\Program Files\MSN
[25/07/2004|16:10] C:\Program Files\MSN Apps
[30/09/2002|12:00] C:\Program Files\MSN Gaming Zone
[30/04/2004|16:21] C:\Program Files\Nabisco
[26/06/2008|18:08] C:\Program Files\NCH Swift Sound
[03/09/2008|13:42] C:\Program Files\NetMeeting
[01/07/2008|09:01] C:\Program Files\Norton AntiVirus
[25/11/2008|10:33] C:\Program Files\Norton SystemWorks
[18/09/2003|18:03] C:\Program Files\Nullsoft
[03/09/2008|13:42] C:\Program Files\Outlook Express
[11/03/2007|18:27] C:\Program Files\photo
[16/02/2007|17:18] C:\Program Files\ppt
[04/12/2007|11:06] C:\Program Files\QuickTime
[04/03/2005|14:59] C:\Program Files\QuickZip
[28/04/2005|17:33] C:\Program Files\QuickZip4
[03/07/2007|14:55] C:\Program Files\Real
[09/01/2005|11:26] C:\Program Files\Samsung
[30/09/2002|12:00] C:\Program Files\Services en ligne
[12/12/2003|05:23] C:\Program Files\ShareMonkey
[01/02/2004|17:30] C:\Program Files\SLD CODEC PACK 1.5.3
[21/05/2005|13:29] C:\Program Files\Smart Projects
[28/09/2003|11:12] C:\Program Files\Snapshot Viewer
[13/07/2008|17:50] C:\Program Files\Sun
[01/11/2006|11:03] C:\Program Files\Symantec
[15/03/2005|17:20] C:\Program Files\SymNetDrv
[06/12/2008|16:39] C:\Program Files\Trend Micro
[03/07/2004|07:50] C:\Program Files\Uninstall Information
[03/08/2007|17:22] C:\Program Files\VideoLAN
[04/08/2003|15:40] C:\Program Files\Virtual CD v4 SDK
[07/10/2004|18:13] C:\Program Files\WildTangent
[11/03/2006|15:52] C:\Program Files\Winamp
[03/03/2005|18:11] C:\Program Files\Wind
[14/11/2004|16:10] C:\Program Files\Windows Media Components
[06/01/2007|11:27] C:\Program Files\Windows Media Connect 2
[03/09/2008|13:42] C:\Program Files\Windows Media Player
[03/09/2008|13:42] C:\Program Files\Windows NT
[03/09/2008|10:59] C:\Program Files\WindowsUpdate
[14/12/2006|07:14] C:\Program Files\WinMX
[14/12/2006|07:21] C:\Program Files\WinZip
[30/09/2002|12:05] C:\Program Files\xerox
[03/08/2004|19:44] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/12/2008|06:38] C:\Program Files\Fichiers communs\Adobe
[01/02/2004|19:21] C:\Program Files\Fichiers communs\Borland Shared
[06/05/2005|16:59] C:\Program Files\Fichiers communs\Designer
[01/02/2004|16:38] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|17:37] C:\Program Files\Fichiers communs\Logitech
[22/11/2008|08:54] C:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2002|12:02] C:\Program Files\Fichiers communs\MSSoap
[21/02/2006|17:08] C:\Program Files\Fichiers communs\Nullsoft
[18/03/2006|15:37] C:\Program Files\Fichiers communs\ODBC
[07/07/2007|08:04] C:\Program Files\Fichiers communs\Real
[29/01/2006|10:54] C:\Program Files\Fichiers communs\Services
[30/09/2002|11:55] C:\Program Files\Fichiers communs\SpeechEngines
[29/11/2008|15:14] C:\Program Files\Fichiers communs\Symantec Shared
[03/09/2008|13:41] C:\Program Files\Fichiers communs\System
[04/08/2003|15:36] C:\Program Files\Fichiers communs\TVNavigTechnologies Shared
[21/05/2005|17:20] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 48 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-06 17:49:44
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:40][D:13]-> C:\DOCUME~1\SERRELI\LOCALS~1\Temp
[F:187][D:0]-> C:\DOCUME~1\SERRELI\Cookies
[F:5593][D:16]-> C:\DOCUME~1\SERRELI\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|17:41 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/12/2008|17:50 - Option : [2]
--------------------\\ Fin du rapport a 17:50:35
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 18:01
6 déc. 2008 à 18:01
-------------------recherche---------------------------
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://neor244.free.fr/ADR.exe
/!\ Déconnectes toi et fermes toutes applications en cours
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://neor244.free.fr/ADR.exe
/!\ Déconnectes toi et fermes toutes applications en cours
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 18:11
6 déc. 2008 à 18:11
--------- Logfile of AD-Remover 1.0.5.9 by C_XX ---------
# START at: 18:16:20 | 06/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal
# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: SN400174860002 | USER: SERRELI ( Current user is an administrator )
# DRIVE(S): A:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.11
--------- [ RUNNING PROCESSES: 43 ] ---------
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Messenger\msmsgs.exe
-----------------------------------
+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND ..
+---------------------------------------------------------------------------+
Found ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND ..
+---------------------------------------------------------------------------+
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND ..
+---------------------------------------------------------------------------+
[29/07/2007 18:05|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY
[06/12/2008 15:33|d--------] C:\Documents and Settings\SERRELI\Application Data\EoRezo
[04/12/2008 19:22|--a------] C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf
[04/12/2008 19:21|--a------] C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\1zdgz1tl.default\prefs.js :
~~~~ Mozilla FireFox version ~~~~
+----------+
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\...\Run]
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AnumanLive REG_SZ C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
kamsoft REG_SZ C:\WINDOWS\system32\kamsoft.exe
+--[HKEY_LOCAL_MACHINE\...\Run]
EM_EXEC REG_SZ C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
ATIModeChange REG_SZ Ati2mdxx.exe
ATIPTA REG_SZ C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
VCSPlayer REG_SZ "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
MPTBox REG_SZ C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
SpeedTouch USB Diagnostics REG_SZ "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
LVCOMS REG_SZ C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
GhostStartTrayApp REG_SZ C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
QD FastAndSafe REG_SZ
Symantec NetDriver Monitor REG_SZ C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
EoEngine REG_SZ "C:\Program Files\EoRezo\EoEngine.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://free.fr/
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://www.msn.com/
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 138 lines ]
+---------------------------------------------------------------------------+
# START at: 18:16:20 | 06/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal
# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: SN400174860002 | USER: SERRELI ( Current user is an administrator )
# DRIVE(S): A:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.11
--------- [ RUNNING PROCESSES: 43 ] ---------
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Messenger\msmsgs.exe
-----------------------------------
+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND ..
+---------------------------------------------------------------------------+
Found ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND ..
+---------------------------------------------------------------------------+
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND ..
+---------------------------------------------------------------------------+
[29/07/2007 18:05|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY
[06/12/2008 15:33|d--------] C:\Documents and Settings\SERRELI\Application Data\EoRezo
[04/12/2008 19:22|--a------] C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf
[04/12/2008 19:21|--a------] C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\1zdgz1tl.default\prefs.js :
~~~~ Mozilla FireFox version ~~~~
+----------+
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\...\Run]
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AnumanLive REG_SZ C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
kamsoft REG_SZ C:\WINDOWS\system32\kamsoft.exe
+--[HKEY_LOCAL_MACHINE\...\Run]
EM_EXEC REG_SZ C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
ATIModeChange REG_SZ Ati2mdxx.exe
ATIPTA REG_SZ C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
VCSPlayer REG_SZ "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
MPTBox REG_SZ C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
SpeedTouch USB Diagnostics REG_SZ "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
LVCOMS REG_SZ C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
GhostStartTrayApp REG_SZ C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
QD FastAndSafe REG_SZ
Symantec NetDriver Monitor REG_SZ C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
EoEngine REG_SZ "C:\Program Files\EoRezo\EoEngine.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://free.fr/
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://www.msn.com/
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 138 lines ]
+---------------------------------------------------------------------------+
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 18:21
6 déc. 2008 à 18:21
------------------------nettoyage----------------------------------
relance ad remover choisi l'option B et coche boonty,eorezo et colle le rapport de désinfection
relance ad remover choisi l'option B et coche boonty,eorezo et colle le rapport de désinfection
--------- Logfile of AD-Remover 1.0.5.9 by C_XX ---------
*** Limited to ***
Boonty/BoontyGames
Eorezo
******************
# START at: 18:25:01 | 06/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal
# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: SN400174860002 | USER: SERRELI ( Current user is an administrator )
# DRIVE(S): A:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.11
--------- [ RUNNING PROCESSES: 45 ] ---------
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spider.exe
C:\Program Files\Messenger\msmsgs.exe
-----------------------------------
(!) ---- IE start pages reset
+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+
Deleted successfully ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+
[29/07/2007 18:05|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY
[06/12/2008 15:33|d--------] C:\Documents and Settings\SERRELI\Application Data\EoRezo
/!\ NOT DELETED - [04/12/2008 19:22|--a------] C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf
/!\ NOT DELETED - [04/12/2008 19:21|--a------] C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
************* /!\ File(s)/Folder(s) Not Deleted /!\ *************
"C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf"
"C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf"
Second run ...
"C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf" - RESIST !
"C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf" - RESIST !
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\...\Run]
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AnumanLive REG_SZ C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
kamsoft REG_SZ C:\WINDOWS\system32\kamsoft.exe
+--[HKEY_LOCAL_MACHINE\...\Run]
EM_EXEC REG_SZ C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
ATIModeChange REG_SZ Ati2mdxx.exe
ATIPTA REG_SZ C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
VCSPlayer REG_SZ "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
MPTBox REG_SZ C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
SpeedTouch USB Diagnostics REG_SZ "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
LVCOMS REG_SZ C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
GhostStartTrayApp REG_SZ C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
QD FastAndSafe REG_SZ
Symantec NetDriver Monitor REG_SZ C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 146 lines ]
+---------------------------------------------------------------------------+
*** Limited to ***
Boonty/BoontyGames
Eorezo
******************
# START at: 18:25:01 | 06/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal
# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: SN400174860002 | USER: SERRELI ( Current user is an administrator )
# DRIVE(S): A:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.11
--------- [ RUNNING PROCESSES: 45 ] ---------
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spider.exe
C:\Program Files\Messenger\msmsgs.exe
-----------------------------------
(!) ---- IE start pages reset
+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+
Deleted successfully ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+
[29/07/2007 18:05|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY
[06/12/2008 15:33|d--------] C:\Documents and Settings\SERRELI\Application Data\EoRezo
/!\ NOT DELETED - [04/12/2008 19:22|--a------] C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf
/!\ NOT DELETED - [04/12/2008 19:21|--a------] C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
************* /!\ File(s)/Folder(s) Not Deleted /!\ *************
"C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf"
"C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf"
Second run ...
"C:\WINDOWS\Prefetch\EOENGINE.EXE-25D17307.pf" - RESIST !
"C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-16FAFBC8.pf" - RESIST !
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\...\Run]
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AnumanLive REG_SZ C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
kamsoft REG_SZ C:\WINDOWS\system32\kamsoft.exe
+--[HKEY_LOCAL_MACHINE\...\Run]
EM_EXEC REG_SZ C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
ATIModeChange REG_SZ Ati2mdxx.exe
ATIPTA REG_SZ C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
VCSPlayer REG_SZ "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
MPTBox REG_SZ C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
SpeedTouch USB Diagnostics REG_SZ "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
LVCOMS REG_SZ C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
GhostStartTrayApp REG_SZ C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
QD FastAndSafe REG_SZ
Symantec NetDriver Monitor REG_SZ C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 146 lines ]
+---------------------------------------------------------------------------+
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 18:34
6 déc. 2008 à 18:34
refais un hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:26, on 06/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\spider.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - Global Startup: Digimax Viewer 2.0.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Scan saved at 18:38:26, on 06/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\spider.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - Global Startup: Digimax Viewer 2.0.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
neor
Messages postés
1084
Date d'inscription
samedi 22 novembre 2008
Statut
Membre
Dernière intervention
28 janvier 2010
30
6 déc. 2008 à 18:50
6 déc. 2008 à 18:50
normalement c'est bon
evite de faire des analyses tout seul la tu avais cache boonty et eoreza
tu peux faire un malwarebyte complet pour voir
evite de faire des analyses tout seul la tu avais cache boonty et eoreza
tu peux faire un malwarebyte complet pour voir