Sujet Précédent Sujet Suivant

Probleme avec mozilla firefox

Résolu/Fermé
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009 - 11 mai 2009 à 21:21
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009 - 12 mai 2009 à 23:33
Bonjour,

depuis quelques jours, j'ai des petits soucis avec firefox...par moment il ouvre des fenêtres publicitaires ou par moment il plante carrément et ce ferme... j'ai vérifier que la case "bloquer les fenêtres pop up" était bien coché dans outils et j'ai effectuer des anti-virus mais rien ne change.... je me permet donc de vous faire parvenir un rapport hijacktis car je dois avouer être arriver au bout de mes compétences....

Logfile of HijackThis v1.99.1
Scan saved at 21:04:03, on 11/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SFR\Media Center\MediaCenter.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\VIDEOCEAN 1\Bureau\hijackthis-1\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66017
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoo1.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
R3 - URLSearchHook: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: (no name) - {3C95DAED-EE5C-4783-82C0-D99999B5B0BB} - (no file)
O2 - BHO: DNSEred - {55756cea-62ac-1a32-0e1f-faa0fdf76869} - C:\WINDOWS\system32\iednser.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: trueads - {84af9ad1-8fc7-1a0f-e657-9bc5b92b6cff} - C:\WINDOWS\system32\nstB.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9d29dcdd-8a68-7cc8-d35e-62df18086a58} - (no file)
O2 - BHO: trueads search enhancer - {A0F4A990-B803-0383-77F6-A4387DEFA1F8} - C:\WINDOWS\system32\ctkwemfrfw.dll
O2 - BHO: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoo1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {BA98AA71-A42D-4A06-B991-75CB1B28352E} - (no file)
O2 - BHO: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: (no name) - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - (no file)
O2 - BHO: (no name) - {D4C2DF15-51EB-49E9-88C1-A8FDB852AF5a} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
O3 - Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoo1.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: (no name) - {196C3A46-4758-433D-A600-802C804AF39C} - (no file)
O3 - Toolbar: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P1.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\VIDEOCEAN 1\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b934f0efc4d44aaa89d047f81fadc842
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b934f0efc4d44aaa89d047f81fadc842
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (file missing) (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (file missing) (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/TechConsole/x86/RescueControl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://angiedu62200.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} -
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://ww11.commandondemand.com/eval/cod/cabs/cssweb.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://p2pi.mine.nu:1444/activex/AMC.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-bb1d910906c85616.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

merci par avance a ceux qui prendront le temps de lire ceci...;)
A voir également:

39 réponses

Précédent
  • 1
  • 2
Réponse 21 / 39
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 10:13
et le rapport yoog-fix...

Yoog_Fix 2.02 de Batch_Man
Debut a 10:06 le 12/05/2009
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
Internet Explorer 6.0.2900.5512
Mozilla Firefox 3.0.10 (fr)
Avira GmbH 8.0.1.30 (Activated)
Check Point, LTD. 7.0.483.000 (Activated)

C:\ [Fixed] - NTFS - (Total:78152 Mo/Free:907 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

Option [1] 2 Recherche

+---------------\\ Processus cachés/bloqués

1628 -Locked- vsmon.exe
2648 -Locked- zlclient.exe

+---------------\\ Recherche

----------\\ Recherche de fichiers

C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\searchplugins\Yoog Search.xml FOUND!

----------\\ Recherche dans prefs.js

prefs.js [VIDEOCEAN 1 - zh7uz1hs.default] user_pref("browser.search.defaultenginename", "Yoog Search");
prefs.js [VIDEOCEAN 1 - zh7uz1hs.default] user_pref("browser.search.defaulturl", "http://www27.yoog.com/search.php?q=");
prefs.js [VIDEOCEAN 1 - zh7uz1hs.default] user_pref("browser.search.selectedEngine", "Yoog Search");
prefs.js [VIDEOCEAN 1 - zh7uz1hs.default] user_pref("keyword.URL", "http://www27.yoog.com/search.php?q=");

user.js [VIDEOCEAN 1 - zh7uz1hs.default] user_pref("browser.search.defaultenginename", "Yoog Search");
user.js [VIDEOCEAN 1 - zh7uz1hs.default] user_pref("browser.search.defaulturl", "http://www27.yoog.com/search.php?q=");
user.js [VIDEOCEAN 1 - zh7uz1hs.default] user_pref("browser.search.selectedEngine", "Yoog Search");
user.js [VIDEOCEAN 1 - zh7uz1hs.default] user_pref("keyword.URL", "http://www27.yoog.com/search.php?q=");

----------\\ Recherche dans le registre

[HKEY_USERS\S-1-5-21-1214440339-854245398-725345543-1004\..\SearchScopes],@DefaultScope={afdbddaa-5d3f-42ee-b79c-185a7020515b}
[HKEY_USERS\S-1-5-21-1214440339-854245398-725345543-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] @DisplayName=Yoog Search
[HKCU\..\SearchScopes],@DefaultScope={afdbddaa-5d3f-42ee-b79c-185a7020515b}
[HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] @DisplayName=Yoog Search

----------\\ Infections associées possibles


----------\\ Suspects ( PAS FORCEMENT INFECTIEUX )


+---> Registre


+---> Fichiers



+---------------\\Analyse complémentaire

+---------\\ Tâches planifiées

C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\Google Software Updater.job
C:\WINDOWS\Tasks\Maintenance en 1 clic.job

----------\\ Analyse de Firefox

[C:\Documents and Settings\VIDEOCEAN 1\..\prefs.js] browser.startup.homepage: http://msn.fr
[C:\Documents and Settings\VIDEOCEAN 1\..\prefs.js] browser.startup.homepage: http://msn.fr
[C:\Documents and Settings\VIDEOCEAN 1\..\prefs.js] browser.search.selectedEngine: Yoog Search
[C:\Documents and Settings\VIDEOCEAN 1\..\prefs.js] browser.search.defaultenginename: Yoog Search

----------\\ Extensions Firefox

[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\extensions\OberonGameHost@OberonGames.com
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\extensions\OberonGameHost@OberonGames.com
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\extensions\{a841a1c1-4687-4285-89fe-e9df6c5ed4c6}
[User: VIDEOCEAN 1 (zh7uz1hs.default)] - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

----------\\ Plugins de recherche

[10/09/2006 13:35|1516] - C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml: Amazon.fr - Recherche Amazon.fr: https://www.amazon.fr/
[28/09/2008 09:10|757] - C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml: eBay France - eBay - Enchères en ligne: http://search.ebay.fr/
[16/04/2008 06:08|1706] - C:\Program Files\Mozilla Firefox\searchplugins\google.xml: Google - Google Search: https://www.google.com/
[10/09/2006 13:35|748] - C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml: MediaDICO - Les Dictionnaires Mediadico: http://www.dictionnaire-mediadico.com/dictionnaires.asp
[29/03/2008 15:59|1426] - C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml: Wikipédia (fr) - Wikipédia, l'encyclopédie libre: https://fr.wikipedia.org/wiki/Sp%C3%A9cial:Recherche
[12/09/2006 20:49|652] - C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml: Yahoo - Recherche Yahoo: https://fr.search.yahoo.com/

----------\\ Listing de dossiers

[24/04/2009 02:39 | --a------ | 348547 bytes] C:\Program Files\Mozilla Firefox\Components\browser.xpt
[24/04/2009 08:48 | --a------ | 23032 bytes] C:\Program Files\Mozilla Firefox\Components\browserdirprovider.dll
[24/04/2009 08:48 | --a------ | 134648 bytes] C:\Program Files\Mozilla Firefox\Components\brwsrcmp.dll
[11/05/2009 12:25 | --a------ | 144322 bytes] C:\Program Files\Mozilla Firefox\Components\compreg.dat
[29/04/2009 16:34 | --a------ | 422400 bytes] C:\Program Files\Mozilla Firefox\Components\ctkwemfrfw.dll
[29/06/2008 00:36 | --a------ | 6789 bytes] C:\Program Files\Mozilla Firefox\Components\nppl3260.xpt
[27/04/2005 16:14 | --a------ | 415 bytes] C:\Program Files\Mozilla Firefox\Components\npscriptable.xpt
[05/12/2005 22:31 | --a------ | 343 bytes] C:\Program Files\Mozilla Firefox\Components\nsIMozAxPlugin.xpt
[16/07/2008 01:18 | --a------ | 2394 bytes] C:\Program Files\Mozilla Firefox\Components\nsIQTScriptablePlugin.xpt
[26/09/2006 13:03 | --a------ | 140 bytes] C:\Program Files\Mozilla Firefox\Components\nsIZylomPlugin.xpt
[29/06/2008 00:35 | --a------ | 556 bytes] C:\Program Files\Mozilla Firefox\Components\nsJSRealPlayerPlugin.xpt
[11/05/2009 12:25 | --a------ | 97425 bytes] C:\Program Files\Mozilla Firefox\Components\xpti.dat
[14/10/2008 21:43 | d-------- | 0 bytes] C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT
[10/04/2007 18:21 | --a------ | 163256 bytes] C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[07/08/2007 14:35 | --a------ | 49152 bytes] C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[09/03/2009 05:19 | --a------ | 410984 bytes] C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[16/09/2008 02:11 | --a------ | 1335600 bytes] C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[16/09/2008 02:11 | --a------ | 1607 bytes] C:\Program Files\Mozilla Firefox\plugins\npdivx32.xpt
[16/09/2008 02:12 | --a------ | 98304 bytes] C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[21/09/2006 17:29 | --------- | 135227 bytes] C:\Program Files\Mozilla Firefox\plugins\npExentCtl.dll
[21/09/2006 17:27 | --------- | 249 bytes] C:\Program Files\Mozilla Firefox\plugins\npIExentCtl.xpt
[05/12/2005 22:31 | --a------ | 114688 bytes] C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[24/04/2009 08:48 | --a------ | 65528 bytes] C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[14/10/2008 21:33 | --a------ | 95600 bytes] C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[29/06/2008 00:36 | --a------ | 144984 bytes] C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[27/04/2005 22:10 | --a------ | 102400 bytes] C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[29/06/2008 00:36 | --a------ | 8192 bytes] C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[29/06/2008 00:35 | --a------ | 94208 bytes] C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[25/03/2009 11:42 | --a------ | 114688 bytes] C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[16/09/2008 02:12 | --a------ | 297 bytes] C:\Program Files\Mozilla Firefox\plugins\nsIDivxPlayerPlugin.xpt
[07/08/2007 14:04 | --a--c--- | 1144 bytes] C:\Program Files\Mozilla Firefox\plugins\ShockwavePlugin.class
[30/03/2007 11:43 | --a------ | 149569 bytes] C:\Program Files\Mozilla Firefox\plugins\WMP Firefox Plugin License.rtf
[30/03/2007 11:43 | --a------ | 3352 bytes] C:\Program Files\Mozilla Firefox\plugins\WMP Firefox Plugin RelNotes.txt

----------\\ Analyse d'Internet Explorer

HKEY_CURRENT_USER\..\Internet Explorer,Start Page: https://www.google.com/?gws_rd=ssl
HKEY_CURRENT_USER\..\Internet Explorer,Search Page: https://www.google.com/?gws_rd=ssl
HKEY_CURRENT_USER\..\Internet Explorer,SearchAssistant: http://www.google.com/toolbar/ie8/sidebar.html
HKEY_LOCAL_MACHINE\..\Internet Explorer,Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\..\Internet Explorer,Start Page: https://www.msn.com/fr-fr/
HKEY_LOCAL_MACHINE\..\Internet Explorer,Default_Search_URL: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\..\Internet Explorer,CustomizeSearch: https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\..\Internet Explorer,SearchAssistant: https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm

----------\\ Browser Helper Object

BHO: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60},@SANS NOM=BitComet ClickCapture
BHO: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E},@SANS NOM=Google Dictionary Compression sdch
BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C},@SANS NOM=JQSIEStartDetectorImpl

----------\\ SearchScopes

[HKEY_USERS\S-1-5-21-1214440339-854245398-725345543-1004\..\SearchScopes],@DefaultScope={afdbddaa-5d3f-42ee-b79c-185a7020515b}
[HKEY_USERS\S-1-5-21-1214440339-854245398-725345543-1004\..\SearchScopes\{436D7E76-5267-4D8E-AB04-CC7EDFA4584C}],@DisplayName=P2P_Torrent Customized Web Search
[HKEY_USERS\S-1-5-21-1214440339-854245398-725345543-1004\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}],@DisplayName=DAEMON Search
[HKEY_USERS\S-1-5-21-1214440339-854245398-725345543-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=Yoog Search
[HKCU\..\SearchScopes],@DefaultScope={afdbddaa-5d3f-42ee-b79c-185a7020515b}
[HKCU\..\SearchScopes\{436D7E76-5267-4D8E-AB04-CC7EDFA4584C}],@DisplayName=P2P_Torrent Customized Web Search
[HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}],@DisplayName=DAEMON Search
[HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=Yoog Search

----------\\ Extensions

@xpsp3res.dll,-20001 : %windir%\Network Diagnostic\xpnetdiag.exe - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
Windows Messenger: C:\Program Files\Messenger\msmsgs.exe - {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}

+--------------- Fin à 10h 08min
0
Réponse 22 / 39
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
12 mai 2009 à 10:17
OK,

1/ Relance le logiciel LopS&D.

# Choisis l'option 3 pour supprimer l'infection.
# A la fin du nettoyage, un rapport LopR.txt apparait.

Tu posteras ce rapport dans le prochain message.

Note : Il se trouve également en C:\LopR.txt.

2/ Relance Yoog_Fix de Batch_Man

# choisis l'option 2 ( Suppression )
# Attend que la suppression se finisse.
# Ensuite appuis sur une touche, un rapport s'ouvre.

Poste-le dans ta prochaine réponse.

A+
0
Réponse 23 / 39
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 10:45
voici le rapport "lop" apres l'option 3

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : VIDEOCEAN 1 ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
C:\ (Local Disk) - NTFS - Total:76 Go (Free:8 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( 12/05/2009|10:24 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Once Dog Dupe Amok
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[10/09/2005|08:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[03/03/2009|11:25] C:\DOCUME~1\ADMINI~1.POS\APPLIC~1\Microsoft

[12/02/2009|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1A181
[01/04/2009|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/03/2007|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[11/07/2007|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds
[26/08/2007|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/02/2007|00:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/01/2008|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[03/03/2009|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[02/07/2007|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[30/03/2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem
[24/02/2007|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[10/09/2007|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
[13/03/2009|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[13/04/2009|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[25/04/2007|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ENJOY Plus!
[31/07/2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EscapeTheMuseum
[03/10/2007|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Exetender
[08/11/2008|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
[26/12/2007|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[02/08/2008|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
[02/01/2009|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
[05/08/2008|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[13/01/2009|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[11/05/2009|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[12/08/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HiddenSecretsNightmare
[21/03/2009|00:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[27/07/2008|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intenium
[12/08/2008|11:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[03/03/2009|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[07/07/2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[28/12/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[27/07/2008|02:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[11/05/2009|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[18/03/2007|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[12/09/2008|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Metacafe
[26/12/2007|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/03/2007|01:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[21/02/2007|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[21/02/2007|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[23/10/2008|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MythPeople
[25/05/2007|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9
[22/12/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[03/11/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NeptunesAdve
[27/06/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[06/07/2008|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[06/07/2008|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
[14/04/2009|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[22/04/2009|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayPond
[05/03/2009|22:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Playrix Entertainment
[21/06/2007|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PY_Software
[31/12/2008|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[07/01/2009|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RealArcade
[24/04/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Runic
[24/01/2009|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[08/02/2009|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
[18/03/2009|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[14/03/2009|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[30/07/2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
[02/10/2008|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/06/2007|10:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[12/05/2009|08:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[06/09/2007|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[19/08/2008|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[06/07/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
[12/10/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vso
[30/04/2009|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WebcamMax
[23/08/2006|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/11/2006|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/10/2008|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/04/2007|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[01/12/2007|16:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[26/07/2008|21:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[04/09/2007|00:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[06/01/2008|16:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[05/05/2008|03:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[10/09/2005|13:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[31/01/2008|20:10] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Adobe
[17/07/2006|16:28] C:\DOCUME~1\VIDEOC~1\APPLIC~1\AdobeAUM
[16/06/2007|16:58] C:\DOCUME~1\VIDEOC~1\APPLIC~1\AdobeUM
[11/03/2007|20:40] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Ahead
[27/02/2007|17:27] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Apple Computer
[04/10/2007|08:00] C:\DOCUME~1\VIDEOC~1\APPLIC~1\AVG7
[29/12/2008|21:13] C:\DOCUME~1\VIDEOC~1\APPLIC~1\AVS4YOU
[16/06/2007|12:20] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Beep Industries
[15/01/2008|02:55] C:\DOCUME~1\VIDEOC~1\APPLIC~1\BitTorrent
[29/10/2008|02:13] C:\DOCUME~1\VIDEOC~1\APPLIC~1\BloodTies
[04/05/2009|15:26] C:\DOCUME~1\VIDEOC~1\APPLIC~1\CamfrogWEB
[09/05/2009|14:14] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Canneverbe_Limited
[30/01/2008|00:33] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Cross+A
[13/03/2009|14:22] C:\DOCUME~1\VIDEOC~1\APPLIC~1\CyberLink
[09/05/2008|18:26] C:\DOCUME~1\VIDEOC~1\APPLIC~1\DAEMON Tools
[14/10/2008|23:34] C:\DOCUME~1\VIDEOC~1\APPLIC~1\DivX
[20/09/2007|00:56] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Druide
[13/03/2009|22:25] C:\DOCUME~1\VIDEOC~1\APPLIC~1\dvdcss
[11/02/2009|12:22] C:\DOCUME~1\VIDEOC~1\APPLIC~1\funkitron
[14/07/2007|14:30] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Gaijin Ent
[28/02/2009|13:38] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Gamelab
[19/10/2008|12:00] C:\DOCUME~1\VIDEOC~1\APPLIC~1\GamesCafe
[17/06/2007|13:49] C:\DOCUME~1\VIDEOC~1\APPLIC~1\G‚n‚atique2007
[14/07/2008|03:28] C:\DOCUME~1\VIDEOC~1\APPLIC~1\GetRightToGo
[07/01/2008|00:33] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Google
[02/09/2007|22:55] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Grammatica
[30/08/2007|01:58] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Greyfirst
[22/06/2007|11:28] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Help
[19/04/2009|09:56] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Identities
[17/11/2008|19:21] C:\DOCUME~1\VIDEOC~1\APPLIC~1\InfraRecorder
[22/03/2007|02:11] C:\DOCUME~1\VIDEOC~1\APPLIC~1\ItsLabel
[22/04/2007|14:51] C:\DOCUME~1\VIDEOC~1\APPLIC~1\iWin
[23/08/2007|20:14] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Jasc
[31/01/2009|21:12] C:\DOCUME~1\VIDEOC~1\APPLIC~1\JewelMatch2
[26/03/2007|19:18] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Leadertech
[10/05/2009|15:39] C:\DOCUME~1\VIDEOC~1\APPLIC~1\LimeWire
[11/04/2008|13:43] C:\DOCUME~1\VIDEOC~1\APPLIC~1\LogMeIn Rescue
[19/08/2006|16:57] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Macromedia
[28/12/2008|16:52] C:\DOCUME~1\VIDEOC~1\APPLIC~1\MAGIX
[11/05/2009|23:56] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Malwarebytes
[10/10/2007|21:23] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Media Player Classic
[15/07/2008|02:57] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Metacafe
[02/05/2008|12:49] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Microsoft
[05/04/2008|20:24] C:\DOCUME~1\VIDEOC~1\APPLIC~1\mIRC
[21/02/2007|20:48] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Motive
[31/08/2008|20:37] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Mozilla
[25/03/2007|17:09] C:\DOCUME~1\VIDEOC~1\APPLIC~1\MSNInstaller
[22/12/2007|11:41] C:\DOCUME~1\VIDEOC~1\APPLIC~1\NCH Swift Sound
[18/03/2008|23:00] C:\DOCUME~1\VIDEOC~1\APPLIC~1\ooVoo Details
[28/04/2009|11:53] C:\DOCUME~1\VIDEOC~1\APPLIC~1\OpenOffice.org2
[01/04/2008|21:31] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Opera
[25/07/2008|14:02] C:\DOCUME~1\VIDEOC~1\APPLIC~1\PC Tools
[07/04/2009|18:53] C:\DOCUME~1\VIDEOC~1\APPLIC~1\PlayFirst
[29/06/2008|00:39] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Real
[25/03/2007|04:57] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Screenshot Sender
[21/12/2008|12:29] C:\DOCUME~1\VIDEOC~1\APPLIC~1\SecondLife
[25/10/2008|19:31] C:\DOCUME~1\VIDEOC~1\APPLIC~1\SecuROM
[13/01/2009|22:25] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Skip-Bo
[11/05/2009|09:38] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Skype
[18/03/2009|11:25] C:\DOCUME~1\VIDEOC~1\APPLIC~1\skypePM
[18/04/2009|19:10] C:\DOCUME~1\VIDEOC~1\APPLIC~1\SpinTop Games
[12/05/2009|09:59] C:\DOCUME~1\VIDEOC~1\APPLIC~1\StarOffice8
[04/09/2008|01:33] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Studio-Scrap
[23/03/2007|09:34] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Sun
[10/09/2005|12:37] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Symantec
[05/06/2008|16:18] C:\DOCUME~1\VIDEOC~1\APPLIC~1\TaoUSign
[18/03/2008|22:42] C:\DOCUME~1\VIDEOC~1\APPLIC~1\teamspeak2
[24/03/2009|19:25] C:\DOCUME~1\VIDEOC~1\APPLIC~1\TeamViewer
[02/10/2008|22:58] C:\DOCUME~1\VIDEOC~1\APPLIC~1\TuneUp Software
[18/08/2008|19:48] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Ulead Systems
[19/06/2007|16:23] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Uniblue
[02/01/2009|23:03] C:\DOCUME~1\VIDEOC~1\APPLIC~1\ViquaSoft
[05/03/2009|03:47] C:\DOCUME~1\VIDEOC~1\APPLIC~1\vlc
[15/10/2008|10:07] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Vso
[30/04/2009|22:55] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Webcammax
[06/11/2007|10:30] C:\DOCUME~1\VIDEOC~1\APPLIC~1\XINEK
[20/04/2009|10:25] C:\DOCUME~1\VIDEOC~1\APPLIC~1\YoudaGames
[19/04/2009|09:56] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Zylom
[19/04/2009|09:57] C:\DOCUME~1\VIDEOC~1\APPLIC~1\Zylom DressUpRush

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/05/2009 08:08][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[12/05/2009 10:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[07/05/2009 23:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12/05/2009 08:07][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[25/02/2008|00:14] C:\Program Files\AbiSuite2
[01/04/2009|10:52] C:\Program Files\Adobe
[25/07/2008|02:22] C:\Program Files\Ahead
[06/04/2008|09:42] C:\Program Files\Alcohol Soft
[03/06/2007|09:18] C:\Program Files\Anuman Interactive
[04/09/2008|14:33] C:\Program Files\Apple Software Update
[13/08/2008|13:32] C:\Program Files\Audacity
[13/03/2007|13:37] C:\Program Files\AVI DivX MPEG to DVD Converter & Burner
[26/07/2008|02:09] C:\Program Files\Avira
[03/01/2009|17:12] C:\Program Files\AVS4YOU
[21/06/2007|12:37] C:\Program Files\Axis Communications
[28/12/2008|16:24] C:\Program Files\BitComet
[15/03/2009|17:20] C:\Program Files\BitComet Acceleration Patch
[25/10/2008|19:29] C:\Program Files\Boonty
[25/10/2008|19:30] C:\Program Files\BoontyGames
[22/12/2007|11:36] C:\Program Files\Brighter Child
[21/02/2007|20:02] C:\Program Files\BroadJump
[06/06/2008|08:43] C:\Program Files\BSD Concept
[25/02/2009|22:58] C:\Program Files\CA Yahoo! Anti-Spy
[15/01/2008|02:26] C:\Program Files\CCleaner
[09/05/2009|14:12] C:\Program Files\CDBurnerXP
[28/12/2008|03:02] C:\Program Files\City Interactive
[07/11/2008|19:58] C:\Program Files\Club-Internet
[24/05/2008|22:01] C:\Program Files\Codemasters
[05/11/2007|22:18] C:\Program Files\CoffeeCup Software
[06/09/2007|21:15] C:\Program Files\Common Files
[09/09/2005|18:53] C:\Program Files\ComPlus Applications
[06/04/2008|09:45] C:\Program Files\Conduit
[30/01/2008|00:33] C:\Program Files\CrossAFr
[14/03/2009|10:41] C:\Program Files\CyberLink
[10/05/2008|10:31] C:\Program Files\DAEMON Tools
[10/05/2008|10:31] C:\Program Files\DAEMON Tools Lite
[10/09/2005|13:55] C:\Program Files\Data-Concept
[05/03/2009|00:16] C:\Program Files\DivX
[13/08/2007|22:02] C:\Program Files\D-Tools
[05/07/2008|13:57] C:\Program Files\DVDVideoSoft
[14/01/2009|21:45] C:\Program Files\EA GAMES
[18/03/2009|16:48] C:\Program Files\Fichiers communs
[12/05/2009|07:57] C:\Program Files\FLVKnife
[06/05/2008|08:25] C:\Program Files\free-downloads.net
[17/06/2007|13:45] C:\Program Files\Geneatique2007
[08/02/2009|01:32] C:\Program Files\Google
[04/09/2007|00:54] C:\Program Files\Grisoft
[06/06/2008|08:51] C:\Program Files\Heredis 8
[03/02/2008|11:48] C:\Program Files\inKline Global
[29/04/2009|22:34] C:\Program Files\InstallShield Installation Information
[22/04/2009|21:53] C:\Program Files\Internet Explorer
[17/12/2007|03:11] C:\Program Files\iPass
[17/01/2008|15:45] C:\Program Files\iPod
[17/01/2008|15:45] C:\Program Files\iTunes
[23/08/2007|20:12] C:\Program Files\Jasc Software Inc
[03/04/2009|08:55] C:\Program Files\Java
[04/07/2008|17:32] C:\Program Files\KC Softwares
[20/03/2009|11:22] C:\Program Files\K-Lite Codec Pack
[11/03/2007|14:34] C:\Program Files\LAventure
[14/04/2009|00:11] C:\Program Files\LimeWire
[28/02/2007|14:18] C:\Program Files\Livre Album Fuji Photo
[21/06/2007|14:27] C:\Program Files\Logitech
[07/07/2008|19:31] C:\Program Files\ma-config.com
[26/03/2007|19:39] C:\Program Files\Macrogaming
[25/01/2009|12:49] C:\Program Files\Mafia
[28/12/2008|20:54] C:\Program Files\MAGIX
[10/10/2007|20:50] C:\Program Files\Ma‹do Production
[11/05/2009|23:56] C:\Program Files\Malwarebytes' Anti-Malware
[23/04/2009|06:21] C:\Program Files\Messenger
[19/01/2009|19:11] C:\Program Files\Messenger Plus! Live
[25/03/2007|17:05] C:\Program Files\MessengerPlus! 3
[30/06/2008|08:21] C:\Program Files\Metacafe
[29/04/2009|22:34] C:\Program Files\Micro Application
[10/05/2007|03:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[09/09/2005|18:56] C:\Program Files\microsoft frontpage
[23/08/2007|13:28] C:\Program Files\Microsoft Office
[19/03/2009|07:33] C:\Program Files\Microsoft SQL Server
[03/05/2008|17:48] C:\Program Files\Microsoft SQL Server Compact Edition
[01/03/2007|01:39] C:\Program Files\Microsoft Visual Studio 8
[01/03/2007|01:49] C:\Program Files\Microsoft.NET
[23/11/2007|09:07] C:\Program Files\Motive(2)
[12/09/2008|22:17] C:\Program Files\Motive(3)
[22/04/2009|21:53] C:\Program Files\Movie Maker
[12/05/2009|10:09] C:\Program Files\Mozilla Firefox
[10/10/2007|21:21] C:\Program Files\MpcStar
[10/09/2005|12:21] C:\Program Files\MSI
[25/03/2007|17:08] C:\Program Files\MSN
[09/09/2005|18:52] C:\Program Files\MSN Gaming Zone
[03/07/2007|16:54] C:\Program Files\MSXML 4.0
[28/03/2007|03:05] C:\Program Files\MSXML 6.0
[22/12/2007|11:41] C:\Program Files\NCH Swift Sound
[22/04/2009|21:21] C:\Program Files\NetMeeting
[27/01/2008|22:40] C:\Program Files\Netscape
[27/04/2009|16:47] C:\Program Files\Oberon Media
[09/09/2005|18:52] C:\Program Files\Online Services
[18/07/2008|02:32] C:\Program Files\Ontrack
[28/04/2009|19:32] C:\Program Files\ooVoo
[04/06/2008|15:38] C:\Program Files\OpenOffice.org 2.4
[02/08/2008|10:26] C:\Program Files\orange
[22/04/2009|21:21] C:\Program Files\Outlook Express
[25/07/2008|02:59] C:\Program Files\Panda Security
[25/02/2009|22:58] C:\Program Files\Phototool
[28/09/2008|06:17] C:\Program Files\Picasa2
[18/06/2007|09:35] C:\Program Files\Protectis
[17/06/2007|13:45] C:\Program Files\ProtectisModeles
[10/06/2008|13:13] C:\Program Files\Publication Web
[25/02/2009|23:00] C:\Program Files\QuickTime
[29/06/2008|00:35] C:\Program Files\Real
[25/05/2007|21:39] C:\Program Files\ReflexiveArcade
[14/07/2008|03:36] C:\Program Files\Replay Converter
[11/05/2009|09:38] C:\Program Files\Savescreen
[25/12/2008|04:13] C:\Program Files\SecondLife
[09/09/2005|18:54] C:\Program Files\Services en ligne
[26/03/2007|22:22] C:\Program Files\Setup Files
[08/02/2009|23:49] C:\Program Files\SFR
[19/08/2007|14:11] C:\Program Files\Siber Systems
[18/03/2009|16:49] C:\Program Files\Skype
[10/05/2008|10:42] C:\Program Files\SlySoft
[29/12/2008|23:08] C:\Program Files\SmartSound Software
[14/08/2007|14:53] C:\Program Files\solarus
[14/04/2009|00:11] C:\Program Files\SpeedFan
[11/05/2009|11:37] C:\Program Files\Spyware Doctor
[25/02/2009|22:58] C:\Program Files\Steam
[20/11/2008|18:20] C:\Program Files\Strategy First
[25/07/2008|14:43] C:\Program Files\Sun
[22/03/2009|11:33] C:\Program Files\TeamViewer
[04/03/2009|19:46] C:\Program Files\Toox
[11/05/2009|23:18] C:\Program Files\toox.com
[17/06/2007|13:46] C:\Program Files\Tracker Software
[11/05/2009|22:37] C:\Program Files\trend micro
[12/04/2009|21:16] C:\Program Files\Trillian
[14/01/2009|22:45] C:\Program Files\Ubi Soft
[14/01/2009|22:33] C:\Program Files\Ubisoft
[18/08/2008|19:45] C:\Program Files\Ulead Systems
[09/09/2005|19:04] C:\Program Files\Uninstall Information
[27/03/2007|00:03] C:\Program Files\VIAudioi
[28/02/2007|11:40] C:\Program Files\VideoLAN
[30/10/2007|02:07] C:\Program Files\Virtools
[05/11/2007|22:24] C:\Program Files\Visicom Media
[15/10/2008|10:07] C:\Program Files\VSO
[05/05/2008|19:57] C:\Program Files\Windows Live
[03/05/2008|17:50] C:\Program Files\Windows Live Favorites
[03/05/2008|17:51] C:\Program Files\Windows Live Toolbar
[28/06/2007|10:00] C:\Program Files\Windows Media Components
[27/02/2007|19:46] C:\Program Files\Windows Media Connect 2
[22/04/2009|21:21] C:\Program Files\Windows Media Player
[22/04/2009|21:21] C:\Program Files\Windows NT
[09/09/2005|18:54] C:\Program Files\WindowsUpdate
[29/06/2007|13:37] C:\Program Files\WinRAR
[09/09/2005|18:56] C:\Program Files\xerox
[11/03/2007|16:15] C:\Program Files\Xilisoft
[14/04/2009|00:11] C:\Program Files\Yahoo!
[11/06/2007|10:37] C:\Program Files\yWriter2
[27/07/2008|02:49] C:\Program Files\Zone Labs
[20/04/2009|10:07] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[01/04/2009|10:56] C:\Program Files\Fichiers communs\Adobe
[12/05/2009|10:08] C:\Program Files\Fichiers communs\Akamai
[26/08/2007|11:02] C:\Program Files\Fichiers communs\Apple
[03/01/2009|17:12] C:\Program Files\Fichiers communs\AVSMedia
[24/02/2007|18:29] C:\Program Files\Fichiers communs\BOONTY Shared
[13/03/2009|14:12] C:\Program Files\Fichiers communs\CyberLink
[09/09/2007|17:43] C:\Program Files\Fichiers communs\Designer
[11/05/2008|07:49] C:\Program Files\Fichiers communs\DirectX
[05/07/2008|13:57] C:\Program Files\Fichiers communs\DVDVideoSoft
[20/07/2007|17:27] C:\Program Files\Fichiers communs\GTK
[31/03/2006|17:33] C:\Program Files\Fichiers communs\InstallShield
[23/03/2007|09:33] C:\Program Files\Fichiers communs\Java
[21/06/2007|14:26] C:\Program Files\Fichiers communs\Labtec
[28/12/2008|16:47] C:\Program Files\Fichiers communs\MAGIX Shared
[06/03/2009|09:55] C:\Program Files\Fichiers communs\Microsoft Shared
[21/02/2007|20:06] C:\Program Files\Fichiers communs\Motive
[09/09/2005|18:54] C:\Program Files\Fichiers communs\MSSoap
[10/03/2007|22:00] C:\Program Files\Fichiers communs\Nero
[02/08/2008|10:26] C:\Program Files\Fichiers communs\Oberon Media
[09/09/2005|20:41] C:\Program Files\Fichiers communs\ODBC
[29/06/2008|00:36] C:\Program Files\Fichiers communs\Real
[01/05/2008|20:58] C:\Program Files\Fichiers communs\Scanner
[09/09/2005|20:41] C:\Program Files\Fichiers communs\SpeechEngines
[16/07/2008|00:51] C:\Program Files\Fichiers communs\SWF Studio
[19/06/2007|10:51] C:\Program Files\Fichiers communs\Symantec Shared
[22/04/2009|21:21] C:\Program Files\Fichiers communs\System
[20/12/2007|14:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[29/06/2008|00:36] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 45 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-12 10:33:02
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 46

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\sCcbJRqr.ini
C:\WINDOWS\system32\sCcbJRqr.ini2
[b]==> VUNDO <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\VIDEOC~1\Favoris\Jeux Cherche Recherche de crack fr hospital tycoon.url


[F:15][D:4]-> C:\DOCUME~1\VIDEOC~1\LOCALS~1\Temp
[F:1][D:0]-> C:\DOCUME~1\VIDEOC~1\Cookies
[F:6][D:4]-> C:\DOCUME~1\VIDEOC~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 12/05/2009| 9:58 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 12/05/2009|10:41 - Option : [3]

--------------------\\ Fin du rapport a 10:41:14
0
Réponse 24 / 39
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 11:00
et pour yoog-fix en option 2 ... il se ferme seul sans avoir donné de rapport :(
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 39
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
12 mai 2009 à 11:43
Ouvre le poste de travail.
Il y a un rapport en C:\Yoog_Fix.txt
poste-le.

On va voir si l'outil a généré ou pas un rapport.
Sinon, il faudra faire le nettoyage manuellement.

A+
0
Réponse 26 / 39
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 11:48
voila dans poste de travail il y avait effectivement un rapport ;)


Yoog_Fix 2.02 de Batch_Man
Debut a 10:55 le 12/05/2009
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
Internet Explorer 6.0.2900.5512
Mozilla Firefox 3.0.10 (fr)
Avira GmbH 8.0.1.30 (Activated)
Check Point, LTD. 7.0.483.000 (Activated)

C:\ [Fixed] - NTFS - (Total:78152 Mo/Free:897 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

Option 1 [2] Suppression

+---------------\\ Suppression


----------\\ Suppression dans de fichiers


----------\\ Suppression dans prefs.js et user.js


----------\\ Suppression dans le registre


----------\\ Fichiers temporaires
0
Réponse 27 / 39
loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
12 mai 2009 à 13:02
;)
0
Réponse 28 / 39
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
12 mai 2009 à 13:13
Télécharge AD-Remover sur ton bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

Tu te déconnectes du net et ferme toutes les applications en cours.

* Double-clique sur AD-R.exe et installe-le.
* Double-clique sur le raccourci crée sur le bureau.
* Au menu principal, choisis l'option "A" pour effectuer une recherche les traces de certains logiciels installés sur ton PC.

Un rapport Va apparaitre. Poste le contenu dans ton prochain message.

A+
0
Réponse 29 / 39
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 14:14
voila le rapport "ad remover"...


------- LOGFILE OF AD-REMOVER 1.1.3.7 | ONLY XP/VISTA -------

Updated by C_XX on 11/05/2009 at 16:00
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

Start at: 13:20:05, 12/05/2009 | Boot mode: Normal Boot
Option: Scan | Executed from: C:\Program Files\Ad-remover\
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: POSTE1
Current User: VIDEOCEAN 1 - Administrator
Drive(s):
- C:\ (File System: NTFS)

(!) ---- C:\Documents and Settings\Administrateur\Ntuser.dat Loaded as: 'HKU\Administrateur'
(!) ---- C:\Documents and Settings\Administrateur.POSTE1\Ntuser.dat Loaded as: 'HKU\Administrateur.POSTE1'

============ Known Adwares Found ============

.
HKCR\SearchSettings.BHO
HKCR\SearchSettings.BHO.1
HKCU\Software\AppDataLow\HavingFunOnline
HKLM\Software\Classes\SearchSettings.BHO
HKLM\Software\Classes\SearchSettings.BHO.1
HKLM\Software\Conduit
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
HKCR\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}
HKLM\Software\Classes\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}
HKCR\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
HKCR\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
HKCR\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
.
C:\Program Files\Conduit
C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\EBSuggestHistory
C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\searchplugins\conduit.xml
C:\WINDOWS\Prefetch\AU_.EXE-33BD152C.pf

+-----------------| Eorezo Elements Found:

HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\Software\EoRezo
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
.

+-----------------| It's TV Elements Found:

HKCU\Software\ItsLabel
HKLM\Software\ItsLabel
HKU\S-1-5-21-1214440339-854245398-725345543-1004\Software\ItsLabel
.
C:\Documents and Settings\VIDEOCEAN 1\Application Data\ItsLabel

+-----------------| Sweetim Elements Found:

HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\Program Files\Macrogaming

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: zh7uz1hs.default (VIDEOCEAN 1)
.
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://msn.fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10");
.
(Prefs.js) Found: user_pref("CT1098640.CTPBaseServerUrl", "hxxp://services.conduit.com/");
(Prefs.js) Found: user_pref("CT1098640.Server", "hxxp://users.conduit.com");
(Prefs.js) Found: user_pref("CT1638723.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
(Prefs.js) Found: user_pref("CT1638723.CTPBaseServerUrl", "hxxp://grouping.services.conduit.com/");
(Prefs.js) Found: user_pref("CT1638723.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1638723&SearchSource=2&q=");
(Prefs.js) Found: user_pref("CT1638723.Server", "hxxp://users.conduit.com");

---- Internet Explorer Version 6.0.2900.5512 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start Page: hxxp://google.com/

[HKEY_USERS\S-1-5-21-1214440339-854245398-725345543-1004\..\Internet Explorer\Main]

Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start Page: hxxp://google.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

=========== Suspicious ==========

C:\Documents and Settings\VIDEOCEAN 1\.housecall6.6\patch.exe
[218736 Byte(s)|--a------|26/05/2008 09:46|HashMD5: b9a80ba0083fb8196f8ca0bef053ea4e |CRC32: 12c79c8b]


+---------------------------------------------------------------------------+

4883 Byte(s) - C:\Ad-Report-Scan-12.05.2009.log

1 File(s) - C:\Program Files\Ad-remover\BACKUP
0 File(s) - C:\Program Files\Ad-remover\QUARANTINE

End at: 14:05:45 | 12/05/2009
.
+-----------------| E.O.F
.
0
Réponse 30 / 39
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
12 mai 2009 à 16:51
1/ Relance AD-Remover.

# Tu choisis l'option B ( Clean ).
# Sur la fenêtre qui s'ouvre, tape 1 pour supprimer les Known Adwares Found

Après nettoyage, un rapport va s'ouvrir.

2/ Recommence cette manip de nettoyage en choisissant les options :
- 2 pour EoRezo
- 3 pour IT's TV
- 4 POUR SweetIM

Puis poste le dernier rapport qui s'ouvrira.

A+
0
Réponse 31 / 39
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 17:55
voici le rapport ad-remover après suppression:



------- LOGFILE OF AD-REMOVER 1.1.3.7 | ONLY XP/VISTA -------

Updated by C_XX on 11/05/2009 at 16:00
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

**** LIMITED TO ****

Known Adwares
Eorezo
It's TV
Sweetim

********************

Start at: 17:02:13, 12/05/2009 | Boot mode: Normal Boot
Option: Clean | Executed from: C:\Program Files\Ad-remover\
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: POSTE1
Current User: VIDEOCEAN 1 - Administrator
Drive(s):
- C:\ (File System: NTFS)

(!) ---- C:\Documents and Settings\Administrateur\Ntuser.dat Loaded as: 'HKU\Administrateur'
(!) ---- C:\Documents and Settings\Administrateur.POSTE1\Ntuser.dat Loaded as: 'HKU\Administrateur.POSTE1'

(!) ---- IE start pages/Tabs reset

============ Known Adwares Deleted ============

.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
HKCR\SearchSettings.BHO
HKCR\SearchSettings.BHO.1
HKCU\Software\AppDataLow\HavingFunOnline
HKLM\Software\Conduit
HKCR\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}
HKCR\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
HKCR\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
HKCR\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
.
C:\Program Files\Conduit
C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\EBSuggestHistory
C:\Documents and Settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\searchplugins\conduit.xml
C:\WINDOWS\Prefetch\AU_.EXE-33BD152C.pf

+-----------------| Eorezo Elements Deleted :

HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\Software\EoRezo
.

+-----------------| It's TV Elements Deleted :

HKCU\Software\ItsLabel
HKLM\Software\ItsLabel
.
C:\Documents and Settings\VIDEOCEAN 1\Application Data\ItsLabel

+-----------------| Sweetim Elements Deleted :

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCU\Software\SWEETIE
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\Program Files\Macrogaming

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.



+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: zh7uz1hs.default (VIDEOCEAN 1)
.
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://msn.fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10");
.
(Prefs.js) Removed: user_pref("CT1098640.CTPBaseServerUrl", "hxxp://services.conduit.com/");
(Prefs.js) Removed: user_pref("CT1098640.Server", "hxxp://users.conduit.com");
(Prefs.js) Removed: user_pref("CT1638723.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
(Prefs.js) Removed: user_pref("CT1638723.CTPBaseServerUrl", "hxxp://grouping.services.conduit.com/");
(Prefs.js) Removed: user_pref("CT1638723.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1638723&SearchSource=2&q=");
(Prefs.js) Removed: user_pref("CT1638723.Server", "hxxp://users.conduit.com");

---- Internet Explorer Version 6.0.2900.5512 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_USERS\S-1-5-21-1214440339-854245398-725345543-1004\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

=========== Suspicious ==========

C:\Documents and Settings\VIDEOCEAN 1\.housecall6.6\patch.exe
[218736 Byte(s)|--a------|26/05/2008 09:46|HashMD5: b9a80ba0083fb8196f8ca0bef053ea4e |CRC32: 12c79c8b]


+---------------------------------------------------------------------------+

5013 Byte(s) - C:\Ad-Report-Clean-12.05.2009.log
5100 Byte(s) - C:\Ad-Report-Scan-12.05.2009.log

20 File(s) - C:\Program Files\Ad-remover\BACKUP
2 File(s) - C:\Program Files\Ad-remover\QUARANTINE

End at: 17:49:20 | 12/05/2009
.
+-----------------| E.O.F
.
0
Réponse 32 / 39
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
12 mai 2009 à 18:03
OK,

Ton PC commence à être plus propre.
Il ne reste plus que quelques fichiers infectieux.

1/ Lance Hijackthis et tu choisis " Do a system scan only ".
Tu sélectionnes les lignes suivantes :

R3 - URLSearchHook: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoo1.dll (file missing)
O3 - Toolbar: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoo1.dll (file missing)

Tu choisis l'option " Fixchecked" en bas de la page.

2/ As-tu besoin de toutes ces barres d'outil ? Google TooBar, mediaco, Windows live ToolBar.
Tu peux si tu le désires en enlever certaines dans le panneau de configuration --> Ajout/supp de programmes.

3/ Il reste un outil à passer car il y a encore des fichiers d'une infection Vundo.
C'est un outil puissant que je ne te conseille pas d'utiliser sans l'aide d'un helper.

Tu vas télécharger ComBoFix et enregistre le sur ton bureau ( important pour la suite )
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

# Désactive les protections résidentes de ton ordinateur ( antivirus, antispyware et parefeu )
# Branche tes différents supports amovibles ( clés USB, disque dur externe ) sans les ouvrir.

# Lance Combofix.exe et suis les invites.
# Il te sera demandé d’installer la console de récupération.
Important. Fais le absolument.

Il est possible que ComBoFix redémarre l’ordinateur pour supprimer certains fichiers.

# Une fois le scan fini, un rapport va apparaitre.

Copie/colle ce rapport dans ta prochaine réponse.

Note : Si tu ne le trouves pas, il est à C:\ComboFix.txt.

A+
0
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 19:31
Voici le Rapport de ComboFix

ComboFix 09-05-11.08 - VIDEOCEAN 1 12/05/2009 18:58.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.473 [GMT 2:00]
Lancé depuis: c:\documents and settings\VIDEOCEAN 1\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
FW: ZoneAlarm Firewall *enabled*
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\VIDEOCEAN 1\Application Data\inst.exe
c:\program files\Mozilla Firefox\components\ctkwemfrfw.dll
c:\windows\Downloaded Program Files\x64
c:\windows\Downloaded Program Files\x64\racodec.ax
c:\windows\Downloaded Program Files\x86
c:\windows\Downloaded Program Files\x86\racodec.ax
c:\windows\patch.exe
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\sCcbJRqr.ini
c:\windows\system32\sCcbJRqr.ini2

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_NPF
-------\Legacy_OREANS32
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2009-04-12 au 2009-05-12 ))))))))))))))))))))))))))))))))))))
.

2009-05-12 11:18 . 2009-05-12 15:49 -------- d-----w c:\program files\Ad-remover
2009-05-12 08:06 . 2009-05-12 08:56 -------- dc----w C:\Yoog_Fix
2009-05-12 07:39 . 2009-05-12 08:41 -------- dc----w C:\Lop SD
2009-05-11 21:56 . 2009-05-11 21:56 -------- d-----w c:\documents and settings\VIDEOCEAN 1\Application Data\Malwarebytes
2009-05-11 21:56 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-11 21:56 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-11 21:56 . 2009-05-11 21:56 -------- dc----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-11 21:56 . 2009-05-11 21:56 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-11 21:17 . 2009-05-11 21:17 -------- dc----w C:\_OTMoveIt
2009-05-11 20:36 . 2009-05-11 20:37 -------- d-----w c:\program files\trend micro
2009-05-11 20:36 . 2009-05-11 20:37 -------- dc----w C:\rsit
2009-05-11 19:27 . 2009-05-11 19:52 -------- dc----w C:\ToolBar SD
2009-05-09 12:14 . 2009-05-09 12:14 -------- d-----w c:\documents and settings\VIDEOCEAN 1\Application Data\Canneverbe_Limited
2009-05-09 12:12 . 2009-05-09 12:12 -------- d-----w c:\program files\CDBurnerXP
2009-04-30 20:55 . 2009-04-30 20:58 -------- dc----w c:\documents and settings\All Users\Application Data\WebcamMax
2009-04-29 20:34 . 2009-04-29 20:34 -------- d-----w c:\program files\Micro Application
2009-04-28 19:48 . 2009-04-30 20:55 -------- d-----w c:\documents and settings\VIDEOCEAN 1\Application Data\Webcammax
2009-04-28 19:46 . 2008-03-11 13:14 941784 ----a-w c:\windows\system32\drivers\CAMTHWDM.sys
2009-04-28 17:31 . 2009-04-28 17:32 -------- d-----w c:\program files\ooVoo
2009-04-28 14:04 . 2009-04-28 14:04 -------- d-----w c:\documents and settings\VIDEOCEAN 1\Local Settings\Application Data\Oberon Media
2009-04-22 22:30 . 2009-04-22 22:30 -------- d-s---w c:\documents and settings\VIDEOCEAN 1\Historique
2009-04-22 22:30 . 2009-04-22 22:30 -------- d-s---w c:\documents and settings\VIDEOCEAN 1\Temporary Internet Files
2009-04-22 20:31 . 2008-06-14 17:33 272768 -c----w c:\windows\system32\dllcache\bthport.sys
2009-04-22 20:29 . 2008-05-08 14:02 203136 -c----w c:\windows\system32\dllcache\rmcast.sys
2009-04-22 20:29 . 2008-10-24 11:21 455296 -c----w c:\windows\system32\dllcache\mrxsmb.sys
2009-04-22 20:29 . 2008-12-11 10:57 333952 -c----w c:\windows\system32\dllcache\srv.sys
2009-04-22 20:28 . 2008-04-11 19:05 691712 -c----w c:\windows\system32\dllcache\inetcomm.dll
2009-04-22 20:24 . 2008-10-15 16:35 337408 -c----w c:\windows\system32\dllcache\netapi32.dll
2009-04-22 19:53 . 2009-04-22 19:53 -------- d-----w c:\windows\system32\fr-fr
2009-04-22 19:53 . 2009-04-22 19:53 -------- d-----w c:\windows\l2schemas
2009-04-22 19:53 . 2009-04-22 19:53 -------- d-----w c:\windows\system32\fr
2009-04-22 19:53 . 2009-04-22 19:53 -------- d-----w c:\windows\system32\bits
2009-04-22 19:22 . 2009-04-22 19:57 -------- d-----w c:\windows\ServicePackFiles
2009-04-22 18:56 . 2009-04-22 18:56 -------- d-----w c:\windows\EHome
2009-04-22 07:58 . 2009-04-22 07:58 -------- dc----w c:\documents and settings\All Users\Application Data\PlayPond
2009-04-20 09:36 . 2009-04-20 09:36 -------- d-----w c:\windows\Youda Farmer
2009-04-20 08:25 . 2009-04-20 08:25 -------- d-----w c:\documents and settings\VIDEOCEAN 1\Application Data\YoudaGames
2009-04-20 08:23 . 2009-04-27 14:47 -------- d-----w c:\program files\Oberon Media
2009-04-20 07:58 . 2009-04-20 07:58 -------- d-----w c:\windows\system32\Adobe
2009-04-19 07:56 . 2009-04-19 07:57 -------- d-----w c:\documents and settings\VIDEOCEAN 1\Application Data\Zylom DressUpRush
2009-04-15 20:22 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-13 22:12 . 2009-04-13 22:12 -------- dc----w C:\DVDVideoSoft

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-12 17:12 . 2008-07-27 00:57 54208544 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-05-12 17:09 . 2008-06-30 06:22 -------- d-----w c:\program files\Fichiers communs\Akamai
2009-05-12 17:09 . 2008-09-05 17:18 13608485 ----a-w c:\windows\Internet Logs\tvDebug.zip
2009-05-12 17:06 . 2008-07-27 00:57 636284 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-05-12 12:50 . 2008-07-25 12:02 -------- d-----w c:\program files\Spyware Doctor
2009-05-12 05:57 . 2008-07-15 22:51 -------- d-----w c:\program files\FLVKnife
2009-05-11 12:24 . 2004-08-05 12:00 528728 ----a-w c:\windows\system32\perfh00C.dat
2009-05-11 12:24 . 2004-08-05 12:00 100578 ----a-w c:\windows\system32\perfc00C.dat
2009-05-11 07:38 . 2008-01-29 21:25 -------- d-----w c:\program files\Savescreen
2009-04-29 20:34 . 2005-09-13 18:15 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-28 07:43 . 2007-02-26 17:38 115112 ----a-w c:\documents and settings\VIDEOCEAN 1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-23 21:31 . 2009-04-23 21:32 2449408 ----a-w c:\windows\Internet Logs\xDB21.tmp
2009-04-23 04:29 . 2009-04-23 04:31 3386368 ----a-w c:\windows\Internet Logs\xDB20.tmp
2009-04-22 20:10 . 2005-09-09 16:55 76507 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-20 08:07 . 2009-04-07 16:52 -------- d-----w c:\program files\Zylom Games
2009-04-13 22:11 . 2007-11-16 11:36 -------- d-----w c:\program files\LimeWire
2009-04-13 22:11 . 2006-07-17 14:26 -------- d-----w c:\program files\Yahoo!
2009-04-13 22:11 . 2008-11-26 11:35 -------- d-----w c:\program files\SpeedFan
2009-04-12 19:16 . 2008-04-05 18:21 -------- d-----w c:\program files\Trillian
2009-04-03 23:15 . 2009-04-03 23:19 2354176 ----a-w c:\windows\Internet Logs\xDB1F.tmp
2009-04-03 06:55 . 2006-03-31 15:33 -------- d-----w c:\program files\Java
2009-04-01 08:56 . 2006-07-17 14:17 -------- d-----w c:\program files\Fichiers communs\Adobe
2009-03-22 09:33 . 2009-03-18 18:48 -------- d-----w c:\program files\TeamViewer
2009-03-20 09:22 . 2009-03-04 22:17 -------- d-----w c:\program files\K-Lite Codec Pack
2009-03-19 05:41 . 2009-03-19 05:43 9406976 ----a-w c:\windows\Internet Logs\xDB1D.tmp
2009-03-19 05:41 . 2009-03-19 05:43 2290176 ----a-w c:\windows\Internet Logs\xDB1E.tmp
2009-03-19 05:33 . 2007-02-28 23:46 -------- d-----w c:\program files\Microsoft SQL Server
2009-03-18 14:49 . 2007-05-18 18:49 -------- d-----r c:\program files\Skype
2009-03-15 15:20 . 2009-03-15 02:27 -------- d-----w c:\program files\BitComet Acceleration Patch
2009-03-14 08:41 . 2007-02-27 20:45 -------- d-----w c:\program files\CyberLink
2009-03-13 12:07 . 2003-03-18 19:14 505128 ----a-w c:\windows\system32\msvcp71.dll
2009-03-13 12:07 . 2003-02-21 03:42 353576 ----a-w c:\windows\system32\msvcr71.dll
2009-03-09 03:19 . 2009-03-19 01:41 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 14:20 . 2004-08-05 12:00 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-06 00:03 . 2009-03-06 00:05 2215424 ----a-w c:\windows\Internet Logs\xDB1C.tmp
2009-03-04 07:01 . 2009-03-04 07:03 2178560 ----a-w c:\windows\Internet Logs\xDB1B.tmp
2009-03-03 09:21 . 2009-03-03 09:21 0 ----a-w c:\documents and settings\VIDEOCEAN 1\ntuser.tmp
2009-03-03 09:21 . 2009-03-03 10:31 2183680 ----a-w c:\windows\Internet Logs\xDB1A.tmp
2009-02-27 08:40 . 2009-02-27 08:42 2166272 ----a-w c:\windows\Internet Logs\xDB19.tmp
2009-02-25 10:44 . 2009-02-25 10:45 2152960 ----a-w c:\windows\Internet Logs\xDB18.tmp
2009-02-25 07:02 . 2009-02-25 07:04 2171392 ----a-w c:\windows\Internet Logs\xDB17.tmp
2009-02-20 09:24 . 2009-02-20 09:26 2151424 ----a-w c:\windows\Internet Logs\xDB16.tmp
2009-02-20 08:10 . 2004-08-05 12:00 670208 ----a-w c:\windows\system32\wininet.dll
2009-02-20 08:10 . 2004-08-05 12:00 81920 ----a-w c:\windows\system32\ieencode.dll
2009-02-18 07:01 . 2009-02-18 07:03 2150912 ----a-w c:\windows\Internet Logs\xDB15.tmp
2009-02-13 09:16 . 2009-02-13 09:19 2185728 ----a-w c:\windows\Internet Logs\xDB14.tmp
2008-07-30 17:25 . 2008-07-30 17:25 0 -c--a-w c:\program files\temp01
2007-05-01 08:35 . 2007-05-01 08:35 774144 -c--a-w c:\program files\RngInterstitial.dll
2008-05-10 08:36 . 2008-05-10 08:31 24 -csha-w c:\windows\S42E87F54.tmp
2007-10-01 21:45 . 2007-10-01 21:45 2098 -csha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-27 68856]
"Neuf Media Center"="c:\program files\SFR\Media Center\MediaCenter.exe" [2008-10-10 726336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-10-30 1168264]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-01-10 5513216]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleStartMenu"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Metacafe.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Metacafe.lnk
backup=c:\windows\pss\Metacafe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^VIDEOCEAN 1^Menu Démarrer^Programmes^Démarrage^Groom Agent.lnk]
path=c:\documents and settings\VIDEOCEAN 1\Menu Démarrer\Programmes\Démarrage\Groom Agent.lnk
backup=c:\windows\pss\Groom Agent.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^VIDEOCEAN 1^Menu Démarrer^Programmes^Démarrage^Metacafe.lnk]
path=c:\documents and settings\VIDEOCEAN 1\Menu Démarrer\Programmes\Démarrage\Metacafe.lnk
backup=c:\windows\pss\Metacafe.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^VIDEOCEAN 1^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\VIDEOCEAN 1\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"usnjsvc"=3 (0x3)
"SysmonLog"=3 (0x3)
"ShellHWDetection"=2 (0x2)
"SharedAccess"=2 (0x2)
"Schedule"=2 (0x2)
"maconfservice"=3 (0x3)
"lanmanworkstation"=2 (0x2)
"gusvc"=2 (0x2)
"GoogleDesktopManager-022208-143751"=3 (0x3)
"Boonty Games"=3 (0x3)
"AppMgmt"=3 (0x3)
"Apple Mobile Device"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector\\PDR.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\SFR\Media Center\httpd\httpd.exe"= c:\program files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14402:TCP"= 14402:TCP:BitComet 14402 TCP
"14402:UDP"= 14402:UDP:BitComet 14402 UDP
"9420:TCP"= 9420:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
"1048:TCP"= 1048:TCP:Akamai NetSession Interface
"1787:TCP"= 1787:TCP:Akamai NetSession Interface
"1185:TCP"= 1185:TCP:Akamai NetSession Interface
"4160:TCP"= 4160:TCP:Akamai NetSession Interface
"1561:TCP"= 1561:TCP:Akamai NetSession Interface
"2096:TCP"= 2096:TCP:Akamai NetSession Interface
"3183:TCP"= 3183:TCP:Akamai NetSession Interface
"3535:TCP"= 3535:TCP:Akamai NetSession Interface
"4503:TCP"= 4503:TCP:Akamai NetSession Interface
"1194:TCP"= 1194:TCP:Akamai NetSession Interface
"2046:TCP"= 2046:TCP:Akamai NetSession Interface
"3504:TCP"= 3504:TCP:Akamai NetSession Interface
"1557:TCP"= 1557:TCP:Akamai NetSession Interface
"2816:TCP"= 2816:TCP:Akamai NetSession Interface
"1152:TCP"= 1152:TCP:Akamai NetSession Interface
"3396:TCP"= 3396:TCP:Akamai NetSession Interface
"1578:TCP"= 1578:TCP:Akamai NetSession Interface
"3462:TCP"= 3462:TCP:Akamai NetSession Interface
"1464:TCP"= 1464:TCP:Akamai NetSession Interface
"2995:TCP"= 2995:TCP:Akamai NetSession Interface
"3551:TCP"= 3551:TCP:Akamai NetSession Interface
"3617:TCP"= 3617:TCP:Akamai NetSession Interface
"3063:TCP"= 3063:TCP:Akamai NetSession Interface
"4235:TCP"= 4235:TCP:Akamai NetSession Interface
"1159:TCP"= 1159:TCP:Akamai NetSession Interface
"2110:TCP"= 2110:TCP:Akamai NetSession Interface
"3679:TCP"= 3679:TCP:Akamai NetSession Interface
"1369:TCP"= 1369:TCP:Akamai NetSession Interface
"1684:TCP"= 1684:TCP:Akamai NetSession Interface
"4481:TCP"= 4481:TCP:Akamai NetSession Interface
"3479:TCP"= 3479:TCP:Akamai NetSession Interface
"1202:TCP"= 1202:TCP:Akamai NetSession Interface
"4430:TCP"= 4430:TCP:Akamai NetSession Interface
"1991:TCP"= 1991:TCP:Akamai NetSession Interface
"1264:TCP"= 1264:TCP:Akamai NetSession Interface
"2596:TCP"= 2596:TCP:Akamai NetSession Interface
"1284:TCP"= 1284:TCP:Akamai NetSession Interface
"2636:TCP"= 2636:TCP:Akamai NetSession Interface
"4863:TCP"= 4863:TCP:Akamai NetSession Interface
"1220:TCP"= 1220:TCP:Akamai NetSession Interface
"3067:TCP"= 3067:TCP:Akamai NetSession Interface
"3094:TCP"= 3094:TCP:Akamai NetSession Interface
"3268:TCP"= 3268:TCP:Akamai NetSession Interface
"3666:TCP"= 3666:TCP:Akamai NetSession Interface
"4113:TCP"= 4113:TCP:Akamai NetSession Interface
"2533:TCP"= 2533:TCP:Akamai NetSession Interface
"1260:TCP"= 1260:TCP:Akamai NetSession Interface
"1793:TCP"= 1793:TCP:Akamai NetSession Interface
"2350:TCP"= 2350:TCP:Akamai NetSession Interface
"1595:TCP"= 1595:TCP:Akamai NetSession Interface
"1371:TCP"= 1371:TCP:Akamai NetSession Interface
"2129:TCP"= 2129:TCP:Akamai NetSession Interface
"3325:TCP"= 3325:TCP:Akamai NetSession Interface
"2662:TCP"= 2662:TCP:Akamai NetSession Interface
"2056:TCP"= 2056:TCP:Akamai NetSession Interface
"4144:TCP"= 4144:TCP:Akamai NetSession Interface
"1883:TCP"= 1883:TCP:Akamai NetSession Interface
"4335:TCP"= 4335:TCP:Akamai NetSession Interface
"1239:TCP"= 1239:TCP:Akamai NetSession Interface
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"1049:TCP"= 1049:TCP:Akamai NetSession Interface
"2136:TCP"= 2136:TCP:Akamai NetSession Interface
"1088:TCP"= 1088:TCP:Akamai NetSession Interface
"443:TCP"= 443:TCP:*:Disabled:TCP port 443 ooVoo
"443:UDP"= 443:UDP:*:Disabled:UDP port 443 ooVoo
"37674:TCP"= 37674:TCP:*:Disabled:TCP port 37674 ooVoo
"37674:UDP"= 37674:UDP:*:Disabled:UDP port 37674 ooVoo
"37675:UDP"= 37675:UDP:*:Disabled:UDP port 37675 ooVoo
"1253:TCP"= 1253:TCP:Akamai NetSession Interface
"3147:TCP"= 3147:TCP:Akamai NetSession Interface
"4409:TCP"= 4409:TCP:Akamai NetSession Interface
"2241:TCP"= 2241:TCP:Akamai NetSession Interface

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [25/07/2008 03:00 28544]
R2 Akamai;Akamai;c:\windows\System32\svchost.exe -k Akamai [05/08/2004 14:00 14336]
R2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\system32\drivers\avwebcam.sys [28/06/2007 17:03 215552]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [25/07/2008 14:02 356920]
S2 WebCamHelper;WebCamHelper;\??\c:\progra~1\AVWEBC~1\WebCamHelper.sys --> c:\progra~1\AVWEBC~1\WebCamHelper.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [28/12/2008 16:49 1527900]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;c:\windows\system32\drivers\usb8023.sys [05/08/2004 14:00 12800]
S4 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [25/07/2008 13:28 29744]
S4 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [26/06/2008 09:13 576680]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8637bffe-cf40-11db-82f3-806d6172696f}]
\Shell\AutoRun\command - D:\club-internet.exe
.
Contenu du dossier 'Tâches planifiées'

2009-05-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-05-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-13 00:07]
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{196C3A46-4758-433D-A600-802C804AF39C} - (no file)


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.club-internet.fr
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mWindow Title =
uInternet Settings,ProxyServer = 192.168.0.1:80
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b934f0efc4d44aaa89d047f81fadc842
IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b934f0efc4d44aaa89d047f81fadc842
Trusted Zone: localhost
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {254AA86E-5655-4518-AA87-185D7CC41801} - hxxps://secure.logmeinrescue.com/TechConsole/x86/RescueControl.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} - hxxp://www.commandondemand.com/eval/cod/cabs/cssweb.cab
DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
FF - ProfilePath - c:\documents and settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\
FF - prefs.js: browser.startup.homepage - hxxp://msn.fr
FF - component: c:\documents and settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\extensions\{a841a1c1-4687-4285-89fe-e9df6c5ed4c6}\components\FFAlert.dll
FF - component: c:\documents and settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}\components\FFAlert.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\documents and settings\VIDEOCEAN 1\Application Data\Mozilla\Firefox\Profiles\zh7uz1hs.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npExentCtl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll

---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: keyword.enabled - true
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-12 19:13
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1214440339-854245398-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:ce,ef,4f,91,cb,e3,c7,66,c8,08,e7,71,04,85,46,64,b5,d3,a9,c5,2e,
2d,5f,03,83,bc,ad,08,c2,76,d0,37,a6,ab,b0,11,e8,bf,71,f1,48,50,fa,c9,8f,16,\
"rkeysecu"=hex:de,b6,88,f1,4a,ef,9e,a7,7b,a7,e0,ef,c4,ac,6c,b4

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,31,ee,62,e0,70,
9e,03,dc,c8,28,51,af,b0,29,a3,98,12,81,f5,54,31,0b,11,73,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,f1,3f,bd,86,65,
4f,ed,91,71,3b,04,66,8b,46,0d,96,f5,09,6a,7d,96,11,5d,c8,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,e1,49,42,2a,e6,
36,11,ff,25,da,ec,7e,55,20,c9,26,68,c3,a0,9d,e4,c3,33,9d,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,18,84,fa,b0,71,
8d,35,ce,3e,1e,9e,e0,57,5a,93,61,74,da,c1,c7,6c,00,ea,c7,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,a7,83,c5,c6,2d,
58,99,45,cd,44,cd,b9,a6,33,6c,cd,57,a6,9f,d1,39,83,88,57,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,8c,6c,92,a3,af,
03,19,79,b0,18,ed,a7,3f,8d,37,a4,42,20,15,cc,7b,c5,f1,49,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,2c,c0,8d,ec,c4,
bf,8f,e6,31,77,e1,ba,b1,f8,68,02,00,6e,e6,84,29,a6,53,af,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,53,7d,d2,0f,6c,
9d,ae,8e,83,6c,56,8b,a0,85,96,ab,24,95,c3,18,da,9a,a0,a2,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,fe,59,74,6f,73,
8d,b7,dc,51,fa,6e,91,28,9e,14,cc,21,67,8f,4a,bf,1d,69,b7,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:37,a4,aa,c3,a6,15,56,0a,ee,4c,eb,6e,db,
77,d7,dc,b1,cd,45,5a,a8,c4,f8,b9,f4,bf,41,51,17,d2,dc,8d,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,29,59,97,ff,7f,
58,82,37,e3,0e,66,d5,eb,bc,2f,6b,94,68,56,e5,9c,dd,66,96,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,37,91,68,ab,a8,
cb,37,14,fa,ea,66,7f,d4,3b,6b,70,f2,eb,e9,ac,4a,e7,5c,fd,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1572)
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\wscntfy.exe
c:\program files\SFR\Media Center\httpd\httpd.exe
c:\program files\SFR\Media Center\httpd\httpd.exe
c:\program files\Spyware Doctor\pctsSvc.exe
.
**************************************************************************
.
Heure de fin: 2009-05-12 19:28 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-12 17:28

Avant-CF: 10 555 428 864 octets libres
Après-CF: 10 490 126 336 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

458 --- E O F --- 2009-04-24 08:02
0
Réponse 33 / 39
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
12 mai 2009 à 20:00
1/ Relance OTMoveIT3.

# Copie la liste qui se trouve en citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste Instructions for Items to be Moved.

:Files
c:\windows\S42E87F54.tmp
c:\windows\Internet Logs\xDB??.tmp

# clique sur MoveIt! pour lancer la suppression.
# Le résultat apparaitra dans le cadre "Results".
# Copie/colle le résultat dans ton prochain message.

le rapport ( fichier .log ) est également situé dans C:\_OTMoveIt\MovedFiles.

2/ Poste un dernier rapport Hijacthis.

A+
0
Réponse 34 / 39
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 21:20
voici le rapport otmoveit 3 ...

:\windows\S42E87F54.tmp moved successfully.
c:\windows\Internet Logs\xDB1.tmp moved successfully.
c:\windows\Internet Logs\xDB10.tmp moved successfully.
c:\windows\Internet Logs\xDB11.tmp moved successfully.
c:\windows\Internet Logs\xDB12.tmp moved successfully.
c:\windows\Internet Logs\xDB13.tmp moved successfully.
c:\windows\Internet Logs\xDB14.tmp moved successfully.
c:\windows\Internet Logs\xDB15.tmp moved successfully.
c:\windows\Internet Logs\xDB16.tmp moved successfully.
c:\windows\Internet Logs\xDB17.tmp moved successfully.
c:\windows\Internet Logs\xDB18.tmp moved successfully.
c:\windows\Internet Logs\xDB19.tmp moved successfully.
c:\windows\Internet Logs\xDB1A.tmp moved successfully.
c:\windows\Internet Logs\xDB1B.tmp moved successfully.
c:\windows\Internet Logs\xDB1C.tmp moved successfully.
c:\windows\Internet Logs\xDB1D.tmp moved successfully.
c:\windows\Internet Logs\xDB1E.tmp moved successfully.
c:\windows\Internet Logs\xDB1F.tmp moved successfully.
c:\windows\Internet Logs\xDB2.tmp moved successfully.
c:\windows\Internet Logs\xDB20.tmp moved successfully.
c:\windows\Internet Logs\xDB21.tmp moved successfully.
c:\windows\Internet Logs\xDB3.tmp moved successfully.
c:\windows\Internet Logs\xDB4.tmp moved successfully.
c:\windows\Internet Logs\xDB5.tmp moved successfully.
c:\windows\Internet Logs\xDB6.tmp moved successfully.
c:\windows\Internet Logs\xDB7.tmp moved successfully.
c:\windows\Internet Logs\xDB8.tmp moved successfully.
c:\windows\Internet Logs\xDB9.tmp moved successfully.
c:\windows\Internet Logs\xDBA.tmp moved successfully.
c:\windows\Internet Logs\xDBB.tmp moved successfully.
c:\windows\Internet Logs\xDBC.tmp moved successfully.
c:\windows\Internet Logs\xDBD.tmp moved successfully.
c:\windows\Internet Logs\xDBE.tmp moved successfully.
c:\windows\Internet Logs\xDBF.tmp moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05122009_211150





et un rapport hijacthis:

Logfile of HijackThis v1.99.1
Scan saved at 21:19:57, on 12/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SFR\Media Center\MediaCenter.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\VIDEOCEAN 1\Bureau\hijackthis-1\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b934f0efc4d44aaa89d047f81fadc842
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b934f0efc4d44aaa89d047f81fadc842
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/TechConsole/x86/RescueControl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://angiedu62200.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} -
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://ww11.commandondemand.com/eval/cod/cabs/cssweb.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://p2pi.mine.nu:1444/activex/AMC.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-bb1d910906c85616.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 35 / 39
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
12 mai 2009 à 21:33
1/ Tu passes l'outil suivant pour nettoyer ce qu'il reste de Norton Antivirus.
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

2/ Mets à jour ton système pour éviter d'avoir des failles de sécurité.

--> Mets à jour Acrobat Reader. Il est la cible d'attaques et il est important d'avoir la dernière version sur son PC.
https://get2.adobe.com/fr/reader/otherversions/

--> Même si tu n'utilises pas Internet Explorer, fais la mise à jour pour d'éventuelles utilisations du logiciel ( mises à jour ... )

Télécharges IE7 et installe-le.
https://www.pcastuces.com/logitheque/default.htm

--> Télécharge JavaRa de PaulMcLain et Fred De Vries.
https://javara.fr.malavida.com/

* Click droit sur l'archive JavaRa.zip et extraire sur le bureau.
* Un dossier sera crée. L'ouvrir et double-cliquer sur JavaRa.exe pour le lancer
* Choisis la langue ( français )

Une fenêtre va s'ouvrir ou tu auras le choix entre mettre à jour et supprimer les anciennes versions de Java.

- Mise à jour :

* clique sur Recherche de mise à jour et choisis l'option Mettre à jour via jucheck.exe .
* Il te sera précisé si il existe ou pas de nouvelle version à installer sur ton PC.
* Si oui, clique sur Installer puis suis les invites.

Note : Si tu n'y arrives pas avec cette option, choisis l'autre Mettre à jour via le site Internet de Sun ou alors sur le site suivant https://www.java.com/fr/download/manual.jsp

- Suppression des anciennes versions :

* Relance JavaRa.exe s'il le faut et choisis Effacer les anciennes versions
* Suis les invites.
* Il te sera précisé de la suppression les versions trouvées et supprimées

Un rapport sera crée. Poste-le.

A+
0
Réponse 36 / 39
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 22:38
voila les mises a jour ont étaient faites et voici le rapport de java:


JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue May 12 22:32:54 2009

Found and removed: C:\Program Files\Java\j2re1.4.0_03

Found and removed: C:\Program Files\Java\j2re1.4.2_13

Found and removed: C:\Program Files\Java\jre1.6.0_01

Found and removed: C:\Program Files\Java\jre1.6.0_02

Found and removed: C:\Program Files\Java\jre1.6.0_03

Found and removed: C:\Program Files\Java\jre1.6.0_04

Found and removed: C:\Program Files\Java\jre1.6.0_05

Found and removed: C:\Program Files\Java\jre1.6.0_07

Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142130}

Found and removed: C:\WINDOWS\system32\plugincpl140_03.cpl

Found and removed: SOFTWARE\Classes\JavaSoft.JavaBeansBridge

Found and removed: SOFTWARE\Classes\JavaSoft.JavaBeansBridge.1

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\javaw.Exe

Found and removed: SOFTWARE\Classes\JavaPlugin.140_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.0_03

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

Found and removed: SOFTWARE\Classes\JavaPlugin.160_04

Found and removed: SOFTWARE\Classes\JavaPlugin.160_05

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142130}

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F841731866D117AB7000B0D411203

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D411203

Found and removed: SOFTWARE\Classes\JavaPlugin.142_13

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_13

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_13

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_13

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\JavaPlugin.142_13

Found and removed: Software\Classes\JavaPlugin.160_01

Found and removed: Software\Classes\JavaPlugin.160_02

Found and removed: Software\Classes\JavaPlugin.160_03

Found and removed: Software\Classes\JavaPlugin.160_04

Found and removed: Software\Classes\JavaPlugin.160_05

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_02

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

Found and removed: Software\JavaSoft\Java2D\1.6.0_04

Found and removed: Software\JavaSoft\Java2D\1.6.0_05

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue May 12 22:34:55 2009

------------------------------------

Finished reporting.
0
Réponse 37 / 39
loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
12 mai 2009 à 22:43
;)
0
Réponse 38 / 39
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
12 mai 2009 à 23:00
On termine.

1) On va enlever les logiciels qui ont été utilisés..
Télécharge ToolsCleaner .sur le bureau
http://pc-system.fr/

Double-clique sur ToolsCleaner2.exe --> Recherche --> Suppression.
Il est possible que ton bureau disparaisse.

Fais un copier/coller du rapport qui se trouve dans C:\TCleaner.txt.

2/ Tu vas utiliser CCleaner.
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner

utilise les fonctions nettoyeur et registre.

3) Il est préférable maintenant que ton PC est propre de nettoyer la restauration système et de créer un point propre pour une utilisation ultérieure.

Les points de restauration :

- Panneau de configuration --> Système --> Restauration du système

cocher " Désactiver la restauration .... " ( si elle est cochée sinon la décocher -- > valider -- > cocher )
Une fenêtre va s’ouvrir pour t’avertir que les poins de restauration existants seront supprimés.
Accepte.

Décoche ensuite « Désactiver la restauration .... » pour réactiver la restauration système

- Tu vas recréer un point de restauration propre.

Pour recréer un point de restauration :
Démarrer --> Programmes --> Accessoires --> Outils système --> Restauration système
Choisis "Créer un point de restauration". Suis les invites.

--------------------------------------------------------------------------------------------------------

Ton PC est propre.
Tu as remarqué le nombre de logiciels , toolbars qu'on avait désinstallé.
Sois un peu plus prudent dans ton surf.

Une lecture : projet antimalwares : https://www.malekal.com/fichiers/projetantimalwares/prevention-protection.pdf

---------------------------------------------------------------------------------------------------------

/!\ Tu peux aussi dénoncer ton infection /!\
http://www.malwarecomplaints.info/phpBB3/viewforum.php?f=10

Lis l'article suivant pour t'aider dans la démarche : http://www.malekal.com/malwarecomplaints.html
Pour ton cas, choisis l'infection vundo.

-----------------------------------------------------------------------------------------------------------

Peux-tu mettre le sujet en résolu ? Merci.

En te souhaitant bonne lecture et bon surf.

Salut.
0
Réponse 39 / 39
ardillon62 Messages postés 21 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 12 mai 2009
12 mai 2009 à 23:33
mille merci pour ton aide et le partage de tes connaissances...

je te post le rapport de toolscleaner :

[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\VundoFix.txt: trouvé !
C:\Combofix.txt: trouvé !
C:\lopR.txt: trouvé !
C:\TB.txt: trouvé !
C:\Yoog_Fix.txt: trouvé !
C:\SDFIX: trouvé !
C:\Lop SD: trouvé !
C:\Vundofix backups: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Toolbar SD: trouvé !
C:\Rsit: trouvé !
C:\Yoog_Fix: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\Ad-remover.lnk: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\ToolBarSD.exe: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\Rsit.exe: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\Yoog_Fix.exe: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\hijackthis-1\HijackThis.exe: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\hijackthis-1\hijackthis.log: trouvé !
C:\Documents and Settings\VIDEOCEAN 1\Menu Démarrer\Programmes\Ad-remover: trouvé !
C:\Program Files\Ad-remover: trouvé !
C:\Program Files\Ad-remover\BACKUP\Ad-R.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
C:\Yoog_Fix\Yoog_Fix.exe: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\VIDEOCEAN 1\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\VIDEOCEAN 1\Bureau\Ad-remover.lnk: supprimé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\ToolBarSD.exe: supprimé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\hijackthis-1\HijackThis.exe: supprimé !
C:\Program Files\Ad-remover\BACKUP\Ad-R.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\VundoFix.txt: supprimé !
C:\Combofix.txt: supprimé !
C:\lopR.txt: supprimé !
C:\TB.txt: supprimé !
C:\Yoog_Fix.txt: supprimé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\OTMoveIt3.exe: supprimé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\Rsit.exe: supprimé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\Yoog_Fix.exe: supprimé !
C:\Documents and Settings\VIDEOCEAN 1\Bureau\hijackthis-1\hijackthis.log: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Yoog_Fix\Yoog_Fix.exe: supprimé !
C:\SDFIX: supprimé !
C:\Lop SD: supprimé !
C:\Vundofix backups: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Toolbar SD: supprimé !
C:\Rsit: supprimé !
C:\Yoog_Fix: supprimé !
C:\Documents and Settings\VIDEOCEAN 1\Menu Démarrer\Programmes\Ad-remover: supprimé !
C:\Program Files\Ad-remover: supprimé !
0

Discussions similaires

Problème de téléchargement de firefox mozilla
Source2Vie18 -
fabul -

1 réponse
Telecharger la version Firerfox 52.0.1 ou 52.0.2
Yrrep -
Dori@n -

1 réponse
doctolib n'est plus accessible : firefox mode privé
_entraide_ -
Cherchetout -

10 réponses
Méssage Firefox ''Couldn't load XPCOM''
pistouri -
pistouri -

0 réponse