page de pub CiD au secoursRésolu/Fermé

Question

Bonjour,
Je suis nouveau, et j'ai pu constater que pas mal de personne avait le même probleme que moi en ce qui concerne ces satanées écrans publicitaires. J'ai utilisé ccleaner et spyware doctors et rien n'y fait. J'ai toujours ces pubs qui apparaissent à chaque fois que j'ouvre une fenêtre sur Internet Explorer.
S'il vous plait aidez-moi je n'en peu plus!!!!

raleuboleu · Answer

Bonjour


télécharge HijackThis ici:
http://www.infos-du-net.com/telecharger/HijackThis.html

Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum


désinstalle spyware doctor et installe AVG Antispyware ici :
https://www.avg.com/en-ww/free-antivirus-download

mode d'utilisation :
Lance AVG Anti-Spyware, mets le à jour,
Clique sur le bouton « Analyse »
Puis « Comment réagir », clique sur Actions recommandées. Sélectionne Quarantaine.
Retour à l'onglet Analyse.
Clique sur Analyse complète du système.
A la fin du scan, choisis " Appliquer toutes les actions "
Clique sur "Enregistrer le rapport". Le fichier texte se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware. 

biz

jlp · Answer

essaye de scanner avec: (en mode sans echec demarrer en laissant appuyé sur F8 ou F5 ou esc ou SUPPR en général) apres les avoir mis a jour:

cwshredder:

http://telechargement.linternaute.com/fiche/5348/2/cwshredder/index.html

spybot :

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html


AD AWARE
https://www.01net.com/404/


CCLEANER
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

puis smit fraud fix

smitfraudfix
puis redemarre et fait un scan en ligne 

http://pandasoftware.fr


si ca persiste :
envoi le rapport hijackthis les pro t'aideront
http://www.infos-du-net.com/telecharger/HijackThis,0301-454.html

raleuboleu · Answer

re

coche ces lignes sur hijack :

-O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

-03 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

- O4 - HKCU\..\Run: [StartPlus] C:\DOCUME~1\FOURNI~1\APPLIC~1\MFCDAM~1\SOFTAIMJOY.exe


ensuite clic sur fixe objet,

fais ce que te suggere JLP et tiens nous au courrant en pstant les rapport ainsi qu'un nouveau log hijack

bizz

ffab · Answer

bonjour, en ce nouveau jour tout va beaucoup mieux, plus de pub. J'ai suivi ce que jpl a dit de faire et maintenant plus de pub, plus rien. Merci beaucoup Raleuboleu je t'envoie tout de même le rapport de lopxp.bat si ca pouvait t'interesser. et encore Merci _____________ Rapport Lopxp fait le 03/05/2007 à 12:01:14,12 _______________ /!\ Attention /!\ Les résultats de ce rapport sont sujets à interprétations, Et ne démontrent pas systématiquement des dossiers infectés... _________________________ Recherche prédéterminé __________________________ [X] C:\Program Files\BitDownload Présent ! Date d'installation/Création du dossier: 24/04/2007 à 18:34 Dernière modification du dossier le: 24/04/2007 à 18:37 Recherche des dossiers crées le: 24/04/2007 C:\Program Files 24/04/2007 18:34 MFCDAM~1 mfcd amen 24/04/2007 18:34 BITDOW~1 BitDownload C:\Documents and Settings\All Users\Application Data 24/04/2007 18:35 MIXCLO~1 Mix Clock Up Amok C:\Documents and Settings\fournier fabien\Application Data 24/04/2007 18:35 BITDOW~1 BitDownload 24/04/2007 18:34 MFCDAM~1 mfcd amen _________________________ Recherche heuristique __________________________ C:\Documents and Settings\All Users\Application Data\Mix Clock Up Amok C:\Documents and Settings\fournier fabien\Application Data\mfcd amen C:\Program Files\mfcd amen ___________________________ Tâches planifiées _____________________________ Tâche cachée à l'utilistateur: C:\WINDOWS asks\A4F4E4EA91E79DC2.job /!\ Fichier lancé: c:\docume~1\fourni~1\applic~1\mfcdam~1\Setup Suspect ! Listing de toutes les tâches planifiées: A4F4E4EA91E79DC2.job: c:\docume~1\fourni~1\applic~1\mfcdam~1\Setup log road.exe Vérifier les mises à jour de Windows Live Toolbar.job: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE __________ Détection des paramètres de désinstallation du sponsor _________ Sponsor P2P: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Active five bias] DisplayName REG_SZ CiD Help UninstallString REG_SZ C:\DOCUME~1\FOURNI~1\APPLIC~1\MFCDAM~1\SOFTAIMJOY.exe -uninstall - Label de désinstallation listé "CiD Help" dans Ajout/Supression de Programmes. Sponsor MSN+: __________________ Listing des dossiers Application Data __________________ C:\Documents and Settings\All Users\Application Data Date/heure Création Nom court Nom long 02/05/2007 à 19:07 | SPYBOT~1 Spybot - Search & Destroy 02/05/2007 à 16:15 | GOOGLE~1 Google Updater 24/04/2007 à 18:35 | MIXCLO~1 Mix Clock Up Amok 17/04/2007 à 10:26 | WINDOW~2 Windows Live Toolbar 15/04/2007 à 16:07 | Pinnacle 02/04/2007 à 22:29 | TEMP 24/03/2007 à 12:51 | APPLEC~1 Apple Computer 15/09/2006 à 17:13 | Google 08/01/2006 à 16:20 | Ahead 07/01/2006 à 17:43 | MSNSEA~1 MSN Search Toolbar 05/01/2006 à 13:15 | UDL 03/01/2006 à 12:07 | Adobe 02/01/2006 à 15:36 | MSN6 01/01/2006 à 20:40 | WINDOW~1 Windows Genuine Advantage 01/01/2006 à 19:41 | MICROS~1 Microsoft C:\Documents and Settings\fournier fabien\Application Data Date/heure Création Nom court Nom long 24/04/2007 à 18:35 | BITDOW~1 BitDownload 24/04/2007 à 18:34 | MFCDAM~1 mfcd amen 02/04/2007 à 22:48 | Talkback 02/04/2007 à 22:48 | Mozilla 02/04/2007 à 22:31 | ItsLabel 02/04/2007 à 22:17 | EoRezo 24/03/2007 à 12:53 | APPLEC~1 Apple Computer 05/01/2007 à 21:05 | OFFICE~1 OfficeUpdate12 17/09/2006 à 12:39 | FotoWire 10/09/2006 à 14:17 | SMARTP~1 Smart Panel 10/06/2006 à 10:33 | LEADER~1 Leadertech 10/01/2006 à 17:30 | Real 08/01/2006 à 16:25 | Ahead 08/01/2006 à 16:16 | INTERV~1 InterVideo 06/01/2006 à 20:29 | Help 06/01/2006 à 19:05 | Lavasoft 03/01/2006 à 12:15 | MICROS~2 Microsoft Web Folders 03/01/2006 à 12:08 | AdobeUM 03/01/2006 à 12:04 | Adobe 02/01/2006 à 15:36 | MSN6 01/01/2006 à 20:54 | Google 01/01/2006 à 20:52 | MACROM~1 Macromedia 01/01/2006 à 19:53 | IDENTI~1 Identities 01/01/2006 à 19:53 | MICROS~1 Microsoft 01/01/2006 à 19:53 | Sun C:\Documents and Settings\fournier fabien\Local Settings\Application Data Date/heure Création Nom court Nom long 15/04/2007 à 16:28 | Shareaza 02/04/2007 à 22:48 | Mozilla 24/03/2007 à 12:53 | APPLEC~1 Apple Computer 03/02/2007 à 16:59 | {3248F~1 {3248F0A6-6813-11D6-A77B-00B0D0150010} 07/10/2006 à 19:17 | WMTOOL~1 WMTools Downloaded Files 28/09/2006 à 21:47 | OD2 17/09/2006 à 12:50 | LOGITE~1 Logitech-LS 15/09/2006 à 19:40 | Google 13/01/2006 à 17:22 | Ahead 06/01/2006 à 20:29 | Help 03/01/2006 à 12:56 | Adobe 03/01/2006 à 12:51 | IDENTI~1 Identities 01/01/2006 à 20:48 | APPLIC~1 ApplicationHistory 01/01/2006 à 19:53 | MICROS~1 Microsoft 01/01/2006 à 19:53 | {7148F~1 {7148F0A6-6813-11D6-A77B-00B0D0142030} ____________________ Listing du dossier Program Files _____________________ C:\Program Files Date/heure Création Nom court Nom long 02/05/2007 à 19:07 | SPYBOT~1 Spybot - Search & Destroy 02/05/2007 à 18:19 | Grisoft 02/05/2007 à 16:45 | CCleaner 24/04/2007 à 18:34 | MFCDAM~1 mfcd amen 24/04/2007 à 18:34 | BITDOW~1 BitDownload 17/04/2007 à 10:25 | WI81E8~1 Windows Live Toolbar 02/04/2007 à 22:22 | MOZILL~1 Mozilla Firefox 02/04/2007 à 22:21 | Picasa2 02/04/2007 à 22:17 | eoRezo 24/03/2007 à 12:53 | iPod 24/03/2007 à 12:53 | iTunes 14/02/2007 à 18:43 | WINDOW~4 Windows Media Connect 2 28/01/2007 à 15:32 | Wanadoo 24/11/2006 à 22:42 | MSNMES~1 MSN Messenger 23/10/2006 à 20:48 | MICROS~4 Microsoft Windows OneCare Live 11/10/2006 à 19:52 | QUICKT~1 QuickTime 17/09/2006 à 12:37 | Logitech 29/08/2006 à 18:38 | SAGEM 11/08/2006 à 18:47 | MYGLOB~1 MyGlobalSearch 12/01/2006 à 13:06 | WinRAR 11/01/2006 à 16:43 | DivX 10/01/2006 à 17:31 | Real 08/01/2006 à 16:20 | Ahead 08/01/2006 à 16:13 | INTERV~1 InterVideo 06/01/2006 à 19:54 | LIMEWI~1 LimeWire Acceleration Patch 06/01/2006 à 19:34 | eMule 06/01/2006 à 19:13 | LimeWire 06/01/2006 à 19:08 | BEARSH~1 BearShare 06/01/2006 à 19:05 | Lavasoft 05/01/2006 à 13:12 | ArcSoft 05/01/2006 à 13:09 | SMARTP~1 Smart Panel 05/01/2006 à 13:02 | epson 04/01/2006 à 15:48 | MSNAPP~1 MSN Apps 03/01/2006 à 19:47 | ZONELA~1 Zone Labs 03/01/2006 à 12:17 | MICROS~3 Microsoft Visual Studio 03/01/2006 à 12:15 | MICROS~2 Microsoft Office 03/01/2006 à 12:07 | Adobe 03/01/2006 à 12:07 | Yahoo! 03/01/2006 à 11:11 | ALWILS~1 Alwil Software 01/01/2006 à 20:54 | Google 01/01/2006 à 20:37 | Netropa 01/01/2006 à 20:37 | FSC 01/01/2006 à 20:05 | CONEXANT 01/01/2006 à 20:05 | INSTAL~1 InstallShield Installation Information 01/01/2006 à 19:50 | xerox 01/01/2006 à 19:50 | MICROS~1 microsoft frontpage 01/01/2006 à 19:48 | Java 01/01/2006 à 19:48 | COMMON~1 Common Files 01/01/2006 à 19:47 | UNINST~1 Uninstall Information 01/01/2006 à 19:45 | MOVIEM~1 Movie Maker 01/01/2006 à 19:45 | NETMEE~1 NetMeeting 01/01/2006 à 19:45 | OUTLOO~1 Outlook Express 01/01/2006 à 19:45 | INTERN~1 Internet Explorer 01/01/2006 à 19:45 | COMPLU~1 ComPlus Applications 01/01/2006 à 19:44 | WINDOW~3 WindowsUpdate 01/01/2006 à 19:44 | SERVIC~1 Services en ligne 01/01/2006 à 19:44 | WINDOW~2 Windows Media Player 01/01/2006 à 19:44 | MESSEN~1 Messenger 01/01/2006 à 19:44 | MSNGAM~1 MSN Gaming Zone 01/01/2006 à 19:44 | MSN 01/01/2006 à 19:44 | WINDOW~1 Windows NT 01/01/2006 à 19:41 | FICHIE~1 Fichiers communs __________________________ Recherche dans le registre _____________________ # Clés de démarrage : [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] Up amok mail gram REG_SZ C:\Documents and Settings\All Users\Application Data\Mix Clock Up Amok\CampBat.exe [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] StartPlus REG_SZ C:\DOCUME~1\FOURNI~1\APPLIC~1\MFCDAM~1\SOFTAIMJOY.exe _____________________ Modification du fichier Hosts _______________________ 127.0.0.1= Url bloquée Autre= Redirection 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD __________________________ Popups autorisées ______________________________ # Internet Explorer HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow www.lelogicielgratuit.com REG_BINARY www.lafargecareers.com REG_BINARY *.webfact2.francetelecom.com REG_BINARY www.linternaute.com REG_BINARY chat14.x-echo.com REG_BINARY chat10.x-echo.com REG_BINARY chat7.x-echo.com REG_BINARY netbios-wait.com REG_SZ www.netbios-wait.com REG_SZ netsearchsoft.com REG_SZ www.netsearchsoft.com REG_SZ # Mozilla Firefox (1 autorisé 2 interdit) # Suite Mozilla / SeaMonkey (1 autorisé 2 interdit) ___________________________ Zones de sécurité _____________________________ # HKCU Domains (4) # P3P History (5) ___________________ Suggestion nettoyage registre _______________ (Pour désinfection manuelle) REGEDIT4 [-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Active five bias] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Up amok mail gram"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartPlus"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow] "netsearchsoft.com"=- "www.netsearchsoft.com"=- "netbios-wait.com"=- "www.netbios-wait.com"=- _________________________ Fin du rapport ________________________

Lyonnais92 · Answer

Bonjour,

tu peux rebooter l'ordi, te reconnecter à Internet par IE et remettre un log hijackthis. stp.
@+

ffab · Answer

voila le rapport de hijackthis.


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 13:34:36, on 03/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Netropa\Multimedia Keyboard
hksrv.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\fournier fabien\Bureau
ettoyage\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Up amok mail gram] C:\Documents and Settings\All Users\Application Data\Mix Clock Up Amok\CampBat.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [StartPlus] C:\DOCUME~1\FOURNI~1\APPLIC~1\MFCDAM~1\SOFTAIMJOY.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {202ABF1D-2499-4865-909F-A6B758CE9577} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard
hksrv.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

pompo59 · Answer

bonjour a tous comment faire pour arreter de resevoire des page cid car j'ai tou essayer mes sa ne fonctionne pas merci de me repondre

Lyonnais92 · Answer

Bonjour,

Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
Procèdes comme ceci :
http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm
A bientôt

x-cedriic-x · Answer

--------------------\  Lop S&D 4.2.4-3   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6001 ) Service Pack 1
   X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-52 )
   BIOS : Version 1.0
   USER : mr lebreton ( Administrator )
   BOOT : Normal boot
   Antivirus : Norton Internet Security 2007 (Activated)
   Firewall  : ZoneAlarm Firewall 7.1.254.000 (Activated)
   C:\ (Local Disk) - NTFS - Total : 148 Go Free : 71 Go
   D:\ (Local Disk) - NTFS - Total : 73 Go Free : 72 Go
   E:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go

   "C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
   Option : [1] ( 19/09/2008|21:30 )

   [ UAC => 1 ]
 
   --------------------\  Listing des dossiers dans Local  

   [21/06/2008|16:00] C:\Users\MRLEBR~1\AppData\Local\Adobe
   [06/06/2008|18:58] C:\Users\MRLEBR~1\AppData\Local\Ahead
   [23/05/2008|09:03] C:\Users\MRLEBR~1\AppData\Local\Application Data 
   [14/08/2008|18:55] C:\Users\MRLEBR~1\AppData\Local\ashampoo
   [19/08/2008|20:43] C:\Users\MRLEBR~1\AppData\Local\Ashampoo Movie Shrink & Burn 3
   [19/09/2008|18:57] C:\Users\MRLEBR~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [22/06/2008|12:56] C:\Users\MRLEBR~1\AppData\Local\Downloaded Installations
   [08/07/2008|10:35] C:\Users\MRLEBR~1\AppData\Local\eMule
   [23/06/2008|18:53] C:\Users\MRLEBR~1\AppData\Local\eMule(105)
   [24/08/2008|19:33] C:\Users\MRLEBR~1\AppData\Local\GDIPFONTCACHEV1.DAT
   [29/06/2008|15:17] C:\Users\MRLEBR~1\AppData\Local\Google
   [23/05/2008|09:03] C:\Users\MRLEBR~1\AppData\Local\Historique 
   [19/09/2008|20:59] C:\Users\MRLEBR~1\AppData\Local\IconCache.db
   [21/08/2008|20:28] C:\Users\MRLEBR~1\AppData\Local\Micro Application
   [15/07/2008|14:22] C:\Users\MRLEBR~1\AppData\Local\Microsoft
   [17/07/2008|20:36] C:\Users\MRLEBR~1\AppData\Local\Microsoft Games
   [10/07/2008|18:50] C:\Users\MRLEBR~1\AppData\Local\Microsoft Help
   [23/05/2008|11:33] C:\Users\MRLEBR~1\AppData\Local\PowerCinema
   [23/05/2008|11:33] C:\Users\MRLEBR~1\AppData\Local\PowerDV
   [23/05/2008|09:07] C:\Users\MRLEBR~1\AppData\Local\Seven Zip
   [19/09/2008|21:26] C:\Users\MRLEBR~1\AppData\Local\Temp
   [23/05/2008|09:03] C:\Users\MRLEBR~1\AppData\Local\Temporary Internet Files 
   [02/06/2008|18:00] C:\Users\MRLEBR~1\AppData\Local\VirtualStore
   [22/06/2008|17:04] C:\Users\MRLEBR~1\AppData\Local\WinAVI
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [19/09/2008 19:19][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{035BE78C-7DF5-49B8-947B-AD90D1C70E00}.job
   [19/09/2008 21:03][--ah-----] C:\Windows	asks\SA.DAT
   [19/09/2008 20:59][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [21/06/2008|16:07] C:\ProgramData\Adobe
   [31/08/2008|17:23] C:\ProgramData\Amen Great 4.mfni6n
   [02/11/2006|15:02] C:\ProgramData\Application Data 
   [14/08/2008|18:55] C:\ProgramData\ashampoo
   [22/06/2008|17:58] C:\ProgramData\AVS4YOU
   [31/08/2008|17:23] C:\ProgramData\BONE ABOUT BOOK BOWS
   [23/05/2008|08:58] C:\ProgramData\Bureau 
   [06/09/2008|18:06] C:\ProgramData\CheckPoint
   [02/11/2006|15:02] C:\ProgramData\Desktop 
   [02/11/2006|15:02] C:\ProgramData\Documents 
   [24/08/2008|21:02] C:\ProgramData\eMule
   [23/05/2008|08:58] C:\ProgramData\Favoris 
   [02/11/2006|15:02] C:\ProgramData\Favorites 
   [13/09/2008|16:19] C:\ProgramData\First Dash Hold
   [12/08/2008|15:48] C:\ProgramData\Google
   [23/05/2008|08:58] C:\ProgramData\Menu D‚marrer 
   [06/09/2008|18:18] C:\ProgramData\Messenger Plus!
   [19/09/2008|19:02] C:\ProgramData\Microsoft
   [10/07/2008|20:53] C:\ProgramData\Microsoft Help
   [23/05/2008|08:58] C:\ProgramData\ModŠles 
   [01/07/2006|20:03] C:\ProgramData\NVIDIA
   [31/08/2008|17:22] C:\ProgramData\Peak Bags Bags.aaw7du
   [31/08/2008|17:22] C:\ProgramData\Peak Bags Bags.z41hyj
   [10/07/2008|13:48] C:\ProgramData\pixelStorm
   [02/11/2006|15:02] C:\ProgramData\Start Menu 
   [23/05/2008|10:54] C:\ProgramData\Symantec
   [02/11/2006|15:02] C:\ProgramData\Templates 
   [10/09/2008|03:17] C:\ProgramData\WindowsSearch
   [01/06/2008|18:37] C:\ProgramData\WLInstaller
   [22/06/2008|12:58] C:\ProgramData\ywasvxup.hvs

   --------------------\  Listing des dossiers dans C:\Program Files

   [07/07/2008|20:34] C:\Program Files\Adobe
   [31/05/2008|22:04] C:\Program Files\Alwil Software
   [01/07/2006|19:18] C:\Program Files\Apoint2K
   [22/06/2008|21:16] C:\Program Files\AviSynth 2.5
   [22/06/2008|18:06] C:\Program Files\AVS4YOU
   [10/07/2008|20:53] C:\Program Files\Common Files
   [01/07/2006|19:17] C:\Program Files\CONEXANT
   [23/06/2008|19:18] C:\Program Files\CyberLink
   [24/08/2008|21:02] C:\Program Files\eMule
   [23/05/2008|08:58] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [12/08/2008|21:41] C:\Program Files\Google
   [23/06/2008|19:18] C:\Program Files\InstallShield Installation Information
   [20/08/2008|11:56] C:\Program Files\Internet Explorer
   [01/07/2006|19:45] C:\Program Files\InterVideo
   [12/08/2008|15:46] C:\Program Files\Java
   [04/06/2008|17:28] C:\Program Files\K-Lite Codec Pack
   [07/06/2008|15:08] C:\Program Files\Learning Essentials
   [06/09/2008|14:55] C:\Program Files\Messenger Plus! Live
   [01/06/2008|23:41] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [02/11/2006|14:37] C:\Program Files\Microsoft Games
   [10/07/2008|20:53] C:\Program Files\Microsoft Office
   [10/07/2008|21:08] C:\Program Files\Microsoft Works
   [20/08/2008|11:56] C:\Program Files\Movie Maker
   [02/11/2006|14:37] C:\Program Files\MSBuild
   [01/07/2006|19:21] C:\Program Files\MSXML 4.0
   [01/07/2006|19:29] C:\Program Files\Nero
   [10/07/2008|20:58] C:\Program Files\OpenOffice.org 2.4
   [10/07/2008|20:57] C:\Program Files\OpenOffice.org 2.4 (fr) Installation Files
   [04/06/2008|17:13] C:\Program Files\PhotoFiltre
   [04/06/2008|17:14] C:\Program Files\PhotoScape
   [01/07/2006|19:18] C:\Program Files\Power Manager
   [02/11/2006|14:37] C:\Program Files\Reference Assemblies
   [22/06/2008|19:03] C:\Program Files\Search Settings
   [19/09/2008|20:50] C:\Program Files\Sunbelt Software
   [14/09/2008|12:20] C:\Program Files\Trend Micro
   [02/11/2006|15:01] C:\Program Files\Uninstall Information
   [21/08/2008|19:35] C:\Program Files\VirginMega
   [20/08/2008|11:56] C:\Program Files\Windows Calendar
   [20/08/2008|11:56] C:\Program Files\Windows Collaboration
   [20/08/2008|11:56] C:\Program Files\Windows Defender
   [20/08/2008|11:56] C:\Program Files\Windows Journal
   [22/06/2008|13:28] C:\Program Files\Windows Live
   [20/08/2008|11:56] C:\Program Files\Windows Mail
   [20/08/2008|11:56] C:\Program Files\Windows Media Player
   [23/05/2008|08:58] C:\Program Files\Windows NT
   [20/08/2008|11:56] C:\Program Files\Windows Photo Gallery
   [20/08/2008|11:56] C:\Program Files\Windows Sidebar
   [06/09/2008|18:06] C:\Program Files\Zone Labs

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [21/06/2008|16:07] C:\Program Files\Common Files\Adobe
   [10/07/2008|21:14] C:\Program Files\Common Files\Ahead
   [22/06/2008|18:06] C:\Program Files\Common Files\AVSMedia
   [01/07/2006|19:50] C:\Program Files\Common Files\Fujitsu Siemens Computers
   [23/06/2008|19:19] C:\Program Files\Common Files\InstallShield
   [01/07/2006|19:45] C:\Program Files\Common Files\InterVideo
   [02/07/2008|00:47] C:\Program Files\Common Files\Java
   [19/09/2008|19:03] C:\Program Files\Common Files\microsoft shared
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [23/05/2008|11:10] C:\Program Files\Common Files\Symantec Shared
   [20/08/2008|11:56] C:\Program Files\Common Files\System
   [01/06/2008|18:47] C:\Program Files\Common Files\WindowsLiveInstaller

   --------------------\  Process

   ( 69 Processes )

   iexplore.exe ~ [PID:2496]
   iexplore.exe ~ [PID:1496]

   --------------------\  Recherche avec S_Lop

   C:\ProgramData\Peak Bags Bags.aaw7du
   C:\ProgramData\Peak Bags Bags.z41hyj
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\ProgramData\BONE ABOUT BOOK BOWS
   C:\ProgramData\BONE ABOUT BOOK BOWS\Media book.exe
   C:\Users\MRLEBR~1\AppData\Roaming\MICROS~1\Windows\Cookies\mr_lebreton@adopt.euroclick[1].txt
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "Dog Store"="\"C:\ProgramData\Peak Bags Bags.z41hyj\""

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-09-19 21:30:54
   Windows 6.0.6001 Service Pack 1 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 977
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:119][D:8]-> C:\Users\MRLEBR~1\AppData\Local\Temp
   [F:82][D:1]-> C:\Users\MRLEBR~1\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:33][D:4]-> C:\Users\MRLEBR~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:5][D:3]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - 19/09/2008|21:24 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 19/09/2008|21:32 - Option : [1]

   --------------------\  Fin du rapport a 21:32:19
   [ UAC => 1 ]

x-cedriic-x · Answer

--------------------\  Lop S&D 4.2.4-3   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6001 ) Service Pack 1
   X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-52 )
   BIOS : Version 1.0
   USER : mr lebreton ( Administrator )
   BOOT : Normal boot
   Antivirus : Norton Internet Security 2007 (Activated)
   Firewall  : ZoneAlarm Firewall 7.1.254.000 (Activated)
   C:\ (Local Disk) - NTFS - Total : 148 Go Free : 71 Go
   D:\ (Local Disk) - NTFS - Total : 73 Go Free : 72 Go
   E:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go

   "C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
   Option : [1] ( 19/09/2008|21:30 )

   [ UAC => 1 ]
 
   --------------------\  Listing des dossiers dans Local  

   [21/06/2008|16:00] C:\Users\MRLEBR~1\AppData\Local\Adobe
   [06/06/2008|18:58] C:\Users\MRLEBR~1\AppData\Local\Ahead
   [23/05/2008|09:03] C:\Users\MRLEBR~1\AppData\Local\Application Data 
   [14/08/2008|18:55] C:\Users\MRLEBR~1\AppData\Local\ashampoo
   [19/08/2008|20:43] C:\Users\MRLEBR~1\AppData\Local\Ashampoo Movie Shrink & Burn 3
   [19/09/2008|18:57] C:\Users\MRLEBR~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [22/06/2008|12:56] C:\Users\MRLEBR~1\AppData\Local\Downloaded Installations
   [08/07/2008|10:35] C:\Users\MRLEBR~1\AppData\Local\eMule
   [23/06/2008|18:53] C:\Users\MRLEBR~1\AppData\Local\eMule(105)
   [24/08/2008|19:33] C:\Users\MRLEBR~1\AppData\Local\GDIPFONTCACHEV1.DAT
   [29/06/2008|15:17] C:\Users\MRLEBR~1\AppData\Local\Google
   [23/05/2008|09:03] C:\Users\MRLEBR~1\AppData\Local\Historique 
   [19/09/2008|20:59] C:\Users\MRLEBR~1\AppData\Local\IconCache.db
   [21/08/2008|20:28] C:\Users\MRLEBR~1\AppData\Local\Micro Application
   [15/07/2008|14:22] C:\Users\MRLEBR~1\AppData\Local\Microsoft
   [17/07/2008|20:36] C:\Users\MRLEBR~1\AppData\Local\Microsoft Games
   [10/07/2008|18:50] C:\Users\MRLEBR~1\AppData\Local\Microsoft Help
   [23/05/2008|11:33] C:\Users\MRLEBR~1\AppData\Local\PowerCinema
   [23/05/2008|11:33] C:\Users\MRLEBR~1\AppData\Local\PowerDV
   [23/05/2008|09:07] C:\Users\MRLEBR~1\AppData\Local\Seven Zip
   [19/09/2008|21:26] C:\Users\MRLEBR~1\AppData\Local\Temp
   [23/05/2008|09:03] C:\Users\MRLEBR~1\AppData\Local\Temporary Internet Files 
   [02/06/2008|18:00] C:\Users\MRLEBR~1\AppData\Local\VirtualStore
   [22/06/2008|17:04] C:\Users\MRLEBR~1\AppData\Local\WinAVI
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [19/09/2008 19:19][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{035BE78C-7DF5-49B8-947B-AD90D1C70E00}.job
   [19/09/2008 21:03][--ah-----] C:\Windows	asks\SA.DAT
   [19/09/2008 20:59][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [21/06/2008|16:07] C:\ProgramData\Adobe
   [31/08/2008|17:23] C:\ProgramData\Amen Great 4.mfni6n
   [02/11/2006|15:02] C:\ProgramData\Application Data 
   [14/08/2008|18:55] C:\ProgramData\ashampoo
   [22/06/2008|17:58] C:\ProgramData\AVS4YOU
   [31/08/2008|17:23] C:\ProgramData\BONE ABOUT BOOK BOWS
   [23/05/2008|08:58] C:\ProgramData\Bureau 
   [06/09/2008|18:06] C:\ProgramData\CheckPoint
   [02/11/2006|15:02] C:\ProgramData\Desktop 
   [02/11/2006|15:02] C:\ProgramData\Documents 
   [24/08/2008|21:02] C:\ProgramData\eMule
   [23/05/2008|08:58] C:\ProgramData\Favoris 
   [02/11/2006|15:02] C:\ProgramData\Favorites 
   [13/09/2008|16:19] C:\ProgramData\First Dash Hold
   [12/08/2008|15:48] C:\ProgramData\Google
   [23/05/2008|08:58] C:\ProgramData\Menu D‚marrer 
   [06/09/2008|18:18] C:\ProgramData\Messenger Plus!
   [19/09/2008|19:02] C:\ProgramData\Microsoft
   [10/07/2008|20:53] C:\ProgramData\Microsoft Help
   [23/05/2008|08:58] C:\ProgramData\ModŠles 
   [01/07/2006|20:03] C:\ProgramData\NVIDIA
   [31/08/2008|17:22] C:\ProgramData\Peak Bags Bags.aaw7du
   [31/08/2008|17:22] C:\ProgramData\Peak Bags Bags.z41hyj
   [10/07/2008|13:48] C:\ProgramData\pixelStorm
   [02/11/2006|15:02] C:\ProgramData\Start Menu 
   [23/05/2008|10:54] C:\ProgramData\Symantec
   [02/11/2006|15:02] C:\ProgramData\Templates 
   [10/09/2008|03:17] C:\ProgramData\WindowsSearch
   [01/06/2008|18:37] C:\ProgramData\WLInstaller
   [22/06/2008|12:58] C:\ProgramData\ywasvxup.hvs

   --------------------\  Listing des dossiers dans C:\Program Files

   [07/07/2008|20:34] C:\Program Files\Adobe
   [31/05/2008|22:04] C:\Program Files\Alwil Software
   [01/07/2006|19:18] C:\Program Files\Apoint2K
   [22/06/2008|21:16] C:\Program Files\AviSynth 2.5
   [22/06/2008|18:06] C:\Program Files\AVS4YOU
   [10/07/2008|20:53] C:\Program Files\Common Files
   [01/07/2006|19:17] C:\Program Files\CONEXANT
   [23/06/2008|19:18] C:\Program Files\CyberLink
   [24/08/2008|21:02] C:\Program Files\eMule
   [23/05/2008|08:58] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [12/08/2008|21:41] C:\Program Files\Google
   [23/06/2008|19:18] C:\Program Files\InstallShield Installation Information
   [20/08/2008|11:56] C:\Program Files\Internet Explorer
   [01/07/2006|19:45] C:\Program Files\InterVideo
   [12/08/2008|15:46] C:\Program Files\Java
   [04/06/2008|17:28] C:\Program Files\K-Lite Codec Pack
   [07/06/2008|15:08] C:\Program Files\Learning Essentials
   [06/09/2008|14:55] C:\Program Files\Messenger Plus! Live
   [01/06/2008|23:41] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [02/11/2006|14:37] C:\Program Files\Microsoft Games
   [10/07/2008|20:53] C:\Program Files\Microsoft Office
   [10/07/2008|21:08] C:\Program Files\Microsoft Works
   [20/08/2008|11:56] C:\Program Files\Movie Maker
   [02/11/2006|14:37] C:\Program Files\MSBuild
   [01/07/2006|19:21] C:\Program Files\MSXML 4.0
   [01/07/2006|19:29] C:\Program Files\Nero
   [10/07/2008|20:58] C:\Program Files\OpenOffice.org 2.4
   [10/07/2008|20:57] C:\Program Files\OpenOffice.org 2.4 (fr) Installation Files
   [04/06/2008|17:13] C:\Program Files\PhotoFiltre
   [04/06/2008|17:14] C:\Program Files\PhotoScape
   [01/07/2006|19:18] C:\Program Files\Power Manager
   [02/11/2006|14:37] C:\Program Files\Reference Assemblies
   [22/06/2008|19:03] C:\Program Files\Search Settings
   [19/09/2008|20:50] C:\Program Files\Sunbelt Software
   [14/09/2008|12:20] C:\Program Files\Trend Micro
   [02/11/2006|15:01] C:\Program Files\Uninstall Information
   [21/08/2008|19:35] C:\Program Files\VirginMega
   [20/08/2008|11:56] C:\Program Files\Windows Calendar
   [20/08/2008|11:56] C:\Program Files\Windows Collaboration
   [20/08/2008|11:56] C:\Program Files\Windows Defender
   [20/08/2008|11:56] C:\Program Files\Windows Journal
   [22/06/2008|13:28] C:\Program Files\Windows Live
   [20/08/2008|11:56] C:\Program Files\Windows Mail
   [20/08/2008|11:56] C:\Program Files\Windows Media Player
   [23/05/2008|08:58] C:\Program Files\Windows NT
   [20/08/2008|11:56] C:\Program Files\Windows Photo Gallery
   [20/08/2008|11:56] C:\Program Files\Windows Sidebar
   [06/09/2008|18:06] C:\Program Files\Zone Labs

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [21/06/2008|16:07] C:\Program Files\Common Files\Adobe
   [10/07/2008|21:14] C:\Program Files\Common Files\Ahead
   [22/06/2008|18:06] C:\Program Files\Common Files\AVSMedia
   [01/07/2006|19:50] C:\Program Files\Common Files\Fujitsu Siemens Computers
   [23/06/2008|19:19] C:\Program Files\Common Files\InstallShield
   [01/07/2006|19:45] C:\Program Files\Common Files\InterVideo
   [02/07/2008|00:47] C:\Program Files\Common Files\Java
   [19/09/2008|19:03] C:\Program Files\Common Files\microsoft shared
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [23/05/2008|11:10] C:\Program Files\Common Files\Symantec Shared
   [20/08/2008|11:56] C:\Program Files\Common Files\System
   [01/06/2008|18:47] C:\Program Files\Common Files\WindowsLiveInstaller

   --------------------\  Process

   ( 69 Processes )

   iexplore.exe ~ [PID:2496]
   iexplore.exe ~ [PID:1496]

   --------------------\  Recherche avec S_Lop

   C:\ProgramData\Peak Bags Bags.aaw7du
   C:\ProgramData\Peak Bags Bags.z41hyj
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\ProgramData\BONE ABOUT BOOK BOWS
   C:\ProgramData\BONE ABOUT BOOK BOWS\Media book.exe
   C:\Users\MRLEBR~1\AppData\Roaming\MICROS~1\Windows\Cookies\mr_lebreton@adopt.euroclick[1].txt
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "Dog Store"="\"C:\ProgramData\Peak Bags Bags.z41hyj\""

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-09-19 21:30:54
   Windows 6.0.6001 Service Pack 1 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 977
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:119][D:8]-> C:\Users\MRLEBR~1\AppData\Local\Temp
   [F:82][D:1]-> C:\Users\MRLEBR~1\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:33][D:4]-> C:\Users\MRLEBR~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:5][D:3]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - 19/09/2008|21:24 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 19/09/2008|21:32 - Option : [1]

   --------------------\  Fin du rapport a 21:32:19
   [ UAC => 1 ]

Page de pub CiD au secours

10 réponses

Discussions similaires

Newsletters