Rapport Hijackthis - Pop Up CiD
Tags :
- Hijackthis
-
Sécurité
Dernière réponse : dans Sécurité et virus
SvR-Kage
19 Septembre 2008 13:12:01
Voici depuis quelque jours que je suis littéralement bombardé par des pop up CiD qui gene ma navigation. J'ai fait des recherches sur le net afin de le supprimer et j'ai trouver un bon tuto ICI
Si j'ai bien suivit le tuto, il faut que je colle mon rapport Hijackthis sur ce sujet
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:13, on 19/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\ATKKBService.exe
H:\WINDOWS\System32\cisvc.exe
H:\Program Files\NavNT\defwatch.exe
H:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
H:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
H:\Program Files\Microsoft LifeCam\MSCamS32.exe
H:\Program Files\NavNT\rtvscan.exe
H:\WINDOWS\System32\nvsvc32.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\Program Files\Webroot\Washer\WasherSvc.exe
H:\WINDOWS\system32\MsgSys.EXE
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\system32\RunDLL32.exe
H:\Program Files\Multimedia Card Reader\shwicon2k.exe
H:\WINDOWS\vVX1000.exe
H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
H:\Program Files\QuickTime\QTTask.exe
H:\Program Files\Quran_AR\Quran_AR.exe
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Windows Live\Messenger\msnmsgr.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
H:\WINDOWS\system32\cidaemon.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://mmjb.musicmatch.com/mmjb/process.cgi?REQUEST=PUR...{99F12EDC-A0C8-42EF-B674-C9E5F311B8CD}&grant=1&VERSION=9.00.0128SANDISK&OEM=SANDISK&OOEM=SANDISK&LANG=ENU&COUNTRY=UNITED%20STATES&EXPLICITFILTER=0&DID=999995926
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: O??? C????C? C???? - {A1502779-6D88-4958-8AD3-83C12D86ADC7} - H:\Program Files\islamtoday.dll
O4 - HKLM\..\Run: [PHIME2002ASync] "H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" H:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sunkist2k] "H:\Program Files\Multimedia Card Reader\shwicon2k.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LifeCam] "H:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] H:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Quran_AR] H:\Program Files\Quran_AR\Quran_AR.exe
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "H:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - H:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - H:\WINDOWS\ATKKBService.exe
O23 - Service: DefWatch - Symantec Corporation - H:\Program Files\NavNT\defwatch.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - H:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: GhostStartService - Symantec Corporation - H:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - H:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - H:\Program Files\Webroot\Washer\WasherSvc.exe
--
End of file - 8597 bytes
Si j'ai bien suivit le tuto, il faut que je colle mon rapport Hijackthis sur ce sujet
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:13, on 19/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\ATKKBService.exe
H:\WINDOWS\System32\cisvc.exe
H:\Program Files\NavNT\defwatch.exe
H:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
H:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
H:\Program Files\Microsoft LifeCam\MSCamS32.exe
H:\Program Files\NavNT\rtvscan.exe
H:\WINDOWS\System32\nvsvc32.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\Program Files\Webroot\Washer\WasherSvc.exe
H:\WINDOWS\system32\MsgSys.EXE
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\system32\RunDLL32.exe
H:\Program Files\Multimedia Card Reader\shwicon2k.exe
H:\WINDOWS\vVX1000.exe
H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
H:\Program Files\QuickTime\QTTask.exe
H:\Program Files\Quran_AR\Quran_AR.exe
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Windows Live\Messenger\msnmsgr.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
H:\WINDOWS\system32\cidaemon.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://mmjb.musicmatch.com/mmjb/process.cgi?REQUEST=PUR...{99F12EDC-A0C8-42EF-B674-C9E5F311B8CD}&grant=1&VERSION=9.00.0128SANDISK&OEM=SANDISK&OOEM=SANDISK&LANG=ENU&COUNTRY=UNITED%20STATES&EXPLICITFILTER=0&DID=999995926
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: O??? C????C? C???? - {A1502779-6D88-4958-8AD3-83C12D86ADC7} - H:\Program Files\islamtoday.dll
O4 - HKLM\..\Run: [PHIME2002ASync] "H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" H:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sunkist2k] "H:\Program Files\Multimedia Card Reader\shwicon2k.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LifeCam] "H:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] H:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Quran_AR] H:\Program Files\Quran_AR\Quran_AR.exe
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "H:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - H:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - H:\WINDOWS\ATKKBService.exe
O23 - Service: DefWatch - Symantec Corporation - H:\Program Files\NavNT\defwatch.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - H:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: GhostStartService - Symantec Corporation - H:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - H:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - H:\Program Files\Webroot\Washer\WasherSvc.exe
--
End of file - 8597 bytes
Autres pages sur : rapport hijackthis pop cid
Bonjour,
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de LopS&D.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré (C:\lopR.txt*)
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
SvR-Kage
20 Septembre 2008 23:00:05
Voici le rapport généré et merci de m'aider
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
"H:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 20/09/2008|22:57 )
--------------------\\ Listing des dossiers dans APPLIC~1
[07/03/2007|14:41] H:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/03/2007|15:59] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/07/2007|01:43] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10/07/2007|01:42] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[09/01/2008|20:26] H:\DOCUME~1\ALLUSE~1\APPLIC~1\erreurchasseur
[14/08/2007|23:02] H:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[06/07/2007|20:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/09/2008|19:58] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site
[21/10/2007|16:27] H:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[31/05/2008|11:32] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[21/03/2008|17:48] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/03/2007|14:41] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/03/2007|23:03] H:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[17/10/2007|00:14] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[20/03/2007|21:23] H:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/03/2007|22:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[09/03/2007|17:24] H:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[09/01/2008|20:25] H:\DOCUME~1\ALLUSE~1\APPLIC~1\SalesMon
[07/03/2008|21:57] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[19/09/2008|15:54] H:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[07/03/2007|17:47] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[10/10/2007|10:23] H:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/11/2007|15:54] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot
[05/07/2007|19:25] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/07/2007|01:00] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[11/07/2007|23:18] H:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[11/07/2007|23:17] H:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/07/2007|13:04] H:\DOCUME~1\ALLUSE~1\APPLIC~1\YAHOO
[22/07/2007|19:41] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[07/03/2007|14:41] H:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[17/03/2007|17:43] H:\DOCUME~1\LOCALS~1\APPLIC~1\Ahead
[24/08/2007|23:35] H:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[04/09/2007|17:51] H:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[07/03/2007|14:41] H:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[17/11/2007|16:04] H:\DOCUME~1\LOCALS~1\APPLIC~1\Real
[09/03/2007|21:14] H:\DOCUME~1\ADMIN\APPLIC~1\Adobe
[11/03/2007|22:54] H:\DOCUME~1\ADMIN\APPLIC~1\AdobeUM
[07/03/2007|18:03] H:\DOCUME~1\ADMIN\APPLIC~1\Ahead
[03/10/2007|22:55] H:\DOCUME~1\ADMIN\APPLIC~1\AlMAdinahMushaf
[15/03/2008|00:10] H:\DOCUME~1\ADMIN\APPLIC~1\Antispyware
[10/07/2007|01:44] H:\DOCUME~1\ADMIN\APPLIC~1\Apple Computer
[02/10/2007|13:45] H:\DOCUME~1\ADMIN\APPLIC~1\BSplayer
[02/10/2007|13:45] H:\DOCUME~1\ADMIN\APPLIC~1\BSplayer Pro
[15/03/2007|22:49] H:\DOCUME~1\ADMIN\APPLIC~1\Datalayer
[11/03/2007|10:12] H:\DOCUME~1\ADMIN\APPLIC~1\dvdcss
[09/01/2008|20:31] H:\DOCUME~1\ADMIN\APPLIC~1\erreurchasseur
[05/09/2008|19:58] H:\DOCUME~1\ADMIN\APPLIC~1\Exit soft
[06/07/2007|20:01] H:\DOCUME~1\ADMIN\APPLIC~1\Google
[15/03/2007|12:32] H:\DOCUME~1\ADMIN\APPLIC~1\Help
[07/03/2007|13:02] H:\DOCUME~1\ADMIN\APPLIC~1\Identities
[05/10/2007|01:02] H:\DOCUME~1\ADMIN\APPLIC~1\ivivo
[08/03/2007|17:29] H:\DOCUME~1\ADMIN\APPLIC~1\Lavasoft
[12/03/2007|22:07] H:\DOCUME~1\ADMIN\APPLIC~1\Leadertech
[08/03/2007|17:39] H:\DOCUME~1\ADMIN\APPLIC~1\Macromedia
[07/03/2007|14:41] H:\DOCUME~1\ADMIN\APPLIC~1\Microsoft
[08/03/2007|17:42] H:\DOCUME~1\ADMIN\APPLIC~1\Mozilla
[20/03/2007|23:03] H:\DOCUME~1\ADMIN\APPLIC~1\MSN6
[17/10/2007|00:19] H:\DOCUME~1\ADMIN\APPLIC~1\Nero
[11/03/2007|23:58] H:\DOCUME~1\ADMIN\APPLIC~1\Nokia
[14/10/2007|23:51] H:\DOCUME~1\ADMIN\APPLIC~1\Nokia Multimedia Player
[27/12/2007|20:31] H:\DOCUME~1\ADMIN\APPLIC~1\Orbit
[11/10/2007|02:28] H:\DOCUME~1\ADMIN\APPLIC~1\PC Suite
[09/07/2007|09:36] H:\DOCUME~1\ADMIN\APPLIC~1\Real
[02/08/2008|22:33] H:\DOCUME~1\ADMIN\APPLIC~1\shamela
[07/03/2008|21:58] H:\DOCUME~1\ADMIN\APPLIC~1\Skype
[07/03/2008|22:03] H:\DOCUME~1\ADMIN\APPLIC~1\skypePM
[03/10/2007|15:54] H:\DOCUME~1\ADMIN\APPLIC~1\Sony
[26/10/2007|21:38] H:\DOCUME~1\ADMIN\APPLIC~1\StarOffice8
[08/03/2007|17:35] H:\DOCUME~1\ADMIN\APPLIC~1\Sun
[08/03/2007|18:16] H:\DOCUME~1\ADMIN\APPLIC~1\Symantec
[08/03/2007|17:42] H:\DOCUME~1\ADMIN\APPLIC~1\Talkback
[08/03/2007|17:23] H:\DOCUME~1\ADMIN\APPLIC~1\vlc
[07/03/2007|17:12] H:\DOCUME~1\ADMIN\APPLIC~1\Webroot
[21/10/2007|00:27] H:\DOCUME~1\ADMIN\APPLIC~1\Windows Desktop Search
[03/09/2007|01:43] H:\DOCUME~1\ADMIN\APPLIC~1\WinRAR
[22/07/2007|19:36] H:\DOCUME~1\ADMIN\APPLIC~1\Yahoo!
[17/03/2007|12:52] H:\DOCUME~1\USER1\APPLIC~1\Adobe
[13/03/2007|20:32] H:\DOCUME~1\USER1\APPLIC~1\Ahead
[14/09/2007|12:52] H:\DOCUME~1\USER1\APPLIC~1\Apple Computer
[05/10/2007|18:54] H:\DOCUME~1\USER1\APPLIC~1\Babylon
[09/12/2007|23:22] H:\DOCUME~1\USER1\APPLIC~1\BSplayer
[05/09/2008|23:42] H:\DOCUME~1\USER1\APPLIC~1\Exit soft
[03/09/2007|17:01] H:\DOCUME~1\USER1\APPLIC~1\Google
[08/03/2007|18:08] H:\DOCUME~1\USER1\APPLIC~1\Identities
[12/07/2007|22:20] H:\DOCUME~1\USER1\APPLIC~1\Macromedia
[17/03/2007|12:44] H:\DOCUME~1\USER1\APPLIC~1\Media Player Classic
[07/03/2007|14:41] H:\DOCUME~1\USER1\APPLIC~1\Microsoft
[17/03/2007|12:44] H:\DOCUME~1\USER1\APPLIC~1\Mozilla
[20/03/2008|20:28] H:\DOCUME~1\USER1\APPLIC~1\MSN6
[17/10/2007|18:57] H:\DOCUME~1\USER1\APPLIC~1\Nero
[13/03/2007|20:20] H:\DOCUME~1\USER1\APPLIC~1\Nokia Multimedia Player
[13/03/2007|19:42] H:\DOCUME~1\USER1\APPLIC~1\PC Suite
[09/07/2007|11:39] H:\DOCUME~1\USER1\APPLIC~1\Real
[17/03/2007|12:44] H:\DOCUME~1\USER1\APPLIC~1\Talkback
[29/09/2007|13:10] H:\DOCUME~1\USER1\APPLIC~1\VersionTracker Pro
[08/08/2007|18:04] H:\DOCUME~1\USER1\APPLIC~1\vlc
[03/09/2007|17:01] H:\DOCUME~1\USER1\APPLIC~1\Yahoo!
[14/03/2007|18:46] H:\DOCUME~1\USER2\APPLIC~1\Adobe
[05/09/2008|22:11] H:\DOCUME~1\USER2\APPLIC~1\Exit soft
[11/08/2007|12:40] H:\DOCUME~1\USER2\APPLIC~1\Google
[24/03/2007|12:07] H:\DOCUME~1\USER2\APPLIC~1\Help
[08/03/2007|18:09] H:\DOCUME~1\USER2\APPLIC~1\Identities
[22/03/2007|17:13] H:\DOCUME~1\USER2\APPLIC~1\Lavasoft
[14/03/2007|18:46] H:\DOCUME~1\USER2\APPLIC~1\Leadertech
[06/07/2007|15:13] H:\DOCUME~1\USER2\APPLIC~1\Macromedia
[27/05/2007|09:36] H:\DOCUME~1\USER2\APPLIC~1\Media Player Classic
[07/03/2007|14:41] H:\DOCUME~1\USER2\APPLIC~1\Microsoft
[18/12/2007|18:06] H:\DOCUME~1\USER2\APPLIC~1\Mozilla
[12/09/2008|13:53] H:\DOCUME~1\USER2\APPLIC~1\MSN6
[17/10/2007|07:09] H:\DOCUME~1\USER2\APPLIC~1\Nero
[28/05/2007|10:19] H:\DOCUME~1\USER2\APPLIC~1\Nokia
[03/01/2008|17:05] H:\DOCUME~1\USER2\APPLIC~1\Orbit
[12/03/2007|18:51] H:\DOCUME~1\USER2\APPLIC~1\PC Suite
[12/07/2007|22:17] H:\DOCUME~1\USER2\APPLIC~1\Real
[14/04/2008|14:45] H:\DOCUME~1\USER2\APPLIC~1\Skype
[11/02/2008|12:42] H:\DOCUME~1\USER2\APPLIC~1\Sun
[19/09/2008|15:54] H:\DOCUME~1\USER2\APPLIC~1\SUPERAntiSpyware.com
[01/10/2007|14:47] H:\DOCUME~1\USER2\APPLIC~1\VersionTracker Pro
[14/09/2008|20:55] H:\DOCUME~1\USER2\APPLIC~1\Windows Desktop Search
[02/04/2008|22:46] H:\DOCUME~1\USER2\APPLIC~1\WinRAR
[11/08/2007|12:40] H:\DOCUME~1\USER2\APPLIC~1\Yahoo!
[05/07/2007|15:54] H:\DOCUME~1\INVITگ\APPLIC~1\Adobe
[11/07/2007|09:05] H:\DOCUME~1\INVITگ\APPLIC~1\Apple Computer
[07/07/2007|10:01] H:\DOCUME~1\INVITگ\APPLIC~1\Google
[05/07/2007|19:00] H:\DOCUME~1\INVITگ\APPLIC~1\Help
[08/03/2007|18:10] H:\DOCUME~1\INVITگ\APPLIC~1\Identities
[22/05/2007|19:16] H:\DOCUME~1\INVITگ\APPLIC~1\Macromedia
[23/03/2007|20:50] H:\DOCUME~1\INVITگ\APPLIC~1\Media Player Classic
[07/03/2007|14:41] H:\DOCUME~1\INVITگ\APPLIC~1\Microsoft
[21/07/2007|21:41] H:\DOCUME~1\INVITگ\APPLIC~1\Mozilla
[11/07/2007|09:04] H:\DOCUME~1\INVITگ\APPLIC~1\MSN6
[06/11/2007|20:20] H:\DOCUME~1\INVITگ\APPLIC~1\Nero
[23/03/2007|21:19] H:\DOCUME~1\INVITگ\APPLIC~1\Nokia
[12/03/2007|21:32] H:\DOCUME~1\INVITگ\APPLIC~1\PC Suite
[10/07/2007|18:28] H:\DOCUME~1\INVITگ\APPLIC~1\Real
[22/07/2007|01:13] H:\DOCUME~1\INVITگ\APPLIC~1\Sun
[30/09/2007|09:34] H:\DOCUME~1\INVITگ\APPLIC~1\VersionTracker Pro
[22/07/2007|14:29] H:\DOCUME~1\INVITگ\APPLIC~1\vlc
[22/07/2007|19:16] H:\DOCUME~1\INVITگ\APPLIC~1\Yahoo!
--------------------\\ Tâches planifiées dans H:\WINDOWS\tasks
[20/09/2008 22:00][--ah-----] H:\WINDOWS\tasks\AED47ABF906BEED3.job
[20/09/2008 22:00][--ah-----] H:\WINDOWS\tasks\B94C145E932B861E.job
[16/09/2008 21:43][--a------] H:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/09/2008 03:00][--a------] H:\WINDOWS\tasks\Antispyware Scheduled Scan.job
[20/09/2008 22:55][--ah-----] H:\WINDOWS\tasks\User_Feed_Synchronization-{C4491E0A-C5B2-4B76-8487-D4FFA65EC508}.job
[20/09/2008 22:45][--ah-----] H:\WINDOWS\tasks\User_Feed_Synchronization-{E28D1466-14DA-4C55-80F2-CD772981E353}.job
[20/09/2008 07:44][--ah-----] H:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][---h-----] H:\WINDOWS\tasks\desktop.ini
( B94C145E932B861E.job )=( h:\docume~1\admin\applic~1\exitso~1\waitstupidokay.exe )
( AED47ABF906BEED3.job )=( h:\docume~1\user2\applic~1\exitso~1\waitstupidokay.exe )
--------------------\\ Listing des dossiers dans H:\Program Files
[28/10/2007|14:08] H:\Program Files\3B Software
[08/03/2007|15:57] H:\Program Files\Adobe
[10/11/2007|13:59] H:\Program Files\Ahead
[15/03/2008|00:10] H:\Program Files\AntiSpywareApp
[18/05/2008|20:57] H:\Program Files\ARTICLES
[14/07/2007|01:43] H:\Program Files\AskTBar
[07/03/2007|13:21] H:\Program Files\ASUS
[13/08/2007|22:20] H:\Program Files\Athan
[05/10/2007|09:29] H:\Program Files\Babylon
[09/03/2007|18:10] H:\Program Files\Borland
[26/10/2007|22:37] H:\Program Files\Cache
[31/10/2007|19:43] H:\Program Files\CCleaner
[05/09/2008|19:57] H:\Program Files\Circle Developement
[09/03/2007|12:11] H:\Program Files\Common Files
[07/03/2007|12:55] H:\Program Files\ComPlus Applications
[18/05/2008|20:57] H:\Program Files\DATA
[09/03/2007|11:26] H:\Program Files\Disney Interactive
[24/10/2007|19:08] H:\Program Files\DJKSOFT
[21/03/2007|17:33] H:\Program Files\EPSON
[18/09/2008|16:39] H:\Program Files\Exit soft
[04/10/2007|02:03] H:\Program Files\Extension Changer
[11/07/2007|09:52] H:\Program Files\Far
[07/03/2007|14:41] H:\Program Files\Fichiers communs
[18/05/2008|20:57] H:\Program Files\font
[22/05/2007|19:16] H:\Program Files\Free
[05/07/2007|15:55] H:\Program Files\FreeDial
[09/03/2007|12:11] H:\Program Files\FUTURE HORIZONS
[01/01/2008|20:24] H:\Program Files\Future Horizons Company
[07/03/2007|13:21] H:\Program Files\GameFace Messenger
[06/07/2007|20:01] H:\Program Files\Google
[29/07/2007|07:38] H:\Program Files\Illustrate
[07/03/2007|13:11] H:\Program Files\InstallShield Installation Information
[07/03/2007|12:56] H:\Program Files\Internet Explorer
[08/03/2007|17:18] H:\Program Files\IrfanView
[10/08/2007|20:26] H:\Program Files\IslamicPlayer
[05/10/2007|01:01] H:\Program Files\iViVo
[08/03/2007|17:34] H:\Program Files\Java
[07/03/2007|12:55] H:\Program Files\Messenger
[21/03/2008|17:44] H:\Program Files\Messenger Plus! Live
[06/05/2007|00:45] H:\Program Files\Micro Application
[07/03/2007|12:58] H:\Program Files\microsoft frontpage
[29/12/2007|16:04] H:\Program Files\Microsoft LifeCam
[07/03/2007|16:55] H:\Program Files\Microsoft Office
[14/11/2007|23:07] H:\Program Files\Microsoft SQL Server Compact Edition
[07/03/2007|16:56] H:\Program Files\Microsoft Visual Studio
[27/08/2007|17:28] H:\Program Files\Mindscape
[15/09/2007|09:06] H:\Program Files\moshaf alsedeeq
[07/03/2007|12:56] H:\Program Files\Movie Maker
[08/03/2007|17:42] H:\Program Files\Mozilla Firefox
[15/07/2007|08:53] H:\Program Files\MSBuild
[07/03/2007|12:55] H:\Program Files\MSN
[07/03/2007|12:55] H:\Program Files\MSN Gaming Zone
[05/07/2007|16:01] H:\Program Files\MSXML 4.0
[15/07/2007|08:56] H:\Program Files\MSXML 6.0
[07/03/2007|15:29] H:\Program Files\Multimedia Card Reader
[09/03/2007|21:07] H:\Program Files\Musicmatch
[07/03/2007|13:15] H:\Program Files\My Company Name
[07/03/2007|17:47] H:\Program Files\NavNT
[07/03/2007|18:02] H:\Program Files\Nero
[07/03/2007|12:56] H:\Program Files\NetMeeting
[07/03/2007|12:56] H:\Program Files\Outlook Express
[08/03/2007|18:00] H:\Program Files\Paragon Software
[15/07/2007|14:41] H:\Program Files\PocketRAR
[19/09/2008|17:20] H:\Program Files\Popup Manager
[09/03/2007|17:24] H:\Program Files\QuickTime
[12/07/2008|10:14] H:\Program Files\Quran Kareem
[07/10/2007|09:38] H:\Program Files\Quran_AR
[09/07/2007|09:40] H:\Program Files\Real
[16/02/2008|22:44] H:\Program Files\Real_SC
[07/03/2007|16:15] H:\Program Files\Realtek
[15/07/2007|08:49] H:\Program Files\Reference Assemblies
[09/03/2007|10:28] H:\Program Files\safeer
[07/03/2007|12:55] H:\Program Files\Services en ligne
[07/03/2008|21:57] H:\Program Files\Skype
[13/09/2007|15:14] H:\Program Files\SlySoft
[10/10/2007|01:29] H:\Program Files\Sony Setup
[22/10/2007|22:24] H:\Program Files\Sun
[19/09/2008|15:54] H:\Program Files\SUPERAntiSpyware
[07/03/2007|17:47] H:\Program Files\Symantec
[16/08/2008|00:14] H:\Program Files\The KMPlayer
[19/09/2008|01:43] H:\Program Files\Trend Micro
[07/03/2007|13:02] H:\Program Files\Uninstall Information
[18/05/2008|21:08] H:\Program Files\USERS
[19/09/2007|10:51] H:\Program Files\uTorrent
[07/03/2007|16:13] H:\Program Files\VIA
[08/03/2007|17:23] H:\Program Files\VideoLAN
[18/05/2008|20:57] H:\Program Files\WAVE
[07/03/2007|17:12] H:\Program Files\Webroot
[07/03/2007|17:11] H:\Program Files\Webteh
[07/03/2007|17:02] H:\Program Files\WinAce
[17/09/2007|18:31] H:\Program Files\Winamp
[06/08/2008|23:15] H:\Program Files\Winamp Remote
[21/10/2007|00:02] H:\Program Files\Windows Desktop Search
[11/07/2007|23:17] H:\Program Files\Windows Live
[12/07/2007|19:58] H:\Program Files\Windows Live Safety Center
[06/07/2007|01:00] H:\Program Files\Windows Live Toolbar
[13/07/2007|11:05] H:\Program Files\Windows Media Connect 2
[07/03/2007|12:56] H:\Program Files\Windows Media Player
[07/03/2007|12:55] H:\Program Files\Windows NT
[07/03/2007|12:55] H:\Program Files\WindowsUpdate
[11/07/2007|09:48] H:\Program Files\WinRAR
[07/03/2007|17:03] H:\Program Files\WinZip
[07/03/2007|12:58] H:\Program Files\xerox
[03/08/2008|11:22] H:\Program Files\XP Repair Pro 2007
[07/03/2007|17:05] H:\Program Files\xp-AntiSpy
[31/10/2007|19:43] H:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans H:\Program Files\Fichiers communs
[09/07/2007|23:34] H:\Program Files\Fichiers communs\Adobe
[07/03/2007|18:02] H:\Program Files\Fichiers communs\Ahead
[07/03/2007|16:56] H:\Program Files\Fichiers communs\Designer
[21/03/2007|17:36] H:\Program Files\Fichiers communs\EPSON
[09/01/2008|20:25] H:\Program Files\Fichiers communs\ErreurChasseur
[07/03/2007|13:09] H:\Program Files\Fichiers communs\InstallShield
[22/10/2007|22:22] H:\Program Files\Fichiers communs\Java
[07/03/2007|14:41] H:\Program Files\Fichiers communs\Microsoft Shared
[07/03/2007|12:56] H:\Program Files\Fichiers communs\MSSoap
[13/07/2008|11:43] H:\Program Files\Fichiers communs\Nero
[11/10/2007|02:24] H:\Program Files\Fichiers communs\Nokia
[18/10/2007|21:24] H:\Program Files\Fichiers communs\NSV
[07/03/2007|14:41] H:\Program Files\Fichiers communs\ODBC
[11/10/2007|02:24] H:\Program Files\Fichiers communs\PCSuite
[09/07/2007|09:40] H:\Program Files\Fichiers communs\Real
[07/02/2008|23:31] H:\Program Files\Fichiers communs\Scanner
[07/03/2007|12:56] H:\Program Files\Fichiers communs\Services
[15/06/2008|23:27] H:\Program Files\Fichiers communs\Skype
[07/03/2007|14:41] H:\Program Files\Fichiers communs\SpeechEngines
[07/03/2007|17:47] H:\Program Files\Fichiers communs\Symantec Shared
[07/03/2007|12:56] H:\Program Files\Fichiers communs\System
[07/03/2007|17:12] H:\Program Files\Fichiers communs\Webroot Shared
[14/11/2007|22:51] H:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/09/2008|15:53] H:\Program Files\Fichiers communs\Wise Installation Wizard
[27/02/2008|16:24] H:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 63 Processes )
IEXPLORE.EXE ~ [PID:3936]
IEXPLORE.EXE ~ [PID:2468]
iexplore.exe ~ [PID:4208]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site
H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\For anti.exe
H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\Default Skip.exe
H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1
H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1\eozqmlnt.exe
H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1\SIZE BROWSE ACTIVE WAVE.exe
H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1\wait stupid okay.exe
H:\DOCUME~1\USER1\APPLIC~1\exitso~1
H:\DOCUME~1\USER2\APPLIC~1\exitso~1
H:\DOCUME~1\USER2\APPLIC~1\exitso~1\Bait Bike.exe
H:\DOCUME~1\USER2\APPLIC~1\exitso~1\atbssrul.exe
H:\DOCUME~1\USER2\APPLIC~1\exitso~1\SIZE BROWSE ACTIVE WAVE.exe
H:\DOCUME~1\USER2\APPLIC~1\exitso~1\wait stupid okay.exe
H:\Program Files\exitso~1
H:\Program Files\Circle Developement
H:\Program Files\Circle Developement\Uninstall.exe
H:\DOCUME~1\User2\Cookies\user2@advertising[2].txt
H:\DOCUME~1\User2\Cookies\user2@bigpoint[1].txt
H:\DOCUME~1\User2\Cookies\user2@fr1.darkorbit.bigpoint[1].txt
H:\DOCUME~1\User2\Cookies\user2@banner.cotedazurpalace[2].txt
H:\DOCUME~1\User2\Cookies\user2@cotedazurpalace[2].txt
H:\DOCUME~1\User2\Cookies\user2@adopt.euroclick[1].txt
H:\DOCUME~1\User2\Cookies\user2@pacificpoker[1].txt
H:\DOCUME~1\User2\Cookies\user2@32vegas[1].txt
H:\DOCUME~1\User2\Cookies\user2@banner.32vegas[2].txt
H:\WINDOWS\Tasks\B94C145E932B861E.job
H:\WINDOWS\Tasks\AED47ABF906BEED3.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bolt spam"="H:\\DOCUME~1\\User2\\APPLIC~1\\EXITSO~1\\Bait Bike.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 23:00:02
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
H:\WINDOWS\System32\nvs2.inf
H:\WINDOWS\System32\nekraixfmb.dat
H:\WINDOWS\System32\nekraixfmb_navps.dat
H:\WINDOWS\System32\nekraixfmb_nav.dat
==> EGDACCESS <==
[F:1194][D:32]-> H:\DOCUME~1\User2\LOCALS~1\Temp
[F:135][D:0]-> H:\DOCUME~1\User2\Cookies
[F:4914][D:16]-> H:\DOCUME~1\User2\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> H:\Recycled
1 - "H:\Lop SD\LopR_1.txt" - 19/09/2008|13:21 - Option : [1]
2 - "H:\Lop SD\LopR_2.txt" - 20/09/2008|23:01 - Option : [1]
--------------------\\ Fin du rapport a 23:01:33
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
"H:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 20/09/2008|22:57 )
--------------------\\ Listing des dossiers dans APPLIC~1
[07/03/2007|14:41] H:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/03/2007|15:59] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/07/2007|01:43] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10/07/2007|01:42] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[09/01/2008|20:26] H:\DOCUME~1\ALLUSE~1\APPLIC~1\erreurchasseur
[14/08/2007|23:02] H:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[06/07/2007|20:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/09/2008|19:58] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site
[21/10/2007|16:27] H:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[31/05/2008|11:32] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[21/03/2008|17:48] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/03/2007|14:41] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/03/2007|23:03] H:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[17/10/2007|00:14] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[20/03/2007|21:23] H:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/03/2007|22:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[09/03/2007|17:24] H:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[09/01/2008|20:25] H:\DOCUME~1\ALLUSE~1\APPLIC~1\SalesMon
[07/03/2008|21:57] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[19/09/2008|15:54] H:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[07/03/2007|17:47] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[10/10/2007|10:23] H:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/11/2007|15:54] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot
[05/07/2007|19:25] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/07/2007|01:00] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[11/07/2007|23:18] H:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[11/07/2007|23:17] H:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/07/2007|13:04] H:\DOCUME~1\ALLUSE~1\APPLIC~1\YAHOO
[22/07/2007|19:41] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[07/03/2007|14:41] H:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[17/03/2007|17:43] H:\DOCUME~1\LOCALS~1\APPLIC~1\Ahead
[24/08/2007|23:35] H:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[04/09/2007|17:51] H:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[07/03/2007|14:41] H:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[17/11/2007|16:04] H:\DOCUME~1\LOCALS~1\APPLIC~1\Real
[09/03/2007|21:14] H:\DOCUME~1\ADMIN\APPLIC~1\Adobe
[11/03/2007|22:54] H:\DOCUME~1\ADMIN\APPLIC~1\AdobeUM
[07/03/2007|18:03] H:\DOCUME~1\ADMIN\APPLIC~1\Ahead
[03/10/2007|22:55] H:\DOCUME~1\ADMIN\APPLIC~1\AlMAdinahMushaf
[15/03/2008|00:10] H:\DOCUME~1\ADMIN\APPLIC~1\Antispyware
[10/07/2007|01:44] H:\DOCUME~1\ADMIN\APPLIC~1\Apple Computer
[02/10/2007|13:45] H:\DOCUME~1\ADMIN\APPLIC~1\BSplayer
[02/10/2007|13:45] H:\DOCUME~1\ADMIN\APPLIC~1\BSplayer Pro
[15/03/2007|22:49] H:\DOCUME~1\ADMIN\APPLIC~1\Datalayer
[11/03/2007|10:12] H:\DOCUME~1\ADMIN\APPLIC~1\dvdcss
[09/01/2008|20:31] H:\DOCUME~1\ADMIN\APPLIC~1\erreurchasseur
[05/09/2008|19:58] H:\DOCUME~1\ADMIN\APPLIC~1\Exit soft
[06/07/2007|20:01] H:\DOCUME~1\ADMIN\APPLIC~1\Google
[15/03/2007|12:32] H:\DOCUME~1\ADMIN\APPLIC~1\Help
[07/03/2007|13:02] H:\DOCUME~1\ADMIN\APPLIC~1\Identities
[05/10/2007|01:02] H:\DOCUME~1\ADMIN\APPLIC~1\ivivo
[08/03/2007|17:29] H:\DOCUME~1\ADMIN\APPLIC~1\Lavasoft
[12/03/2007|22:07] H:\DOCUME~1\ADMIN\APPLIC~1\Leadertech
[08/03/2007|17:39] H:\DOCUME~1\ADMIN\APPLIC~1\Macromedia
[07/03/2007|14:41] H:\DOCUME~1\ADMIN\APPLIC~1\Microsoft
[08/03/2007|17:42] H:\DOCUME~1\ADMIN\APPLIC~1\Mozilla
[20/03/2007|23:03] H:\DOCUME~1\ADMIN\APPLIC~1\MSN6
[17/10/2007|00:19] H:\DOCUME~1\ADMIN\APPLIC~1\Nero
[11/03/2007|23:58] H:\DOCUME~1\ADMIN\APPLIC~1\Nokia
[14/10/2007|23:51] H:\DOCUME~1\ADMIN\APPLIC~1\Nokia Multimedia Player
[27/12/2007|20:31] H:\DOCUME~1\ADMIN\APPLIC~1\Orbit
[11/10/2007|02:28] H:\DOCUME~1\ADMIN\APPLIC~1\PC Suite
[09/07/2007|09:36] H:\DOCUME~1\ADMIN\APPLIC~1\Real
[02/08/2008|22:33] H:\DOCUME~1\ADMIN\APPLIC~1\shamela
[07/03/2008|21:58] H:\DOCUME~1\ADMIN\APPLIC~1\Skype
[07/03/2008|22:03] H:\DOCUME~1\ADMIN\APPLIC~1\skypePM
[03/10/2007|15:54] H:\DOCUME~1\ADMIN\APPLIC~1\Sony
[26/10/2007|21:38] H:\DOCUME~1\ADMIN\APPLIC~1\StarOffice8
[08/03/2007|17:35] H:\DOCUME~1\ADMIN\APPLIC~1\Sun
[08/03/2007|18:16] H:\DOCUME~1\ADMIN\APPLIC~1\Symantec
[08/03/2007|17:42] H:\DOCUME~1\ADMIN\APPLIC~1\Talkback
[08/03/2007|17:23] H:\DOCUME~1\ADMIN\APPLIC~1\vlc
[07/03/2007|17:12] H:\DOCUME~1\ADMIN\APPLIC~1\Webroot
[21/10/2007|00:27] H:\DOCUME~1\ADMIN\APPLIC~1\Windows Desktop Search
[03/09/2007|01:43] H:\DOCUME~1\ADMIN\APPLIC~1\WinRAR
[22/07/2007|19:36] H:\DOCUME~1\ADMIN\APPLIC~1\Yahoo!
[17/03/2007|12:52] H:\DOCUME~1\USER1\APPLIC~1\Adobe
[13/03/2007|20:32] H:\DOCUME~1\USER1\APPLIC~1\Ahead
[14/09/2007|12:52] H:\DOCUME~1\USER1\APPLIC~1\Apple Computer
[05/10/2007|18:54] H:\DOCUME~1\USER1\APPLIC~1\Babylon
[09/12/2007|23:22] H:\DOCUME~1\USER1\APPLIC~1\BSplayer
[05/09/2008|23:42] H:\DOCUME~1\USER1\APPLIC~1\Exit soft
[03/09/2007|17:01] H:\DOCUME~1\USER1\APPLIC~1\Google
[08/03/2007|18:08] H:\DOCUME~1\USER1\APPLIC~1\Identities
[12/07/2007|22:20] H:\DOCUME~1\USER1\APPLIC~1\Macromedia
[17/03/2007|12:44] H:\DOCUME~1\USER1\APPLIC~1\Media Player Classic
[07/03/2007|14:41] H:\DOCUME~1\USER1\APPLIC~1\Microsoft
[17/03/2007|12:44] H:\DOCUME~1\USER1\APPLIC~1\Mozilla
[20/03/2008|20:28] H:\DOCUME~1\USER1\APPLIC~1\MSN6
[17/10/2007|18:57] H:\DOCUME~1\USER1\APPLIC~1\Nero
[13/03/2007|20:20] H:\DOCUME~1\USER1\APPLIC~1\Nokia Multimedia Player
[13/03/2007|19:42] H:\DOCUME~1\USER1\APPLIC~1\PC Suite
[09/07/2007|11:39] H:\DOCUME~1\USER1\APPLIC~1\Real
[17/03/2007|12:44] H:\DOCUME~1\USER1\APPLIC~1\Talkback
[29/09/2007|13:10] H:\DOCUME~1\USER1\APPLIC~1\VersionTracker Pro
[08/08/2007|18:04] H:\DOCUME~1\USER1\APPLIC~1\vlc
[03/09/2007|17:01] H:\DOCUME~1\USER1\APPLIC~1\Yahoo!
[14/03/2007|18:46] H:\DOCUME~1\USER2\APPLIC~1\Adobe
[05/09/2008|22:11] H:\DOCUME~1\USER2\APPLIC~1\Exit soft
[11/08/2007|12:40] H:\DOCUME~1\USER2\APPLIC~1\Google
[24/03/2007|12:07] H:\DOCUME~1\USER2\APPLIC~1\Help
[08/03/2007|18:09] H:\DOCUME~1\USER2\APPLIC~1\Identities
[22/03/2007|17:13] H:\DOCUME~1\USER2\APPLIC~1\Lavasoft
[14/03/2007|18:46] H:\DOCUME~1\USER2\APPLIC~1\Leadertech
[06/07/2007|15:13] H:\DOCUME~1\USER2\APPLIC~1\Macromedia
[27/05/2007|09:36] H:\DOCUME~1\USER2\APPLIC~1\Media Player Classic
[07/03/2007|14:41] H:\DOCUME~1\USER2\APPLIC~1\Microsoft
[18/12/2007|18:06] H:\DOCUME~1\USER2\APPLIC~1\Mozilla
[12/09/2008|13:53] H:\DOCUME~1\USER2\APPLIC~1\MSN6
[17/10/2007|07:09] H:\DOCUME~1\USER2\APPLIC~1\Nero
[28/05/2007|10:19] H:\DOCUME~1\USER2\APPLIC~1\Nokia
[03/01/2008|17:05] H:\DOCUME~1\USER2\APPLIC~1\Orbit
[12/03/2007|18:51] H:\DOCUME~1\USER2\APPLIC~1\PC Suite
[12/07/2007|22:17] H:\DOCUME~1\USER2\APPLIC~1\Real
[14/04/2008|14:45] H:\DOCUME~1\USER2\APPLIC~1\Skype
[11/02/2008|12:42] H:\DOCUME~1\USER2\APPLIC~1\Sun
[19/09/2008|15:54] H:\DOCUME~1\USER2\APPLIC~1\SUPERAntiSpyware.com
[01/10/2007|14:47] H:\DOCUME~1\USER2\APPLIC~1\VersionTracker Pro
[14/09/2008|20:55] H:\DOCUME~1\USER2\APPLIC~1\Windows Desktop Search
[02/04/2008|22:46] H:\DOCUME~1\USER2\APPLIC~1\WinRAR
[11/08/2007|12:40] H:\DOCUME~1\USER2\APPLIC~1\Yahoo!
[05/07/2007|15:54] H:\DOCUME~1\INVITگ\APPLIC~1\Adobe
[11/07/2007|09:05] H:\DOCUME~1\INVITگ\APPLIC~1\Apple Computer
[07/07/2007|10:01] H:\DOCUME~1\INVITگ\APPLIC~1\Google
[05/07/2007|19:00] H:\DOCUME~1\INVITگ\APPLIC~1\Help
[08/03/2007|18:10] H:\DOCUME~1\INVITگ\APPLIC~1\Identities
[22/05/2007|19:16] H:\DOCUME~1\INVITگ\APPLIC~1\Macromedia
[23/03/2007|20:50] H:\DOCUME~1\INVITگ\APPLIC~1\Media Player Classic
[07/03/2007|14:41] H:\DOCUME~1\INVITگ\APPLIC~1\Microsoft
[21/07/2007|21:41] H:\DOCUME~1\INVITگ\APPLIC~1\Mozilla
[11/07/2007|09:04] H:\DOCUME~1\INVITگ\APPLIC~1\MSN6
[06/11/2007|20:20] H:\DOCUME~1\INVITگ\APPLIC~1\Nero
[23/03/2007|21:19] H:\DOCUME~1\INVITگ\APPLIC~1\Nokia
[12/03/2007|21:32] H:\DOCUME~1\INVITگ\APPLIC~1\PC Suite
[10/07/2007|18:28] H:\DOCUME~1\INVITگ\APPLIC~1\Real
[22/07/2007|01:13] H:\DOCUME~1\INVITگ\APPLIC~1\Sun
[30/09/2007|09:34] H:\DOCUME~1\INVITگ\APPLIC~1\VersionTracker Pro
[22/07/2007|14:29] H:\DOCUME~1\INVITگ\APPLIC~1\vlc
[22/07/2007|19:16] H:\DOCUME~1\INVITگ\APPLIC~1\Yahoo!
--------------------\\ Tâches planifiées dans H:\WINDOWS\tasks
[20/09/2008 22:00][--ah-----] H:\WINDOWS\tasks\AED47ABF906BEED3.job
[20/09/2008 22:00][--ah-----] H:\WINDOWS\tasks\B94C145E932B861E.job
[16/09/2008 21:43][--a------] H:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/09/2008 03:00][--a------] H:\WINDOWS\tasks\Antispyware Scheduled Scan.job
[20/09/2008 22:55][--ah-----] H:\WINDOWS\tasks\User_Feed_Synchronization-{C4491E0A-C5B2-4B76-8487-D4FFA65EC508}.job
[20/09/2008 22:45][--ah-----] H:\WINDOWS\tasks\User_Feed_Synchronization-{E28D1466-14DA-4C55-80F2-CD772981E353}.job
[20/09/2008 07:44][--ah-----] H:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][---h-----] H:\WINDOWS\tasks\desktop.ini
( B94C145E932B861E.job )=( h:\docume~1\admin\applic~1\exitso~1\waitstupidokay.exe )
( AED47ABF906BEED3.job )=( h:\docume~1\user2\applic~1\exitso~1\waitstupidokay.exe )
--------------------\\ Listing des dossiers dans H:\Program Files
[28/10/2007|14:08] H:\Program Files\3B Software
[08/03/2007|15:57] H:\Program Files\Adobe
[10/11/2007|13:59] H:\Program Files\Ahead
[15/03/2008|00:10] H:\Program Files\AntiSpywareApp
[18/05/2008|20:57] H:\Program Files\ARTICLES
[14/07/2007|01:43] H:\Program Files\AskTBar
[07/03/2007|13:21] H:\Program Files\ASUS
[13/08/2007|22:20] H:\Program Files\Athan
[05/10/2007|09:29] H:\Program Files\Babylon
[09/03/2007|18:10] H:\Program Files\Borland
[26/10/2007|22:37] H:\Program Files\Cache
[31/10/2007|19:43] H:\Program Files\CCleaner
[05/09/2008|19:57] H:\Program Files\Circle Developement
[09/03/2007|12:11] H:\Program Files\Common Files
[07/03/2007|12:55] H:\Program Files\ComPlus Applications
[18/05/2008|20:57] H:\Program Files\DATA
[09/03/2007|11:26] H:\Program Files\Disney Interactive
[24/10/2007|19:08] H:\Program Files\DJKSOFT
[21/03/2007|17:33] H:\Program Files\EPSON
[18/09/2008|16:39] H:\Program Files\Exit soft
[04/10/2007|02:03] H:\Program Files\Extension Changer
[11/07/2007|09:52] H:\Program Files\Far
[07/03/2007|14:41] H:\Program Files\Fichiers communs
[18/05/2008|20:57] H:\Program Files\font
[22/05/2007|19:16] H:\Program Files\Free
[05/07/2007|15:55] H:\Program Files\FreeDial
[09/03/2007|12:11] H:\Program Files\FUTURE HORIZONS
[01/01/2008|20:24] H:\Program Files\Future Horizons Company
[07/03/2007|13:21] H:\Program Files\GameFace Messenger
[06/07/2007|20:01] H:\Program Files\Google
[29/07/2007|07:38] H:\Program Files\Illustrate
[07/03/2007|13:11] H:\Program Files\InstallShield Installation Information
[07/03/2007|12:56] H:\Program Files\Internet Explorer
[08/03/2007|17:18] H:\Program Files\IrfanView
[10/08/2007|20:26] H:\Program Files\IslamicPlayer
[05/10/2007|01:01] H:\Program Files\iViVo
[08/03/2007|17:34] H:\Program Files\Java
[07/03/2007|12:55] H:\Program Files\Messenger
[21/03/2008|17:44] H:\Program Files\Messenger Plus! Live
[06/05/2007|00:45] H:\Program Files\Micro Application
[07/03/2007|12:58] H:\Program Files\microsoft frontpage
[29/12/2007|16:04] H:\Program Files\Microsoft LifeCam
[07/03/2007|16:55] H:\Program Files\Microsoft Office
[14/11/2007|23:07] H:\Program Files\Microsoft SQL Server Compact Edition
[07/03/2007|16:56] H:\Program Files\Microsoft Visual Studio
[27/08/2007|17:28] H:\Program Files\Mindscape
[15/09/2007|09:06] H:\Program Files\moshaf alsedeeq
[07/03/2007|12:56] H:\Program Files\Movie Maker
[08/03/2007|17:42] H:\Program Files\Mozilla Firefox
[15/07/2007|08:53] H:\Program Files\MSBuild
[07/03/2007|12:55] H:\Program Files\MSN
[07/03/2007|12:55] H:\Program Files\MSN Gaming Zone
[05/07/2007|16:01] H:\Program Files\MSXML 4.0
[15/07/2007|08:56] H:\Program Files\MSXML 6.0
[07/03/2007|15:29] H:\Program Files\Multimedia Card Reader
[09/03/2007|21:07] H:\Program Files\Musicmatch
[07/03/2007|13:15] H:\Program Files\My Company Name
[07/03/2007|17:47] H:\Program Files\NavNT
[07/03/2007|18:02] H:\Program Files\Nero
[07/03/2007|12:56] H:\Program Files\NetMeeting
[07/03/2007|12:56] H:\Program Files\Outlook Express
[08/03/2007|18:00] H:\Program Files\Paragon Software
[15/07/2007|14:41] H:\Program Files\PocketRAR
[19/09/2008|17:20] H:\Program Files\Popup Manager
[09/03/2007|17:24] H:\Program Files\QuickTime
[12/07/2008|10:14] H:\Program Files\Quran Kareem
[07/10/2007|09:38] H:\Program Files\Quran_AR
[09/07/2007|09:40] H:\Program Files\Real
[16/02/2008|22:44] H:\Program Files\Real_SC
[07/03/2007|16:15] H:\Program Files\Realtek
[15/07/2007|08:49] H:\Program Files\Reference Assemblies
[09/03/2007|10:28] H:\Program Files\safeer
[07/03/2007|12:55] H:\Program Files\Services en ligne
[07/03/2008|21:57] H:\Program Files\Skype
[13/09/2007|15:14] H:\Program Files\SlySoft
[10/10/2007|01:29] H:\Program Files\Sony Setup
[22/10/2007|22:24] H:\Program Files\Sun
[19/09/2008|15:54] H:\Program Files\SUPERAntiSpyware
[07/03/2007|17:47] H:\Program Files\Symantec
[16/08/2008|00:14] H:\Program Files\The KMPlayer
[19/09/2008|01:43] H:\Program Files\Trend Micro
[07/03/2007|13:02] H:\Program Files\Uninstall Information
[18/05/2008|21:08] H:\Program Files\USERS
[19/09/2007|10:51] H:\Program Files\uTorrent
[07/03/2007|16:13] H:\Program Files\VIA
[08/03/2007|17:23] H:\Program Files\VideoLAN
[18/05/2008|20:57] H:\Program Files\WAVE
[07/03/2007|17:12] H:\Program Files\Webroot
[07/03/2007|17:11] H:\Program Files\Webteh
[07/03/2007|17:02] H:\Program Files\WinAce
[17/09/2007|18:31] H:\Program Files\Winamp
[06/08/2008|23:15] H:\Program Files\Winamp Remote
[21/10/2007|00:02] H:\Program Files\Windows Desktop Search
[11/07/2007|23:17] H:\Program Files\Windows Live
[12/07/2007|19:58] H:\Program Files\Windows Live Safety Center
[06/07/2007|01:00] H:\Program Files\Windows Live Toolbar
[13/07/2007|11:05] H:\Program Files\Windows Media Connect 2
[07/03/2007|12:56] H:\Program Files\Windows Media Player
[07/03/2007|12:55] H:\Program Files\Windows NT
[07/03/2007|12:55] H:\Program Files\WindowsUpdate
[11/07/2007|09:48] H:\Program Files\WinRAR
[07/03/2007|17:03] H:\Program Files\WinZip
[07/03/2007|12:58] H:\Program Files\xerox
[03/08/2008|11:22] H:\Program Files\XP Repair Pro 2007
[07/03/2007|17:05] H:\Program Files\xp-AntiSpy
[31/10/2007|19:43] H:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans H:\Program Files\Fichiers communs
[09/07/2007|23:34] H:\Program Files\Fichiers communs\Adobe
[07/03/2007|18:02] H:\Program Files\Fichiers communs\Ahead
[07/03/2007|16:56] H:\Program Files\Fichiers communs\Designer
[21/03/2007|17:36] H:\Program Files\Fichiers communs\EPSON
[09/01/2008|20:25] H:\Program Files\Fichiers communs\ErreurChasseur
[07/03/2007|13:09] H:\Program Files\Fichiers communs\InstallShield
[22/10/2007|22:22] H:\Program Files\Fichiers communs\Java
[07/03/2007|14:41] H:\Program Files\Fichiers communs\Microsoft Shared
[07/03/2007|12:56] H:\Program Files\Fichiers communs\MSSoap
[13/07/2008|11:43] H:\Program Files\Fichiers communs\Nero
[11/10/2007|02:24] H:\Program Files\Fichiers communs\Nokia
[18/10/2007|21:24] H:\Program Files\Fichiers communs\NSV
[07/03/2007|14:41] H:\Program Files\Fichiers communs\ODBC
[11/10/2007|02:24] H:\Program Files\Fichiers communs\PCSuite
[09/07/2007|09:40] H:\Program Files\Fichiers communs\Real
[07/02/2008|23:31] H:\Program Files\Fichiers communs\Scanner
[07/03/2007|12:56] H:\Program Files\Fichiers communs\Services
[15/06/2008|23:27] H:\Program Files\Fichiers communs\Skype
[07/03/2007|14:41] H:\Program Files\Fichiers communs\SpeechEngines
[07/03/2007|17:47] H:\Program Files\Fichiers communs\Symantec Shared
[07/03/2007|12:56] H:\Program Files\Fichiers communs\System
[07/03/2007|17:12] H:\Program Files\Fichiers communs\Webroot Shared
[14/11/2007|22:51] H:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/09/2008|15:53] H:\Program Files\Fichiers communs\Wise Installation Wizard
[27/02/2008|16:24] H:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 63 Processes )
IEXPLORE.EXE ~ [PID:3936]
IEXPLORE.EXE ~ [PID:2468]
iexplore.exe ~ [PID:4208]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site
H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\For anti.exe
H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\Default Skip.exe
H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1
H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1\eozqmlnt.exe
H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1\SIZE BROWSE ACTIVE WAVE.exe
H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1\wait stupid okay.exe
H:\DOCUME~1\USER1\APPLIC~1\exitso~1
H:\DOCUME~1\USER2\APPLIC~1\exitso~1
H:\DOCUME~1\USER2\APPLIC~1\exitso~1\Bait Bike.exe
H:\DOCUME~1\USER2\APPLIC~1\exitso~1\atbssrul.exe
H:\DOCUME~1\USER2\APPLIC~1\exitso~1\SIZE BROWSE ACTIVE WAVE.exe
H:\DOCUME~1\USER2\APPLIC~1\exitso~1\wait stupid okay.exe
H:\Program Files\exitso~1
H:\Program Files\Circle Developement
H:\Program Files\Circle Developement\Uninstall.exe
H:\DOCUME~1\User2\Cookies\user2@advertising[2].txt
H:\DOCUME~1\User2\Cookies\user2@bigpoint[1].txt
H:\DOCUME~1\User2\Cookies\user2@fr1.darkorbit.bigpoint[1].txt
H:\DOCUME~1\User2\Cookies\user2@banner.cotedazurpalace[2].txt
H:\DOCUME~1\User2\Cookies\user2@cotedazurpalace[2].txt
H:\DOCUME~1\User2\Cookies\user2@adopt.euroclick[1].txt
H:\DOCUME~1\User2\Cookies\user2@pacificpoker[1].txt
H:\DOCUME~1\User2\Cookies\user2@32vegas[1].txt
H:\DOCUME~1\User2\Cookies\user2@banner.32vegas[2].txt
H:\WINDOWS\Tasks\B94C145E932B861E.job
H:\WINDOWS\Tasks\AED47ABF906BEED3.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bolt spam"="H:\\DOCUME~1\\User2\\APPLIC~1\\EXITSO~1\\Bait Bike.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 23:00:02
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
H:\WINDOWS\System32\nvs2.inf
H:\WINDOWS\System32\nekraixfmb.dat
H:\WINDOWS\System32\nekraixfmb_navps.dat
H:\WINDOWS\System32\nekraixfmb_nav.dat
==> EGDACCESS <==
[F:1194][D:32]-> H:\DOCUME~1\User2\LOCALS~1\Temp
[F:135][D:0]-> H:\DOCUME~1\User2\Cookies
[F:4914][D:16]-> H:\DOCUME~1\User2\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> H:\Recycled
1 - "H:\Lop SD\LopR_1.txt" - 19/09/2008|13:21 - Option : [1]
2 - "H:\Lop SD\LopR_2.txt" - 20/09/2008|23:01 - Option : [1]
--------------------\\ Fin du rapport a 23:01:33
Contenus similaires
- Problème fenêtres pop-up intempestives (+ HijackThis) [résolu] - Forum
- Pop-Up CiD. - Forum
- Humble demande d'aide pour Windows Script Host Pop-Up - Forum
- Ordinateur infesté, pop up, pub etc - Forum
- Pop-up récurentes toutes les 30 minutes - Forum
- PC fenetre pop up sur chrome infecté - Forum
SvR-Kage
21 Septembre 2008 15:02:10
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
"H:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [2] ( 21/09/2008|15:00 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\For anti.exe
Supprime! - H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\Default Skip.exe
Supprime! - H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1\eozqmlnt.exe
Supprime! - H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1\SIZE BROWSE ACTIVE WAVE.exe
Supprime! - H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1\wait stupid okay.exe
Supprime! - H:\DOCUME~1\USER2\APPLIC~1\exitso~1\Bait Bike.exe
Supprime! - H:\DOCUME~1\USER2\APPLIC~1\exitso~1\atbssrul.exe
Supprime! - H:\DOCUME~1\USER2\APPLIC~1\exitso~1\SIZE BROWSE ACTIVE WAVE.exe
Supprime! - H:\DOCUME~1\USER2\APPLIC~1\exitso~1\wait stupid okay.exe
Supprime! - H:\Program Files\Circle Developement\Uninstall.exe
Supprime! - H:\DOCUME~1\User2\Cookies\user2@bigpoint[1].txt
Supprime! - H:\DOCUME~1\User2\Cookies\user2@fr1.darkorbit.bigpoint[1].txt
Supprime! - H:\DOCUME~1\User2\Cookies\user2@banner.cotedazurpalace[2].txt
Supprime! - H:\DOCUME~1\User2\Cookies\user2@cotedazurpalace[2].txt
Supprime! - H:\DOCUME~1\User2\Cookies\user2@adopt.euroclick[1].txt
Supprime! - H:\DOCUME~1\User2\Cookies\user2@pacificpoker[1].txt
Supprime! - H:\DOCUME~1\User2\Cookies\user2@32vegas[1].txt
Supprime! - H:\DOCUME~1\User2\Cookies\user2@banner.32vegas[2].txt
Supprime! - H:\WINDOWS\Tasks\B94C145E932B861E.job
Supprime! - H:\WINDOWS\Tasks\AED47ABF906BEED3.job
Supprime! - H:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site
Supprime! - H:\DOCUME~1\ADMIN\APPLIC~1\exitso~1
Supprime! - H:\DOCUME~1\USER1\APPLIC~1\exitso~1
Supprime! - H:\DOCUME~1\USER2\APPLIC~1\exitso~1
Supprime! - H:\Program Files\exitso~1
Supprime! - H:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - H:\DOCUME~1\ALLUSE~1\APPLIC~1\ErreurChasseur
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[07/03/2007|14:41] H:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/03/2007|15:59] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/07/2007|01:43] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10/07/2007|01:42] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/08/2007|23:02] H:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[06/07/2007|20:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[21/10/2007|16:27] H:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[31/05/2008|11:32] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[21/03/2008|17:48] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/03/2007|14:41] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/03/2007|23:03] H:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[17/10/2007|00:14] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[20/03/2007|21:23] H:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/03/2007|22:01] H:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[09/03/2007|17:24] H:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[09/01/2008|20:25] H:\DOCUME~1\ALLUSE~1\APPLIC~1\SalesMon
[07/03/2008|21:57] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[19/09/2008|15:54] H:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[07/03/2007|17:47] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[10/10/2007|10:23] H:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/11/2007|15:54] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot
[05/07/2007|19:25] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/07/2007|01:00] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[11/07/2007|23:18] H:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[11/07/2007|23:17] H:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/07/2007|13:04] H:\DOCUME~1\ALLUSE~1\APPLIC~1\YAHOO
[22/07/2007|19:41] H:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[07/03/2007|14:41] H:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[17/03/2007|17:43] H:\DOCUME~1\LOCALS~1\APPLIC~1\Ahead
[24/08/2007|23:35] H:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[04/09/2007|17:51] H:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[07/03/2007|14:41] H:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[17/11/2007|16:04] H:\DOCUME~1\LOCALS~1\APPLIC~1\Real
[09/03/2007|21:14] H:\DOCUME~1\ADMIN\APPLIC~1\Adobe
[11/03/2007|22:54] H:\DOCUME~1\ADMIN\APPLIC~1\AdobeUM
[07/03/2007|18:03] H:\DOCUME~1\ADMIN\APPLIC~1\Ahead
[03/10/2007|22:55] H:\DOCUME~1\ADMIN\APPLIC~1\AlMAdinahMushaf
[15/03/2008|00:10] H:\DOCUME~1\ADMIN\APPLIC~1\Antispyware
[10/07/2007|01:44] H:\DOCUME~1\ADMIN\APPLIC~1\Apple Computer
[02/10/2007|13:45] H:\DOCUME~1\ADMIN\APPLIC~1\BSplayer
[02/10/2007|13:45] H:\DOCUME~1\ADMIN\APPLIC~1\BSplayer Pro
[15/03/2007|22:49] H:\DOCUME~1\ADMIN\APPLIC~1\Datalayer
[11/03/2007|10:12] H:\DOCUME~1\ADMIN\APPLIC~1\dvdcss
[09/01/2008|20:31] H:\DOCUME~1\ADMIN\APPLIC~1\erreurchasseur
[06/07/2007|20:01] H:\DOCUME~1\ADMIN\APPLIC~1\Google
[15/03/2007|12:32] H:\DOCUME~1\ADMIN\APPLIC~1\Help
[07/03/2007|13:02] H:\DOCUME~1\ADMIN\APPLIC~1\Identities
[05/10/2007|01:02] H:\DOCUME~1\ADMIN\APPLIC~1\ivivo
[08/03/2007|17:29] H:\DOCUME~1\ADMIN\APPLIC~1\Lavasoft
[12/03/2007|22:07] H:\DOCUME~1\ADMIN\APPLIC~1\Leadertech
[08/03/2007|17:39] H:\DOCUME~1\ADMIN\APPLIC~1\Macromedia
[07/03/2007|14:41] H:\DOCUME~1\ADMIN\APPLIC~1\Microsoft
[08/03/2007|17:42] H:\DOCUME~1\ADMIN\APPLIC~1\Mozilla
[20/03/2007|23:03] H:\DOCUME~1\ADMIN\APPLIC~1\MSN6
[17/10/2007|00:19] H:\DOCUME~1\ADMIN\APPLIC~1\Nero
[11/03/2007|23:58] H:\DOCUME~1\ADMIN\APPLIC~1\Nokia
[14/10/2007|23:51] H:\DOCUME~1\ADMIN\APPLIC~1\Nokia Multimedia Player
[27/12/2007|20:31] H:\DOCUME~1\ADMIN\APPLIC~1\Orbit
[11/10/2007|02:28] H:\DOCUME~1\ADMIN\APPLIC~1\PC Suite
[09/07/2007|09:36] H:\DOCUME~1\ADMIN\APPLIC~1\Real
[02/08/2008|22:33] H:\DOCUME~1\ADMIN\APPLIC~1\shamela
[07/03/2008|21:58] H:\DOCUME~1\ADMIN\APPLIC~1\Skype
[07/03/2008|22:03] H:\DOCUME~1\ADMIN\APPLIC~1\skypePM
[03/10/2007|15:54] H:\DOCUME~1\ADMIN\APPLIC~1\Sony
[26/10/2007|21:38] H:\DOCUME~1\ADMIN\APPLIC~1\StarOffice8
[08/03/2007|17:35] H:\DOCUME~1\ADMIN\APPLIC~1\Sun
[08/03/2007|18:16] H:\DOCUME~1\ADMIN\APPLIC~1\Symantec
[08/03/2007|17:42] H:\DOCUME~1\ADMIN\APPLIC~1\Talkback
[08/03/2007|17:23] H:\DOCUME~1\ADMIN\APPLIC~1\vlc
[07/03/2007|17:12] H:\DOCUME~1\ADMIN\APPLIC~1\Webroot
[21/10/2007|00:27] H:\DOCUME~1\ADMIN\APPLIC~1\Windows Desktop Search
[03/09/2007|01:43] H:\DOCUME~1\ADMIN\APPLIC~1\WinRAR
[22/07/2007|19:36] H:\DOCUME~1\ADMIN\APPLIC~1\Yahoo!
[17/03/2007|12:52] H:\DOCUME~1\USER1\APPLIC~1\Adobe
[13/03/2007|20:32] H:\DOCUME~1\USER1\APPLIC~1\Ahead
[14/09/2007|12:52] H:\DOCUME~1\USER1\APPLIC~1\Apple Computer
[05/10/2007|18:54] H:\DOCUME~1\USER1\APPLIC~1\Babylon
[09/12/2007|23:22] H:\DOCUME~1\USER1\APPLIC~1\BSplayer
[03/09/2007|17:01] H:\DOCUME~1\USER1\APPLIC~1\Google
[08/03/2007|18:08] H:\DOCUME~1\USER1\APPLIC~1\Identities
[12/07/2007|22:20] H:\DOCUME~1\USER1\APPLIC~1\Macromedia
[17/03/2007|12:44] H:\DOCUME~1\USER1\APPLIC~1\Media Player Classic
[07/03/2007|14:41] H:\DOCUME~1\USER1\APPLIC~1\Microsoft
[17/03/2007|12:44] H:\DOCUME~1\USER1\APPLIC~1\Mozilla
[20/03/2008|20:28] H:\DOCUME~1\USER1\APPLIC~1\MSN6
[17/10/2007|18:57] H:\DOCUME~1\USER1\APPLIC~1\Nero
[13/03/2007|20:20] H:\DOCUME~1\USER1\APPLIC~1\Nokia Multimedia Player
[13/03/2007|19:42] H:\DOCUME~1\USER1\APPLIC~1\PC Suite
[09/07/2007|11:39] H:\DOCUME~1\USER1\APPLIC~1\Real
[17/03/2007|12:44] H:\DOCUME~1\USER1\APPLIC~1\Talkback
[29/09/2007|13:10] H:\DOCUME~1\USER1\APPLIC~1\VersionTracker Pro
[08/08/2007|18:04] H:\DOCUME~1\USER1\APPLIC~1\vlc
[03/09/2007|17:01] H:\DOCUME~1\USER1\APPLIC~1\Yahoo!
[14/03/2007|18:46] H:\DOCUME~1\USER2\APPLIC~1\Adobe
[11/08/2007|12:40] H:\DOCUME~1\USER2\APPLIC~1\Google
[24/03/2007|12:07] H:\DOCUME~1\USER2\APPLIC~1\Help
[08/03/2007|18:09] H:\DOCUME~1\USER2\APPLIC~1\Identities
[22/03/2007|17:13] H:\DOCUME~1\USER2\APPLIC~1\Lavasoft
[14/03/2007|18:46] H:\DOCUME~1\USER2\APPLIC~1\Leadertech
[06/07/2007|15:13] H:\DOCUME~1\USER2\APPLIC~1\Macromedia
[27/05/2007|09:36] H:\DOCUME~1\USER2\APPLIC~1\Media Player Classic
[07/03/2007|14:41] H:\DOCUME~1\USER2\APPLIC~1\Microsoft
[18/12/2007|18:06] H:\DOCUME~1\USER2\APPLIC~1\Mozilla
[12/09/2008|13:53] H:\DOCUME~1\USER2\APPLIC~1\MSN6
[17/10/2007|07:09] H:\DOCUME~1\USER2\APPLIC~1\Nero
[28/05/2007|10:19] H:\DOCUME~1\USER2\APPLIC~1\Nokia
[03/01/2008|17:05] H:\DOCUME~1\USER2\APPLIC~1\Orbit
[12/03/2007|18:51] H:\DOCUME~1\USER2\APPLIC~1\PC Suite
[12/07/2007|22:17] H:\DOCUME~1\USER2\APPLIC~1\Real
[14/04/2008|14:45] H:\DOCUME~1\USER2\APPLIC~1\Skype
[11/02/2008|12:42] H:\DOCUME~1\USER2\APPLIC~1\Sun
[19/09/2008|15:54] H:\DOCUME~1\USER2\APPLIC~1\SUPERAntiSpyware.com
[01/10/2007|14:47] H:\DOCUME~1\USER2\APPLIC~1\VersionTracker Pro
[14/09/2008|20:55] H:\DOCUME~1\USER2\APPLIC~1\Windows Desktop Search
[02/04/2008|22:46] H:\DOCUME~1\USER2\APPLIC~1\WinRAR
[11/08/2007|12:40] H:\DOCUME~1\USER2\APPLIC~1\Yahoo!
[05/07/2007|15:54] H:\DOCUME~1\INVITگ\APPLIC~1\Adobe
[11/07/2007|09:05] H:\DOCUME~1\INVITگ\APPLIC~1\Apple Computer
[07/07/2007|10:01] H:\DOCUME~1\INVITگ\APPLIC~1\Google
[05/07/2007|19:00] H:\DOCUME~1\INVITگ\APPLIC~1\Help
[08/03/2007|18:10] H:\DOCUME~1\INVITگ\APPLIC~1\Identities
[22/05/2007|19:16] H:\DOCUME~1\INVITگ\APPLIC~1\Macromedia
[23/03/2007|20:50] H:\DOCUME~1\INVITگ\APPLIC~1\Media Player Classic
[07/03/2007|14:41] H:\DOCUME~1\INVITگ\APPLIC~1\Microsoft
[21/07/2007|21:41] H:\DOCUME~1\INVITگ\APPLIC~1\Mozilla
[11/07/2007|09:04] H:\DOCUME~1\INVITگ\APPLIC~1\MSN6
[06/11/2007|20:20] H:\DOCUME~1\INVITگ\APPLIC~1\Nero
[23/03/2007|21:19] H:\DOCUME~1\INVITگ\APPLIC~1\Nokia
[12/03/2007|21:32] H:\DOCUME~1\INVITگ\APPLIC~1\PC Suite
[10/07/2007|18:28] H:\DOCUME~1\INVITگ\APPLIC~1\Real
[22/07/2007|01:13] H:\DOCUME~1\INVITگ\APPLIC~1\Sun
[30/09/2007|09:34] H:\DOCUME~1\INVITگ\APPLIC~1\VersionTracker Pro
[22/07/2007|14:29] H:\DOCUME~1\INVITگ\APPLIC~1\vlc
[22/07/2007|19:16] H:\DOCUME~1\INVITگ\APPLIC~1\Yahoo!
--------------------\\ Tâches planifiées dans H:\WINDOWS\tasks
[16/09/2008 21:43][--a------] H:\WINDOWS\tasks\AppleSoftwareUpdate.job
[21/09/2008 03:00][--a------] H:\WINDOWS\tasks\Antispyware Scheduled Scan.job
[21/09/2008 15:00][--ah-----] H:\WINDOWS\tasks\User_Feed_Synchronization-{C4491E0A-C5B2-4B76-8487-D4FFA65EC508}.job
[21/09/2008 15:00][--ah-----] H:\WINDOWS\tasks\User_Feed_Synchronization-{E28D1466-14DA-4C55-80F2-CD772981E353}.job
[21/09/2008 07:39][--ah-----] H:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][---h-----] H:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans H:\Program Files
[28/10/2007|14:08] H:\Program Files\3B Software
[08/03/2007|15:57] H:\Program Files\Adobe
[10/11/2007|13:59] H:\Program Files\Ahead
[15/03/2008|00:10] H:\Program Files\AntiSpywareApp
[18/05/2008|20:57] H:\Program Files\ARTICLES
[14/07/2007|01:43] H:\Program Files\AskTBar
[07/03/2007|13:21] H:\Program Files\ASUS
[13/08/2007|22:20] H:\Program Files\Athan
[05/10/2007|09:29] H:\Program Files\Babylon
[09/03/2007|18:10] H:\Program Files\Borland
[26/10/2007|22:37] H:\Program Files\Cache
[31/10/2007|19:43] H:\Program Files\CCleaner
[09/03/2007|12:11] H:\Program Files\Common Files
[07/03/2007|12:55] H:\Program Files\ComPlus Applications
[18/05/2008|20:57] H:\Program Files\DATA
[09/03/2007|11:26] H:\Program Files\Disney Interactive
[24/10/2007|19:08] H:\Program Files\DJKSOFT
[21/03/2007|17:33] H:\Program Files\EPSON
[04/10/2007|02:03] H:\Program Files\Extension Changer
[11/07/2007|09:52] H:\Program Files\Far
[07/03/2007|14:41] H:\Program Files\Fichiers communs
[18/05/2008|20:57] H:\Program Files\font
[22/05/2007|19:16] H:\Program Files\Free
[05/07/2007|15:55] H:\Program Files\FreeDial
[09/03/2007|12:11] H:\Program Files\FUTURE HORIZONS
[01/01/2008|20:24] H:\Program Files\Future Horizons Company
[07/03/2007|13:21] H:\Program Files\GameFace Messenger
[06/07/2007|20:01] H:\Program Files\Google
[29/07/2007|07:38] H:\Program Files\Illustrate
[07/03/2007|13:11] H:\Program Files\InstallShield Installation Information
[07/03/2007|12:56] H:\Program Files\Internet Explorer
[08/03/2007|17:18] H:\Program Files\IrfanView
[10/08/2007|20:26] H:\Program Files\IslamicPlayer
[05/10/2007|01:01] H:\Program Files\iViVo
[08/03/2007|17:34] H:\Program Files\Java
[07/03/2007|12:55] H:\Program Files\Messenger
[21/03/2008|17:44] H:\Program Files\Messenger Plus! Live
[06/05/2007|00:45] H:\Program Files\Micro Application
[07/03/2007|12:58] H:\Program Files\microsoft frontpage
[29/12/2007|16:04] H:\Program Files\Microsoft LifeCam
[07/03/2007|16:55] H:\Program Files\Microsoft Office
[14/11/2007|23:07] H:\Program Files\Microsoft SQL Server Compact Edition
[07/03/2007|16:56] H:\Program Files\Microsoft Visual Studio
[27/08/2007|17:28] H:\Program Files\Mindscape
[15/09/2007|09:06] H:\Program Files\moshaf alsedeeq
[07/03/2007|12:56] H:\Program Files\Movie Maker
[08/03/2007|17:42] H:\Program Files\Mozilla Firefox
[15/07/2007|08:53] H:\Program Files\MSBuild
[07/03/2007|12:55] H:\Program Files\MSN
[07/03/2007|12:55] H:\Program Files\MSN Gaming Zone
[05/07/2007|16:01] H:\Program Files\MSXML 4.0
[15/07/2007|08:56] H:\Program Files\MSXML 6.0
[07/03/2007|15:29] H:\Program Files\Multimedia Card Reader
[09/03/2007|21:07] H:\Program Files\Musicmatch
[07/03/2007|13:15] H:\Program Files\My Company Name
[07/03/2007|17:47] H:\Program Files\NavNT
[07/03/2007|18:02] H:\Program Files\Nero
[07/03/2007|12:56] H:\Program Files\NetMeeting
[07/03/2007|12:56] H:\Program Files\Outlook Express
[08/03/2007|18:00] H:\Program Files\Paragon Software
[15/07/2007|14:41] H:\Program Files\PocketRAR
[19/09/2008|17:20] H:\Program Files\Popup Manager
[09/03/2007|17:24] H:\Program Files\QuickTime
[12/07/2008|10:14] H:\Program Files\Quran Kareem
[07/10/2007|09:38] H:\Program Files\Quran_AR
[09/07/2007|09:40] H:\Program Files\Real
[16/02/2008|22:44] H:\Program Files\Real_SC
[07/03/2007|16:15] H:\Program Files\Realtek
[15/07/2007|08:49] H:\Program Files\Reference Assemblies
[09/03/2007|10:28] H:\Program Files\safeer
[07/03/2007|12:55] H:\Program Files\Services en ligne
[07/03/2008|21:57] H:\Program Files\Skype
[13/09/2007|15:14] H:\Program Files\SlySoft
[10/10/2007|01:29] H:\Program Files\Sony Setup
[22/10/2007|22:24] H:\Program Files\Sun
[19/09/2008|15:54] H:\Program Files\SUPERAntiSpyware
[07/03/2007|17:47] H:\Program Files\Symantec
[16/08/2008|00:14] H:\Program Files\The KMPlayer
[19/09/2008|01:43] H:\Program Files\Trend Micro
[07/03/2007|13:02] H:\Program Files\Uninstall Information
[18/05/2008|21:08] H:\Program Files\USERS
[19/09/2007|10:51] H:\Program Files\uTorrent
[07/03/2007|16:13] H:\Program Files\VIA
[08/03/2007|17:23] H:\Program Files\VideoLAN
[18/05/2008|20:57] H:\Program Files\WAVE
[07/03/2007|17:12] H:\Program Files\Webroot
[07/03/2007|17:11] H:\Program Files\Webteh
[07/03/2007|17:02] H:\Program Files\WinAce
[17/09/2007|18:31] H:\Program Files\Winamp
[06/08/2008|23:15] H:\Program Files\Winamp Remote
[21/10/2007|00:02] H:\Program Files\Windows Desktop Search
[11/07/2007|23:17] H:\Program Files\Windows Live
[12/07/2007|19:58] H:\Program Files\Windows Live Safety Center
[06/07/2007|01:00] H:\Program Files\Windows Live Toolbar
[13/07/2007|11:05] H:\Program Files\Windows Media Connect 2
[07/03/2007|12:56] H:\Program Files\Windows Media Player
[07/03/2007|12:55] H:\Program Files\Windows NT
[07/03/2007|12:55] H:\Program Files\WindowsUpdate
[11/07/2007|09:48] H:\Program Files\WinRAR
[07/03/2007|17:03] H:\Program Files\WinZip
[07/03/2007|12:58] H:\Program Files\xerox
[03/08/2008|11:22] H:\Program Files\XP Repair Pro 2007
[07/03/2007|17:05] H:\Program Files\xp-AntiSpy
[31/10/2007|19:43] H:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans H:\Program Files\Fichiers communs
[09/07/2007|23:34] H:\Program Files\Fichiers communs\Adobe
[07/03/2007|18:02] H:\Program Files\Fichiers communs\Ahead
[07/03/2007|16:56] H:\Program Files\Fichiers communs\Designer
[21/03/2007|17:36] H:\Program Files\Fichiers communs\EPSON
[09/01/2008|20:25] H:\Program Files\Fichiers communs\ErreurChasseur
[07/03/2007|13:09] H:\Program Files\Fichiers communs\InstallShield
[22/10/2007|22:22] H:\Program Files\Fichiers communs\Java
[07/03/2007|14:41] H:\Program Files\Fichiers communs\Microsoft Shared
[07/03/2007|12:56] H:\Program Files\Fichiers communs\MSSoap
[13/07/2008|11:43] H:\Program Files\Fichiers communs\Nero
[11/10/2007|02:24] H:\Program Files\Fichiers communs\Nokia
[18/10/2007|21:24] H:\Program Files\Fichiers communs\NSV
[07/03/2007|14:41] H:\Program Files\Fichiers communs\ODBC
[11/10/2007|02:24] H:\Program Files\Fichiers communs\PCSuite
[09/07/2007|09:40] H:\Program Files\Fichiers communs\Real
[07/02/2008|23:31] H:\Program Files\Fichiers communs\Scanner
[07/03/2007|12:56] H:\Program Files\Fichiers communs\Services
[15/06/2008|23:27] H:\Program Files\Fichiers communs\Skype
[07/03/2007|14:41] H:\Program Files\Fichiers communs\SpeechEngines
[07/03/2007|17:47] H:\Program Files\Fichiers communs\Symantec Shared
[07/03/2007|12:56] H:\Program Files\Fichiers communs\System
[07/03/2007|17:12] H:\Program Files\Fichiers communs\Webroot Shared
[14/11/2007|22:51] H:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/09/2008|15:53] H:\Program Files\Fichiers communs\Wise Installation Wizard
[27/02/2008|16:24] H:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 44 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
H:\DOCUME~1\User2\Cookies\user2@advertstream[1].txt
H:\DOCUME~1\User2\Cookies\user2@advertising[1].txt
H:\DOCUME~1\User2\Cookies\user2@casinoking[1].txt
H:\DOCUME~1\User2\Cookies\user2@banner.casinoking[2].txt
H:\DOCUME~1\User2\Cookies\user2@banner.cotedazurpalace[3].txt
H:\DOCUME~1\User2\Cookies\user2@cotedazurpalace[3].txt
H:\DOCUME~1\User2\Cookies\user2@adopt.euroclick[2].txt
H:\DOCUME~1\User2\Cookies\user2@partypoker[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 15:02:33
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
H:\WINDOWS\System32\nvs2.inf
H:\WINDOWS\System32\nekraixfmb.dat
H:\WINDOWS\System32\nekraixfmb_navps.dat
H:\WINDOWS\System32\nekraixfmb_nav.dat
==> EGDACCESS <==
[F:1196][D:33]-> H:\DOCUME~1\User2\LOCALS~1\Temp
[F:312][D:0]-> H:\DOCUME~1\User2\Cookies
[F:2250][D:5]-> H:\DOCUME~1\User2\LOCALS~1\TEMPOR~1\content.IE5
[F:42][D:4]-> H:\Recycled
1 - "H:\Lop SD\LopR_1.txt" - 19/09/2008|13:21 - Option : [1]
2 - "H:\Lop SD\LopR_2.txt" - 20/09/2008|23:01 - Option : [1]
3 - "H:\Lop SD\LopR_3.txt" - 21/09/2008|15:03 - Option : [2]
--------------------\\ Fin du rapport a 15:03:23
Re,
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 4 puis valide.
Il va te demander de saisir le nom de fichier. Saisie ce qui est en gras ci-dessous et rien d'autre puis valide :
nekraixfmb
Retape le nom de fichier quand cela te sera demandé.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 4 puis valide.
Il va te demander de saisir le nom de fichier. Saisie ce qui est en gras ci-dessous et rien d'autre puis valide :
nekraixfmb
Retape le nom de fichier quand cela te sera demandé.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
SvR-Kage
21 Septembre 2008 22:40:31
Voici donc les deux rapports
Cleannavi.txt
Clean Navipromo version 3.6.5 commencé le 21/09/2008 à 22:27:03,79
Outil exécuté depuis H:\Program Files\navilog1
Session actuelle : "User2"
Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : FAT32
Mode suppression par méthode manuelle
Nom du fichier saisi : nekraixfmb
Nettoyage exécuté au redémarrage de l'ordinateur
*** Recherche, création sauvegardes et suppression ***
* Suppression dans "H:\WINDOWS\system32" *
* Suppression dans "H:\Documents and Settings\User2\locals~1\applic~1" *
* Suppression dans "H:\DOCUME~1\ADMIN\locals~1\applic~1" *
* Suppression dans "H:\DOCUME~1\USER1\locals~1\applic~1" *
* Suppression dans "H:\DOCUME~1\INVIT_\locals~1\applic~1" *
*** Suppression dossiers dans "H:\WINDOWS" ***
*** Suppression dossiers dans "H:\Program Files" ***
*** Suppression dossiers dans "H:\Documents and Settings\All Users\menud?~1\progra~1" ***
*** Suppression dossiers dans "H:\Documents and Settings\All Users\menud?~1" ***
*** Suppression dossiers dans "h:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "H:\Documents and Settings\User2\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\ADMIN\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\USER1\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\INVIT_\applic~1" ***
*** Suppression dossiers dans "H:\Documents and Settings\User2\locals~1\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\ADMIN\locals~1\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\USER1\locals~1\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\INVIT_\locals~1\applic~1" ***
*** Suppression dossiers dans "H:\Documents and Settings\User2\menud?~1\progra~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\ADMIN\menud?~1\progra~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\USER1\menud?~1\progra~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\INVIT_\menud?~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu H:\WINDOWS\Temp effectué !
Nettoyage contenu H:\Documents and Settings\User2\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "H:\WINDOWS\system32" *
* Dans "H:\Documents and Settings\User2\locals~1\applic~1" *
* Dans "H:\DOCUME~1\ADMIN\locals~1\applic~1" *
* Dans "H:\DOCUME~1\USER1\locals~1\applic~1" *
* Dans "H:\DOCUME~1\INVIT_\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 21/09/2008 à 22:36:50,53 ***
Rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:42:36, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\ATKKBService.exe
H:\WINDOWS\System32\cisvc.exe
H:\Program Files\NavNT\defwatch.exe
H:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
H:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
H:\Program Files\Microsoft LifeCam\MSCamS32.exe
H:\Program Files\NavNT\rtvscan.exe
H:\WINDOWS\System32\nvsvc32.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\Program Files\Webroot\Washer\WasherSvc.exe
H:\WINDOWS\system32\MsgSys.EXE
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\RunDLL32.exe
H:\Program Files\Multimedia Card Reader\shwicon2k.exe
H:\WINDOWS\vVX1000.exe
H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
H:\Program Files\QuickTime\QTTask.exe
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\Program Files\Windows Live\Messenger\msnmsgr.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\WINDOWS\system32\cidaemon.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://mmjb.musicmatch.com/mmjb/process.cgi?REQUEST=PUR...{99F12EDC-A0C8-42EF-B674-C9E5F311B8CD}&grant=1&VERSION=9.00.0128SANDISK&OEM=SANDISK&OOEM=SANDISK&LANG=ENU&COUNTRY=UNITED%20STATES&EXPLICITFILTER=0&DID=999995926
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: O??? C????C? C???? - {A1502779-6D88-4958-8AD3-83C12D86ADC7} - H:\Program Files\islamtoday.dll
O4 - HKLM\..\Run: [PHIME2002ASync] "H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" H:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sunkist2k] "H:\Program Files\Multimedia Card Reader\shwicon2k.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LifeCam] "H:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] H:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Quran_AR] H:\Program Files\Quran_AR\Quran_AR.exe
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "H:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] H:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - H:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - H:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - H:\WINDOWS\ATKKBService.exe
O23 - Service: DefWatch - Symantec Corporation - H:\Program Files\NavNT\defwatch.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - H:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: GhostStartService - Symantec Corporation - H:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - H:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - H:\Program Files\Webroot\Washer\WasherSvc.exe
--
End of file - 8722 bytes
Cleannavi.txt
Clean Navipromo version 3.6.5 commencé le 21/09/2008 à 22:27:03,79
Outil exécuté depuis H:\Program Files\navilog1
Session actuelle : "User2"
Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : FAT32
Mode suppression par méthode manuelle
Nom du fichier saisi : nekraixfmb
Nettoyage exécuté au redémarrage de l'ordinateur
*** Recherche, création sauvegardes et suppression ***
* Suppression dans "H:\WINDOWS\system32" *
* Suppression dans "H:\Documents and Settings\User2\locals~1\applic~1" *
* Suppression dans "H:\DOCUME~1\ADMIN\locals~1\applic~1" *
* Suppression dans "H:\DOCUME~1\USER1\locals~1\applic~1" *
* Suppression dans "H:\DOCUME~1\INVIT_\locals~1\applic~1" *
*** Suppression dossiers dans "H:\WINDOWS" ***
*** Suppression dossiers dans "H:\Program Files" ***
*** Suppression dossiers dans "H:\Documents and Settings\All Users\menud?~1\progra~1" ***
*** Suppression dossiers dans "H:\Documents and Settings\All Users\menud?~1" ***
*** Suppression dossiers dans "h:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "H:\Documents and Settings\User2\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\ADMIN\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\USER1\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\INVIT_\applic~1" ***
*** Suppression dossiers dans "H:\Documents and Settings\User2\locals~1\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\ADMIN\locals~1\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\USER1\locals~1\applic~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\INVIT_\locals~1\applic~1" ***
*** Suppression dossiers dans "H:\Documents and Settings\User2\menud?~1\progra~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\ADMIN\menud?~1\progra~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\USER1\menud?~1\progra~1" ***
*** Suppression dossiers dans "H:\DOCUME~1\INVIT_\menud?~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu H:\WINDOWS\Temp effectué !
Nettoyage contenu H:\Documents and Settings\User2\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "H:\WINDOWS\system32" *
* Dans "H:\Documents and Settings\User2\locals~1\applic~1" *
* Dans "H:\DOCUME~1\ADMIN\locals~1\applic~1" *
* Dans "H:\DOCUME~1\USER1\locals~1\applic~1" *
* Dans "H:\DOCUME~1\INVIT_\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 21/09/2008 à 22:36:50,53 ***
Rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:42:36, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\ATKKBService.exe
H:\WINDOWS\System32\cisvc.exe
H:\Program Files\NavNT\defwatch.exe
H:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
H:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
H:\Program Files\Microsoft LifeCam\MSCamS32.exe
H:\Program Files\NavNT\rtvscan.exe
H:\WINDOWS\System32\nvsvc32.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\Program Files\Webroot\Washer\WasherSvc.exe
H:\WINDOWS\system32\MsgSys.EXE
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\RunDLL32.exe
H:\Program Files\Multimedia Card Reader\shwicon2k.exe
H:\WINDOWS\vVX1000.exe
H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
H:\Program Files\QuickTime\QTTask.exe
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\Program Files\Windows Live\Messenger\msnmsgr.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\WINDOWS\system32\cidaemon.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://mmjb.musicmatch.com/mmjb/process.cgi?REQUEST=PUR...{99F12EDC-A0C8-42EF-B674-C9E5F311B8CD}&grant=1&VERSION=9.00.0128SANDISK&OEM=SANDISK&OOEM=SANDISK&LANG=ENU&COUNTRY=UNITED%20STATES&EXPLICITFILTER=0&DID=999995926
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: O??? C????C? C???? - {A1502779-6D88-4958-8AD3-83C12D86ADC7} - H:\Program Files\islamtoday.dll
O4 - HKLM\..\Run: [PHIME2002ASync] "H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" H:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sunkist2k] "H:\Program Files\Multimedia Card Reader\shwicon2k.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LifeCam] "H:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] H:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Quran_AR] H:\Program Files\Quran_AR\Quran_AR.exe
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "H:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] H:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - H:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - H:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - H:\WINDOWS\ATKKBService.exe
O23 - Service: DefWatch - Symantec Corporation - H:\Program Files\NavNT\defwatch.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - H:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: GhostStartService - Symantec Corporation - H:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - H:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - H:\Program Files\Webroot\Washer\WasherSvc.exe
--
End of file - 8722 bytes
Re,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Contenus similaires
- Résolufenêtre de pubs, pop-up et fausses publicités sur chrome Forum
- RésoluInfection par un virus persistant qui génère des pop-up arnaques. Forum
- RésoluVirus pop up sans arrêt Forum
- RésoluCheval de troie + pop up flasplayer intempestif Forum
- RésoluFenêtre pub et pop-up à chaque clic, en chrome Forum
- RésoluVirus, pop-up, et fenetres intempestives Forum
- Voir plus