Votre question

mon pc rame - rapport hihackthis

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Novembre 2007 18:02:41

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:15:44, on 25/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
D:\Program Files\adobephotoshopélément5\PhotoshopElementsFileAgent.exe
C:\WINDOWS\System32\CTSVCCDA.EXE
C:\Program Files\EPSON\ESM2\eEBSVC.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Roxio\GoBack\GBPoll.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Colormailer\Photo Manager\MediaDetector.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
I:\utilitaire\TRUE IMAGE\TrueImageMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
I:\utilitaire\Copernic Desktop Search 2\DesktopSearchService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Outlook Express\Msimn.exe
C:\Program Files\Roxio\GoBack\GBTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\QuickTime\qttask.exe
D:\Program Files\adobephotoshopélément5\PhotoshopElementsOrganizer.exe
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\_ZCTmp.Dir\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/search?sourceid=navclient&hl=fr&ie...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\CHRISTINE\Application Data\Mozilla\Profiles\default\x4i5soan.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\UTILIT~1\FLASHGET\fgiebar.dll
O3 - Toolbar: (no name) - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - I:\utilitaire\Copernic Desktop Search 2\DesktopSearchBand201013011.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [RevolteMediaDetector] C:\Program Files\Colormailer\Photo Manager\MediaDetector.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "I:\utilitaire\D-Tools\daemon.exe" -lang 1036 -noicon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] I:\utilitaire\TRUE IMAGE\TrueImageMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Copernic Desktop Search 2] "I:\utilitaire\Copernic Desktop Search 2\DesktopSearchService.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/servlet/ProductMessage...
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: GoBack.lnk = C:\Program Files\Roxio\GoBack\GBTray.exe
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - D:\UTILITAIRE\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - D:\UTILITAIRE\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet - D:\UTILITAIRE\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\UTILITAIRE\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O15 - Trusted Zone: http://www.impots.gouv.fr
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/Dj...
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAD...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.wistiti.fr/ImageUploader4.cab
O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - http://www.checkspy.com/fr/FlowScan.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://register.tiscali.fr/configurateur/AccountHelper....
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - D:\Program Files\adobephotoshopélément5\PhotoshopElementsFileAgent.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSVCCDA.EXE
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\EPSON\ESM2\eEBSVC.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GBPoll - Roxio, Inc. - C:\Program Files\Roxio\GoBack\GBPoll.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - I:\utilitaire\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Personal Firewall Service (NISSERV) - Unknown owner - C:\Program Files\Norton Personal Firewall\NISSERV.EXE (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Norton Personal Firewall Proxy Service (SymProxySvc) - Unknown owner - C:\Program Files\Norton Personal Firewall\SymProxySvc.exe (file missing)
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 16972 bytes

Autres pages sur : rame rapport hihackthis

25 Novembre 2007 22:59:49

il y a quelqu'un qui peut m'aider ?
12 Avril 2008 14:50:35


-----------------------[ Lop S&D 4.1.0-9 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : THOMAS ] [ "C:\Lop SD" ]
[ 12/04/2008 | 14:28:05,59 ] [ PC : BRUN ]
[ MAJ : 08-04-2008 | 23:37 ]

-------------[ Listing des dossiers dans Application Data ]------------

[25/08/2006|01:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[25/08/2006|01:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[17/01/2007|20:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[14/09/2006|08:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[27/08/2006|14:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[27/08/2006|13:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[14/09/2006|09:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[14/09/2006|09:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[14/09/2006|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[14/09/2006|08:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[28/03/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[28/03/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[04/01/2008|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[17/01/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[08/09/2007|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[27/08/2006|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[28/01/2007|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/09/2006|09:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[04/01/2008|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[14/02/2007|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[08/02/2008|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[14/09/2006|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[14/09/2006|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[17/01/2007|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[27/01/2007|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/03/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
[16/01/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[14/09/2006|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[14/09/2006|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[03/02/2007|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/03/2007|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[01/03/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[25/08/2006|01:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[25/08/2006|01:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[17/01/2007|20:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[14/09/2006|08:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[27/08/2006|14:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/08/2006|13:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[14/09/2006|09:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[14/09/2006|09:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[14/09/2006|09:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[14/09/2006|08:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[14/09/2006|08:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[14/09/2006|08:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[14/09/2006|08:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/09/2006|08:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[14/09/2006|08:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[14/09/2006|08:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[28/03/2008|19:44] C:\DOCUME~1\THOMAS\APPLIC~1\.
[28/03/2008|19:44] C:\DOCUME~1\THOMAS\APPLIC~1\..
[30/01/2008|17:48] C:\DOCUME~1\THOMAS\APPLIC~1\AccurateRip
[04/01/2008|10:40] C:\DOCUME~1\THOMAS\APPLIC~1\Adobe
[04/01/2008|10:46] C:\DOCUME~1\THOMAS\APPLIC~1\AdobeUM
[09/02/2007|19:18] C:\DOCUME~1\THOMAS\APPLIC~1\Ahead
[17/01/2007|20:40] C:\DOCUME~1\THOMAS\APPLIC~1\AOL
[14/09/2006|08:51] C:\DOCUME~1\THOMAS\APPLIC~1\ATI
[28/03/2008|19:45] C:\DOCUME~1\THOMAS\APPLIC~1\blehbeep
[22/09/2007|22:26] C:\DOCUME~1\THOMAS\APPLIC~1\CyberLink
[27/08/2006|14:47] C:\DOCUME~1\THOMAS\APPLIC~1\desktop.ini
[05/01/2008|16:13] C:\DOCUME~1\THOMAS\APPLIC~1\Google
[30/01/2008|17:43] C:\DOCUME~1\THOMAS\APPLIC~1\Help
[27/08/2006|13:04] C:\DOCUME~1\THOMAS\APPLIC~1\Identities
[16/01/2007|14:14] C:\DOCUME~1\THOMAS\APPLIC~1\Leadertech
[14/09/2006|09:03] C:\DOCUME~1\THOMAS\APPLIC~1\Macromedia
[14/02/2008|18:32] C:\DOCUME~1\THOMAS\APPLIC~1\Microsoft
[28/01/2007|19:39] C:\DOCUME~1\THOMAS\APPLIC~1\Mozilla
[28/01/2007|19:14] C:\DOCUME~1\THOMAS\APPLIC~1\MSNInstaller
[04/02/2007|00:33] C:\DOCUME~1\THOMAS\APPLIC~1\Nero
[23/01/2007|22:19] C:\DOCUME~1\THOMAS\APPLIC~1\OD2
[14/09/2006|09:20] C:\DOCUME~1\THOMAS\APPLIC~1\SampleView
[17/01/2007|21:13] C:\DOCUME~1\THOMAS\APPLIC~1\Skype
[16/01/2007|14:15] C:\DOCUME~1\THOMAS\APPLIC~1\Sonic
[16/01/2007|19:32] C:\DOCUME~1\THOMAS\APPLIC~1\Sun
[31/05/2007|10:20] C:\DOCUME~1\THOMAS\APPLIC~1\uTorrent
[28/01/2007|11:33] C:\DOCUME~1\THOMAS\APPLIC~1\VadeRetro
[29/01/2007|18:50] C:\DOCUME~1\THOMAS\APPLIC~1\vlc
[24/03/2007|07:47] C:\DOCUME~1\THOMAS\APPLIC~1\WinRAR
[14/09/2006|08:54] C:\DOCUME~1\THOMAS\APPLIC~1\You've Got Pictures Screensaver

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[12/04/2008 14:00][--ah-----] C:\WINDOWS\tasks\A8BC1214907B8D70.job
[12/04/2008 13:40][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[12/04/2008 12:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/03/2006 21:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[09/04/2008|18:50] C:\Program Files\.
[09/04/2008|18:50] C:\Program Files\..
[16/01/2007|18:33] C:\Program Files\ABBYY FineReader 6.0 Sprint
[14/09/2006|08:52] C:\Program Files\Adobe
[27/01/2007|15:45] C:\Program Files\Alwil Software
[09/06/2007|19:42] C:\Program Files\AskTBar
[14/09/2006|08:38] C:\Program Files\ATI Technologies
[14/09/2006|08:41] C:\Program Files\AvRack
[28/03/2008|19:44] C:\Program Files\blehbeep
[28/03/2008|19:44] C:\Program Files\Circle Developement
[14/09/2006|09:02] C:\Program Files\CyberLink
[28/01/2007|21:41] C:\Program Files\DivX
[09/02/2008|17:00] C:\Program Files\eMule
[16/01/2007|18:34] C:\Program Files\epson
[06/03/2007|23:08] C:\Program Files\EZFace
[01/03/2008|09:51] C:\Program Files\Fichiers communs
[05/01/2008|16:12] C:\Program Files\Google
[14/09/2006|09:09] C:\Program Files\Goto Software
[30/01/2008|17:48] C:\Program Files\Illustrate
[16/01/2007|18:38] C:\Program Files\InstallShield Installation Information
[09/04/2008|22:03] C:\Program Files\Internet Explorer
[22/01/2007|21:11] C:\Program Files\Inventel
[29/03/2008|10:11] C:\Program Files\Java
[25/08/2006|01:31] C:\Program Files\Messenger
[28/03/2008|19:44] C:\Program Files\Messenger Plus! Live
[06/07/2007|23:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[27/08/2006|13:04] C:\Program Files\microsoft frontpage
[17/01/2007|21:05] C:\Program Files\Microsoft Office
[01/03/2008|09:58] C:\Program Files\Microsoft SQL Server Compact Edition
[17/01/2007|21:04] C:\Program Files\Microsoft.NET
[25/08/2006|01:31] C:\Program Files\Movie Maker
[28/01/2007|21:36] C:\Program Files\Mozilla Firefox
[28/01/2007|19:14] C:\Program Files\MSN
[27/08/2006|12:51] C:\Program Files\MSN Gaming Zone
[11/04/2007|21:27] C:\Program Files\MSXML 4.0
[08/02/2008|19:57] C:\Program Files\Nero
[25/08/2006|01:31] C:\Program Files\NetMeeting
[27/08/2006|12:52] C:\Program Files\Online Services
[06/07/2007|23:42] C:\Program Files\Outlook Express
[02/12/2007|11:31] C:\Program Files\Picasa2
[14/09/2006|08:53] C:\Program Files\QuickTime
[14/09/2006|08:53] C:\Program Files\Real
[14/09/2006|08:41] C:\Program Files\Realtek AC97
[23/01/2007|22:10] C:\Program Files\Securitoo
[27/08/2006|12:54] C:\Program Files\Services en ligne
[14/09/2006|09:04] C:\Program Files\Sonic
[09/04/2008|18:50] C:\Program Files\T‚l‚chargement PHOTOWAYS
[03/02/2007|18:00] C:\Program Files\Uninstall Information
[29/01/2007|18:50] C:\Program Files\VideoLAN
[14/09/2006|08:53] C:\Program Files\Viewpoint
[12/04/2008|12:15] C:\Program Files\Wanadoo
[02/03/2008|02:53] C:\Program Files\Windows Live
[30/11/2007|22:03] C:\Program Files\Windows Live Favorites
[30/11/2007|22:03] C:\Program Files\Windows Live Toolbar
[25/02/2007|16:29] C:\Program Files\Windows Media Connect 2
[25/02/2007|16:31] C:\Program Files\Windows Media Player
[25/08/2006|01:31] C:\Program Files\Windows NT
[27/08/2006|12:51] C:\Program Files\Windows Plus
[26/01/2007|19:55] C:\Program Files\WindowsUpdate
[27/05/2007|18:43] C:\Program Files\WinRAR
[27/08/2006|13:04] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[01/03/2008|09:51] C:\Program Files\Fichiers communs\.
[01/03/2008|09:51] C:\Program Files\Fichiers communs\..
[04/01/2008|10:43] C:\Program Files\Fichiers communs\Adobe
[17/01/2007|20:40] C:\Program Files\Fichiers communs\AOL
[17/01/2007|21:05] C:\Program Files\Fichiers communs\DESIGNER
[14/09/2006|09:05] C:\Program Files\Fichiers communs\InstallShield
[30/01/2008|17:23] C:\Program Files\Fichiers communs\Java
[01/03/2008|09:51] C:\Program Files\Fichiers communs\Microsoft Shared
[27/08/2006|12:53] C:\Program Files\Fichiers communs\MSSoap
[14/09/2006|08:53] C:\Program Files\Fichiers communs\Nullsoft
[07/04/2007|14:26] C:\Program Files\Fichiers communs\ODBC
[14/09/2006|08:53] C:\Program Files\Fichiers communs\Real
[25/08/2006|01:31] C:\Program Files\Fichiers communs\Services
[14/09/2006|09:04] C:\Program Files\Fichiers communs\Sonic Shared
[27/08/2006|14:47] C:\Program Files\Fichiers communs\SpeechEngines
[14/09/2006|09:04] C:\Program Files\Fichiers communs\SureThing Shared
[27/01/2007|15:44] C:\Program Files\Fichiers communs\Symantec Shared
[06/07/2007|23:42] C:\Program Files\Fichiers communs\System
[14/09/2006|09:04] C:\Program Files\Fichiers communs\TiVo Shared
[01/03/2008|09:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[30/01/2008|16:32] C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

C:\DOCUME~1\THOMAS\LOCALS~1\Temp\bis7.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\Plan Trans.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\A8BC1214907B8D70.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"="C:\\Documents and Settings\\All Users\\Application Data\\third lies itch ford\\Plan Trans.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 72 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-12 14:29:17
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\WINDOWS\system32\spool\PRINTERS\FP00000.SHD
C:\WINDOWS\system32\spool\PRINTERS\FP00000.SPL
scan completed successfully
hidden processes: 0
hidden files: 2

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:4135][Doss:145] C:\DOCUME~1\THOMAS\LOCALS~1\Temp
/!\ [Fich:1203][Doss:0] C:\DOCUME~1\THOMAS\Cookies
/!\ [Fich:15531][Doss:31] C:\DOCUME~1\THOMAS\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 14:31:41,28 ]----------------------
Contenus similaires
12 Avril 2008 14:52:41

Il s'agit du rapprot lop s et d effectué sur mon PC.
En effet, je reçois des pub CID en grande quantité
12 Avril 2008 14:54:22

sauvez moi!!!
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS