Aller au contenu

Elin

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    12

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Elin

  1. Elin
    Je te remercie de m'avoir encore sorti de là Malgré mes attentions cette saleté m'a encore bien embeté (pas facile quand on à 2 ados à la maison en mal de messagerie instantanée) Encore merci et bonne soirée
  2. Elin
    Logfile of HijackThis v1.99.1 Scan saved at 17:28:05, on 21/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Davmanu\Bureau\Outil Windows\Scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.74\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.04\AMVConverter\grab.html O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.04\MediaManager\grab.html O8 - Extra context menu item: Options RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Options - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O9 - Extra 'Tools' menuitem: Options RoboForm - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1220099106281 O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
  3. Elin
    Clean Navipromo version 3.6.5 commencé le 21/09/2008 à 17:05:07,76 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Davmanu" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.13 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\Davmanu\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1.DAV\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Davmanu\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.DAV\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Davmanu\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.DAV\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Davmanu\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.DAV\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Davmanu\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * cfnewgpb.dat trouvé ! Copie cfnewgpb.dat réalisée avec succès ! cfnewgpb.dat supprimé ! eccbju.dat trouvé ! Copie eccbju.dat réalisée avec succès ! eccbju.dat supprimé ! jbxcim.dat trouvé ! Copie jbxcim.dat réalisée avec succès ! jbxcim.dat supprimé ! * Dans "C:\Documents and Settings\Davmanu\locals~1\applic~1" * * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Dans "C:\DOCUME~1\ADMINI~1.DAV\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 21/09/2008 à 17:11:03,45 *** Logfile of HijackThis v1.99.1 Scan saved at 17:14:03, on 21/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\notepad.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Davmanu\Bureau\Outil Windows\Scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O8 - Extra context menu item: &Search - ?p=ZKfox000 O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.74\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.04\AMVConverter\grab.html O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.04\MediaManager\grab.html O8 - Extra context menu item: Options RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Options - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O9 - Extra 'Tools' menuitem: Options RoboForm - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1220099106281 O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
  4. Elin
    --------------------\\ Lop S&D 4.2.4-4 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 2.40GHz ) BIOS : Award Modular BIOS v6.00PG USER : Davmanu ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total : 74 Go Free : 33 Go D:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-09-2008|22:20 ) Option : [3] ( 21/09/2008|16:15 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\obj bits.exe Supprime! - C:\DOCUME~1\Davmanu\Cookies\davmanu@advertstream[2].txt Supprime! - C:\DOCUME~1\Davmanu\Cookies\davmanu@banner.cotedazurpalace[2].txt Supprime! - C:\DOCUME~1\Davmanu\Cookies\davmanu@cotedazurpalace[2].txt Supprime! - C:\DOCUME~1\Davmanu\Cookies\davmanu@www.cotedazurpalace[1].txt Supprime! - C:\DOCUME~1\Davmanu\Cookies\davmanu@adopt.euroclick[1].txt Supprime! - C:\DOCUME~1\Davmanu\Cookies\davmanu@partypoker[2].txt Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [27/07/2006|13:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [08/04/2006|19:19] C:\DOCUME~1\ADMINI~1.DAV\APPLIC~1\Microsoft [15/02/2008|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [02/02/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [30/09/2006|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [04/06/2008|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [27/05/2007|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth [17/05/2006|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [21/08/2006|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [17/07/2006|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [10/01/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [17/03/2008|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [17/05/2006|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [30/05/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [13/09/2006|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [14/06/2008|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [22/07/2007|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mix Grey Mode Site [30/12/2006|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mpDRM [23/03/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [10/06/2006|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames [12/02/2007|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [09/01/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm [03/06/2007|13:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [07/06/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [22/03/2007|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\STOPzilla! [16/02/2007|01:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [14/06/2008|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [07/12/2006|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [12/02/2007|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zabersoft [22/03/2007|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZILLAbar [13/04/2008|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [17/10/2006|13:55] C:\DOCUME~1\Davmanu\APPLIC~1\7Wonders [09/02/2008|18:54] C:\DOCUME~1\Davmanu\APPLIC~1\Adobe [02/02/2007|01:25] C:\DOCUME~1\Davmanu\APPLIC~1\AdobeUM [02/02/2007|15:36] C:\DOCUME~1\Davmanu\APPLIC~1\Ahead [29/09/2006|13:54] C:\DOCUME~1\Davmanu\APPLIC~1\Apple Computer [13/02/2007|17:46] C:\DOCUME~1\Davmanu\APPLIC~1\CamTrack [05/10/2006|09:30] C:\DOCUME~1\Davmanu\APPLIC~1\Google [09/04/2006|11:49] C:\DOCUME~1\Davmanu\APPLIC~1\Help [13/04/2008|19:57] C:\DOCUME~1\Davmanu\APPLIC~1\Identities [03/04/2008|18:17] C:\DOCUME~1\Davmanu\APPLIC~1\InstallShield [09/04/2006|12:26] C:\DOCUME~1\Davmanu\APPLIC~1\Jasc Software Inc [15/03/2007|10:58] C:\DOCUME~1\Davmanu\APPLIC~1\Lavasoft [23/03/2008|14:35] C:\DOCUME~1\Davmanu\APPLIC~1\Leadertech [03/04/2008|18:51] C:\DOCUME~1\Davmanu\APPLIC~1\ma-config.com [20/06/2006|13:50] C:\DOCUME~1\Davmanu\APPLIC~1\Macromedia [30/05/2008|14:07] C:\DOCUME~1\Davmanu\APPLIC~1\Malwarebytes [14/12/2006|14:08] C:\DOCUME~1\Davmanu\APPLIC~1\Media Player Classic [11/01/2007|01:41] C:\DOCUME~1\Davmanu\APPLIC~1\Microsoft [01/09/2006|18:03] C:\DOCUME~1\Davmanu\APPLIC~1\Mozilla [30/05/2008|15:53] C:\DOCUME~1\Davmanu\APPLIC~1\MSN6 [17/09/2006|19:44] C:\DOCUME~1\Davmanu\APPLIC~1\Nvu [05/09/2008|18:57] C:\DOCUME~1\Davmanu\APPLIC~1\Once obj sixth [12/02/2007|00:13] C:\DOCUME~1\Davmanu\APPLIC~1\PlayFirst [18/12/2006|12:32] C:\DOCUME~1\Davmanu\APPLIC~1\Real [05/05/2008|19:26] C:\DOCUME~1\Davmanu\APPLIC~1\Samsung [14/03/2007|21:47] C:\DOCUME~1\Davmanu\APPLIC~1\Screenshot Sender [20/10/2007|16:23] C:\DOCUME~1\Davmanu\APPLIC~1\Simply Super Software [24/01/2008|17:13] C:\DOCUME~1\Davmanu\APPLIC~1\Skype [05/10/2006|09:30] C:\DOCUME~1\Davmanu\APPLIC~1\SlipStream [02/09/2006|14:53] C:\DOCUME~1\Davmanu\APPLIC~1\Sun [06/09/2006|23:32] C:\DOCUME~1\Davmanu\APPLIC~1\vlc [28/01/2007|18:38] C:\DOCUME~1\Davmanu\APPLIC~1\XnView [17/10/2006|20:55] C:\DOCUME~1\Davmanu\APPLIC~1\Zak&Jack [13/04/2008|19:57] C:\DOCUME~1\Davmanu\APPLIC~1\Zylom [08/04/2006|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [22/06/2007|11:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help [14/06/2007|15:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [07/11/2007|18:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia [08/04/2006|19:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [15/10/2007|09:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Mozilla [15/10/2007|09:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Talkback --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [26/02/2007 18:55][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job [21/09/2008 09:51][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 16:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [09/04/2006|12:25] C:\Program Files\ABBYY FineReader 5.0 Sprint [04/09/2006|13:25] C:\Program Files\AbiSuite2 [30/06/2008|12:42] C:\Program Files\Adobe [10/12/2006|22:52] C:\Program Files\AdwareSpywareScannerDeleter [25/11/2006|13:32] C:\Program Files\Ahead [19/02/2008|21:19] C:\Program Files\Alice [28/08/2006|13:28] C:\Program Files\Audacity [04/06/2008|10:47] C:\Program Files\Avira [26/06/2006|14:06] C:\Program Files\AXEL [27/02/2007|17:25] C:\Program Files\Beneton Software [17/05/2007|08:11] C:\Program Files\Blender Foundation [09/03/2007|14:09] C:\Program Files\BOOTLOADER [10/12/2006|22:53] C:\Program Files\CCleaner [03/09/2006|20:41] C:\Program Files\CDex_150 [08/04/2006|19:09] C:\Program Files\ComPlus Applications [10/02/2007|01:05] C:\Program Files\CPUCooL [09/08/2006|21:13] C:\Program Files\Creative [17/03/2008|15:23] C:\Program Files\Customer [09/04/2006|12:26] C:\Program Files\Dell Computer [23/01/2008|15:42] C:\Program Files\Dell Photo AIO Printer 922 [27/10/2007|13:14] C:\Program Files\DivX [21/08/2006|16:53] C:\Program Files\DVD Shrink [27/10/2007|13:15] C:\Program Files\e-anim604 [05/07/2007|19:53] C:\Program Files\Eidos Interactive [07/11/2007|14:40] C:\Program Files\El Juky [16/09/2008|13:31] C:\Program Files\eMule [05/07/2007|19:53] C:\Program Files\eMule(2) [23/01/2008|15:43] C:\Program Files\eurobarre [08/01/2007|01:56] C:\Program Files\Executive Software [28/03/2008|17:03] C:\Program Files\EZFace [17/09/2007|20:09] C:\Program Files\Fichiers communs [25/02/2007|21:37] C:\Program Files\Gimp [09/01/2007|00:59] C:\Program Files\GlobFX Technologies [16/03/2007|10:26] C:\Program Files\Google [05/02/2007|23:40] C:\Program Files\Google Video [10/01/2008|14:57] C:\Program Files\Grisoft [03/04/2008|18:03] C:\Program Files\HardwareDetection [16/01/2007|01:55] C:\Program Files\Incomplete [10/07/2008|17:03] C:\Program Files\InstallShield Installation Information [09/04/2006|14:07] C:\Program Files\Intel [07/09/2008|10:01] C:\Program Files\Internet Explorer [29/02/2008|14:29] C:\Program Files\Inventel [26/02/2007|14:21] C:\Program Files\IVT Corporation [27/01/2007|02:04] C:\Program Files\iWin [09/04/2006|12:26] C:\Program Files\Jasc Software Inc [11/08/2008|19:55] C:\Program Files\Java [02/09/2006|12:40] C:\Program Files\Lavalys [15/03/2007|10:56] C:\Program Files\Lavasoft [07/01/2007|21:39] C:\Program Files\Lecteur CANALPLAY [15/01/2007|20:59] C:\Program Files\LocalCooling [09/08/2006|21:06] C:\Program Files\Logitech [17/05/2008|22:14] C:\Program Files\ma-config.com [30/05/2008|14:08] C:\Program Files\Malwarebytes' Anti-Malware [15/01/2007|20:51] C:\Program Files\Media Player Classic [05/09/2008|22:00] C:\Program Files\Messenger [03/09/2008|18:16] C:\Program Files\Messenger Plus! Live [08/04/2006|19:20] C:\Program Files\microsoft frontpage [24/02/2007|18:08] C:\Program Files\Microsoft GIF Animator [23/01/2008|15:53] C:\Program Files\Microsoft IntelliPoint [26/02/2007|17:32] C:\Program Files\Microsoft IntelliPoint 5.2 [23/01/2008|15:54] C:\Program Files\Microsoft IntelliType Pro [10/07/2006|13:41] C:\Program Files\Microsoft Office [02/02/2007|01:05] C:\Program Files\Microsoft Reader [24/06/2007|21:52] C:\Program Files\Microsoft Works [20/04/2008|18:10] C:\Program Files\Monopoly [09/05/2006|11:34] C:\Program Files\Morgan [30/08/2008|15:27] C:\Program Files\Movie Maker [21/09/2008|15:06] C:\Program Files\Mozilla Firefox [14/02/2007|14:19] C:\Program Files\MP3 Player Utilities [02/02/2007|16:42] C:\Program Files\MP3 Player Utilities 4.04 [23/01/2008|18:35] C:\Program Files\MSI [08/04/2006|19:09] C:\Program Files\MSN [08/04/2006|19:09] C:\Program Files\MSN Gaming Zone [30/08/2008|17:11] C:\Program Files\MSN Messenger [05/09/2008|21:52] C:\Program Files\MSXML 4.0 [06/09/2008|12:41] C:\Program Files\Navilog1 [30/08/2008|15:21] C:\Program Files\NetMeeting [29/02/2008|14:30] C:\Program Files\Nvu [03/09/2008|18:17] C:\Program Files\Once obj sixth [19/10/2006|15:26] C:\Program Files\OpiStat [30/08/2008|15:21] C:\Program Files\Outlook Express [04/06/2008|03:04] C:\Program Files\Panda Security [17/09/2006|12:40] C:\Program Files\PhotoFiltre [16/08/2008|13:10] C:\Program Files\Picasa2 [14/06/2008|12:19] C:\Program Files\Pogo FR [14/12/2006|14:35] C:\Program Files\QuickTime [19/09/2008|20:56] C:\Program Files\RamBoost XP [15/01/2007|20:51] C:\Program Files\Real Alternative [03/04/2008|18:18] C:\Program Files\Realtek [03/04/2008|18:21] C:\Program Files\Realtek AC97 [14/12/2006|14:34] C:\Program Files\Ringz Studio [06/09/2008|12:11] C:\Program Files\RogueRemover FREE [05/05/2008|19:06] C:\Program Files\Samsung [27/10/2007|13:14] C:\Program Files\Send To Toys [08/04/2006|19:11] C:\Program Files\Services en ligne [05/08/2007|12:07] C:\Program Files\Setup Files [09/01/2007|18:38] C:\Program Files\Siber Systems [14/02/2007|15:03] C:\Program Files\SigmaTel [03/06/2007|13:40] C:\Program Files\Skype [27/10/2007|13:14] C:\Program Files\SLD Codec Pack [20/02/2007|03:11] C:\Program Files\SpeedFan [23/01/2008|15:56] C:\Program Files\Spybot - Search & Destroy [11/08/2008|19:56] C:\Program Files\Sun [15/02/2008|12:49] C:\Program Files\TechCity Solutions [01/02/2008|14:09] C:\Program Files\Trojan Remover [08/04/2006|19:14] C:\Program Files\Uninstall Information [06/03/2007|03:13] C:\Program Files\Unlocker [06/04/2007|20:52] C:\Program Files\Usability Sciences [06/09/2006|23:30] C:\Program Files\VideoLAN [17/07/2006|21:37] C:\Program Files\Windows Installer Clean Up [10/01/2008|17:01] C:\Program Files\Windows Live [13/09/2008|15:26] C:\Program Files\Windows Media Connect 2 [13/09/2008|15:33] C:\Program Files\Windows Media Player [30/08/2008|15:21] C:\Program Files\Windows NT [09/04/2006|12:28] C:\Program Files\WindowsUpdate [01/10/2006|11:52] C:\Program Files\WinRAR [02/09/2007|19:38] C:\Program Files\Wolfenstein - Enemy Territory [08/04/2006|19:20] C:\Program Files\xerox [09/08/2008|15:24] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [15/02/2008|15:19] C:\Program Files\Fichiers communs\Adobe [25/11/2006|13:28] C:\Program Files\Fichiers communs\Ahead [17/05/2006|11:31] C:\Program Files\Fichiers communs\BOONTY Shared [10/10/2006|17:04] C:\Program Files\Fichiers communs\DirectX [30/12/2006|15:48] C:\Program Files\Fichiers communs\fluxDVD [17/03/2008|15:22] C:\Program Files\Fichiers communs\InstallShield [21/03/2007|18:23] C:\Program Files\Fichiers communs\iS3 [02/09/2006|14:49] C:\Program Files\Fichiers communs\Java [02/02/2007|01:06] C:\Program Files\Fichiers communs\L&H [09/04/2006|12:34] C:\Program Files\Fichiers communs\Labtec [17/05/2006|12:36] C:\Program Files\Fichiers communs\Macrovision Shared [24/06/2007|22:08] C:\Program Files\Fichiers communs\Microsoft Shared [30/12/2006|15:47] C:\Program Files\Fichiers communs\mpDRM [08/04/2006|19:10] C:\Program Files\Fichiers communs\MSSoap [08/04/2006|19:38] C:\Program Files\Fichiers communs\ODBC [14/12/2006|14:35] C:\Program Files\Fichiers communs\Real [29/08/2006|14:55] C:\Program Files\Fichiers communs\Reallusion [08/04/2006|19:10] C:\Program Files\Fichiers communs\Services [03/06/2007|13:40] C:\Program Files\Fichiers communs\Skype [08/04/2006|19:38] C:\Program Files\Fichiers communs\SpeechEngines [30/08/2008|15:21] C:\Program Files\Fichiers communs\System --------------------\\ Process ( 35 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-21 16:18:05 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 36 --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== [F:31][D:3]-> C:\DOCUME~1\Davmanu\LOCALS~1\Temp [F:90][D:0]-> C:\DOCUME~1\Davmanu\Cookies [F:431][D:5]-> C:\DOCUME~1\Davmanu\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 21/09/2008|16:03 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 21/09/2008|16:25 - Option : [3] --------------------\\ Fin du rapport a 16:25:10 C:\DOCUME~1\Davmanu\APPLIC~1\Once obj sixth moved successfully. C:\Program Files\eurobarre\skin moved successfully. C:\Program Files\eurobarre moved successfully. C:\Program Files\Once obj sixth moved successfully. < EmptyTemp > Temp folders emptied. IE temp folders emptied. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 0921 Search Navipromo version 3.6.5 commencé le 21/09/2008 à 16:30:48,12 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Davmanu" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.13 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Davmanu\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.DAV\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Davmanu\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.DAV\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Davmanu\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.DAV\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Davmanu\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1.DAV\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : cfnewgpb.dat trouvé ! eccbju.dat trouvé ! jbxcim.dat trouvé ! * Dans "C:\Documents and Settings\Davmanu\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADMINI~1.DAV\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 21/09/2008 à 16:55:46,45 ***
  5. Elin
    Salut Angelique merci de me venir à l'aide à nouveau --------------------\\ Lop S&D 4.2.4-4 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 2.40GHz ) BIOS : Award Modular BIOS v6.00PG USER : Davmanu ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total : 74 Go Free : 33 Go D:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-09-2008|22:20 ) Option : [1] ( 21/09/2008|15:53 ) --------------------\\ Listing des dossiers dans APPLIC~1 [27/07/2006|13:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [08/04/2006|19:19] C:\DOCUME~1\ADMINI~1.DAV\APPLIC~1\Microsoft [15/02/2008|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [02/02/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [30/09/2006|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [04/06/2008|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [27/05/2007|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth [17/05/2006|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [21/08/2006|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [03/09/2008|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data [17/07/2006|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [10/01/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [17/03/2008|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [17/05/2006|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [30/05/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [13/09/2006|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [14/06/2008|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [22/07/2007|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mix Grey Mode Site [30/12/2006|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mpDRM [23/03/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [10/06/2006|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames [12/02/2007|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [09/01/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm [03/06/2007|13:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [07/06/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [22/03/2007|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\STOPzilla! [16/02/2007|01:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [14/06/2008|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [07/12/2006|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [12/02/2007|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zabersoft [22/03/2007|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZILLAbar [13/04/2008|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [17/10/2006|13:55] C:\DOCUME~1\Davmanu\APPLIC~1\7Wonders [09/02/2008|18:54] C:\DOCUME~1\Davmanu\APPLIC~1\Adobe [02/02/2007|01:25] C:\DOCUME~1\Davmanu\APPLIC~1\AdobeUM [02/02/2007|15:36] C:\DOCUME~1\Davmanu\APPLIC~1\Ahead [29/09/2006|13:54] C:\DOCUME~1\Davmanu\APPLIC~1\Apple Computer [13/02/2007|17:46] C:\DOCUME~1\Davmanu\APPLIC~1\CamTrack [05/10/2006|09:30] C:\DOCUME~1\Davmanu\APPLIC~1\Google [09/04/2006|11:49] C:\DOCUME~1\Davmanu\APPLIC~1\Help [13/04/2008|19:57] C:\DOCUME~1\Davmanu\APPLIC~1\Identities [03/04/2008|18:17] C:\DOCUME~1\Davmanu\APPLIC~1\InstallShield [09/04/2006|12:26] C:\DOCUME~1\Davmanu\APPLIC~1\Jasc Software Inc [15/03/2007|10:58] C:\DOCUME~1\Davmanu\APPLIC~1\Lavasoft [23/03/2008|14:35] C:\DOCUME~1\Davmanu\APPLIC~1\Leadertech [03/04/2008|18:51] C:\DOCUME~1\Davmanu\APPLIC~1\ma-config.com [20/06/2006|13:50] C:\DOCUME~1\Davmanu\APPLIC~1\Macromedia [30/05/2008|14:07] C:\DOCUME~1\Davmanu\APPLIC~1\Malwarebytes [14/12/2006|14:08] C:\DOCUME~1\Davmanu\APPLIC~1\Media Player Classic [11/01/2007|01:41] C:\DOCUME~1\Davmanu\APPLIC~1\Microsoft [01/09/2006|18:03] C:\DOCUME~1\Davmanu\APPLIC~1\Mozilla [30/05/2008|15:53] C:\DOCUME~1\Davmanu\APPLIC~1\MSN6 [17/09/2006|19:44] C:\DOCUME~1\Davmanu\APPLIC~1\Nvu [05/09/2008|18:57] C:\DOCUME~1\Davmanu\APPLIC~1\Once obj sixth [12/02/2007|00:13] C:\DOCUME~1\Davmanu\APPLIC~1\PlayFirst [18/12/2006|12:32] C:\DOCUME~1\Davmanu\APPLIC~1\Real [05/05/2008|19:26] C:\DOCUME~1\Davmanu\APPLIC~1\Samsung [14/03/2007|21:47] C:\DOCUME~1\Davmanu\APPLIC~1\Screenshot Sender [20/10/2007|16:23] C:\DOCUME~1\Davmanu\APPLIC~1\Simply Super Software [24/01/2008|17:13] C:\DOCUME~1\Davmanu\APPLIC~1\Skype [05/10/2006|09:30] C:\DOCUME~1\Davmanu\APPLIC~1\SlipStream [02/09/2006|14:53] C:\DOCUME~1\Davmanu\APPLIC~1\Sun [06/09/2006|23:32] C:\DOCUME~1\Davmanu\APPLIC~1\vlc [28/01/2007|18:38] C:\DOCUME~1\Davmanu\APPLIC~1\XnView [17/10/2006|20:55] C:\DOCUME~1\Davmanu\APPLIC~1\Zak&Jack [13/04/2008|19:57] C:\DOCUME~1\Davmanu\APPLIC~1\Zylom [08/04/2006|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [22/06/2007|11:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help [14/06/2007|15:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [07/11/2007|18:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia [08/04/2006|19:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [15/10/2007|09:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Mozilla [15/10/2007|09:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Talkback --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [26/02/2007 18:55][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job [21/09/2008 09:51][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 16:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [09/04/2006|12:25] C:\Program Files\ABBYY FineReader 5.0 Sprint [04/09/2006|13:25] C:\Program Files\AbiSuite2 [30/06/2008|12:42] C:\Program Files\Adobe [10/12/2006|22:52] C:\Program Files\AdwareSpywareScannerDeleter [25/11/2006|13:32] C:\Program Files\Ahead [19/02/2008|21:19] C:\Program Files\Alice [28/08/2006|13:28] C:\Program Files\Audacity [04/06/2008|10:47] C:\Program Files\Avira [26/06/2006|14:06] C:\Program Files\AXEL [27/02/2007|17:25] C:\Program Files\Beneton Software [17/05/2007|08:11] C:\Program Files\Blender Foundation [09/03/2007|14:09] C:\Program Files\BOOTLOADER [10/12/2006|22:53] C:\Program Files\CCleaner [03/09/2006|20:41] C:\Program Files\CDex_150 [08/04/2006|19:09] C:\Program Files\ComPlus Applications [10/02/2007|01:05] C:\Program Files\CPUCooL [09/08/2006|21:13] C:\Program Files\Creative [17/03/2008|15:23] C:\Program Files\Customer [09/04/2006|12:26] C:\Program Files\Dell Computer [23/01/2008|15:42] C:\Program Files\Dell Photo AIO Printer 922 [27/10/2007|13:14] C:\Program Files\DivX [21/08/2006|16:53] C:\Program Files\DVD Shrink [27/10/2007|13:15] C:\Program Files\e-anim604 [05/07/2007|19:53] C:\Program Files\Eidos Interactive [07/11/2007|14:40] C:\Program Files\El Juky [16/09/2008|13:31] C:\Program Files\eMule [05/07/2007|19:53] C:\Program Files\eMule(2) [23/01/2008|15:43] C:\Program Files\eurobarre [08/01/2007|01:56] C:\Program Files\Executive Software [28/03/2008|17:03] C:\Program Files\EZFace [17/09/2007|20:09] C:\Program Files\Fichiers communs [25/02/2007|21:37] C:\Program Files\Gimp [09/01/2007|00:59] C:\Program Files\GlobFX Technologies [16/03/2007|10:26] C:\Program Files\Google [05/02/2007|23:40] C:\Program Files\Google Video [10/01/2008|14:57] C:\Program Files\Grisoft [03/04/2008|18:03] C:\Program Files\HardwareDetection [16/01/2007|01:55] C:\Program Files\Incomplete [10/07/2008|17:03] C:\Program Files\InstallShield Installation Information [09/04/2006|14:07] C:\Program Files\Intel [07/09/2008|10:01] C:\Program Files\Internet Explorer [29/02/2008|14:29] C:\Program Files\Inventel [26/02/2007|14:21] C:\Program Files\IVT Corporation [27/01/2007|02:04] C:\Program Files\iWin [09/04/2006|12:26] C:\Program Files\Jasc Software Inc [11/08/2008|19:55] C:\Program Files\Java [02/09/2006|12:40] C:\Program Files\Lavalys [15/03/2007|10:56] C:\Program Files\Lavasoft [07/01/2007|21:39] C:\Program Files\Lecteur CANALPLAY [15/01/2007|20:59] C:\Program Files\LocalCooling [09/08/2006|21:06] C:\Program Files\Logitech [17/05/2008|22:14] C:\Program Files\ma-config.com [30/05/2008|14:08] C:\Program Files\Malwarebytes' Anti-Malware [15/01/2007|20:51] C:\Program Files\Media Player Classic [05/09/2008|22:00] C:\Program Files\Messenger [03/09/2008|18:16] C:\Program Files\Messenger Plus! Live [08/04/2006|19:20] C:\Program Files\microsoft frontpage [24/02/2007|18:08] C:\Program Files\Microsoft GIF Animator [23/01/2008|15:53] C:\Program Files\Microsoft IntelliPoint [26/02/2007|17:32] C:\Program Files\Microsoft IntelliPoint 5.2 [23/01/2008|15:54] C:\Program Files\Microsoft IntelliType Pro [10/07/2006|13:41] C:\Program Files\Microsoft Office [02/02/2007|01:05] C:\Program Files\Microsoft Reader [24/06/2007|21:52] C:\Program Files\Microsoft Works [20/04/2008|18:10] C:\Program Files\Monopoly [09/05/2006|11:34] C:\Program Files\Morgan [30/08/2008|15:27] C:\Program Files\Movie Maker [21/09/2008|15:06] C:\Program Files\Mozilla Firefox [14/02/2007|14:19] C:\Program Files\MP3 Player Utilities [02/02/2007|16:42] C:\Program Files\MP3 Player Utilities 4.04 [23/01/2008|18:35] C:\Program Files\MSI [08/04/2006|19:09] C:\Program Files\MSN [08/04/2006|19:09] C:\Program Files\MSN Gaming Zone [30/08/2008|17:11] C:\Program Files\MSN Messenger [05/09/2008|21:52] C:\Program Files\MSXML 4.0 [06/09/2008|12:41] C:\Program Files\Navilog1 [30/08/2008|15:21] C:\Program Files\NetMeeting [29/02/2008|14:30] C:\Program Files\Nvu [03/09/2008|18:17] C:\Program Files\Once obj sixth [19/10/2006|15:26] C:\Program Files\OpiStat [30/08/2008|15:21] C:\Program Files\Outlook Express [04/06/2008|03:04] C:\Program Files\Panda Security [17/09/2006|12:40] C:\Program Files\PhotoFiltre [16/08/2008|13:10] C:\Program Files\Picasa2 [14/06/2008|12:19] C:\Program Files\Pogo FR [14/12/2006|14:35] C:\Program Files\QuickTime [19/09/2008|20:56] C:\Program Files\RamBoost XP [15/01/2007|20:51] C:\Program Files\Real Alternative [03/04/2008|18:18] C:\Program Files\Realtek [03/04/2008|18:21] C:\Program Files\Realtek AC97 [14/12/2006|14:34] C:\Program Files\Ringz Studio [06/09/2008|12:11] C:\Program Files\RogueRemover FREE [05/05/2008|19:06] C:\Program Files\Samsung [27/10/2007|13:14] C:\Program Files\Send To Toys [08/04/2006|19:11] C:\Program Files\Services en ligne [05/08/2007|12:07] C:\Program Files\Setup Files [09/01/2007|18:38] C:\Program Files\Siber Systems [14/02/2007|15:03] C:\Program Files\SigmaTel [03/06/2007|13:40] C:\Program Files\Skype [27/10/2007|13:14] C:\Program Files\SLD Codec Pack [20/02/2007|03:11] C:\Program Files\SpeedFan [23/01/2008|15:56] C:\Program Files\Spybot - Search & Destroy [11/08/2008|19:56] C:\Program Files\Sun [15/02/2008|12:49] C:\Program Files\TechCity Solutions [01/02/2008|14:09] C:\Program Files\Trojan Remover [08/04/2006|19:14] C:\Program Files\Uninstall Information [06/03/2007|03:13] C:\Program Files\Unlocker [06/04/2007|20:52] C:\Program Files\Usability Sciences [06/09/2006|23:30] C:\Program Files\VideoLAN [17/07/2006|21:37] C:\Program Files\Windows Installer Clean Up [10/01/2008|17:01] C:\Program Files\Windows Live [13/09/2008|15:26] C:\Program Files\Windows Media Connect 2 [13/09/2008|15:33] C:\Program Files\Windows Media Player [30/08/2008|15:21] C:\Program Files\Windows NT [09/04/2006|12:28] C:\Program Files\WindowsUpdate [01/10/2006|11:52] C:\Program Files\WinRAR [02/09/2007|19:38] C:\Program Files\Wolfenstein - Enemy Territory [08/04/2006|19:20] C:\Program Files\xerox [09/08/2008|15:24] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [15/02/2008|15:19] C:\Program Files\Fichiers communs\Adobe [25/11/2006|13:28] C:\Program Files\Fichiers communs\Ahead [17/05/2006|11:31] C:\Program Files\Fichiers communs\BOONTY Shared [10/10/2006|17:04] C:\Program Files\Fichiers communs\DirectX [30/12/2006|15:48] C:\Program Files\Fichiers communs\fluxDVD [17/03/2008|15:22] C:\Program Files\Fichiers communs\InstallShield [21/03/2007|18:23] C:\Program Files\Fichiers communs\iS3 [02/09/2006|14:49] C:\Program Files\Fichiers communs\Java [02/02/2007|01:06] C:\Program Files\Fichiers communs\L&H [09/04/2006|12:34] C:\Program Files\Fichiers communs\Labtec [17/05/2006|12:36] C:\Program Files\Fichiers communs\Macrovision Shared [24/06/2007|22:08] C:\Program Files\Fichiers communs\Microsoft Shared [30/12/2006|15:47] C:\Program Files\Fichiers communs\mpDRM [08/04/2006|19:10] C:\Program Files\Fichiers communs\MSSoap [08/04/2006|19:38] C:\Program Files\Fichiers communs\ODBC [14/12/2006|14:35] C:\Program Files\Fichiers communs\Real [29/08/2006|14:55] C:\Program Files\Fichiers communs\Reallusion [08/04/2006|19:10] C:\Program Files\Fichiers communs\Services [03/06/2007|13:40] C:\Program Files\Fichiers communs\Skype [08/04/2006|19:38] C:\Program Files\Fichiers communs\SpeechEngines [30/08/2008|15:21] C:\Program Files\Fichiers communs\System --------------------\\ Process ( 36 Processes ) IEXPLORE.EXE ~ [PID:1368] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\obj bits.exe C:\DOCUME~1\Davmanu\Cookies\davmanu@advertstream[2].txt C:\DOCUME~1\Davmanu\Cookies\davmanu@banner.cotedazurpalace[2].txt C:\DOCUME~1\Davmanu\Cookies\davmanu@cotedazurpalace[2].txt C:\DOCUME~1\Davmanu\Cookies\davmanu@www.cotedazurpalace[1].txt C:\DOCUME~1\Davmanu\Cookies\davmanu@adopt.euroclick[1].txt C:\DOCUME~1\Davmanu\Cookies\davmanu@partypoker[2].txt --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-21 15:55:48 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 36 --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== [F:31][D:3]-> C:\DOCUME~1\Davmanu\LOCALS~1\Temp [F:96][D:0]-> C:\DOCUME~1\Davmanu\Cookies [F:431][D:5]-> C:\DOCUME~1\Davmanu\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 21/09/2008|16:03 - Option : [1] --------------------\\ Fin du rapport a 16:03:48
  6. Elin
    Bonjour, J'ai été 3 mois tranquille (merci Angelique ) et voilà que ces satanées fenetres CID réapparaissent un peu t'aide me sera de nouveau utile Logfile of HijackThis v1.99.1 Scan saved at 15:27:44, on 21/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Davmanu\Bureau\Outil Windows\Scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\obj bits.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Mags cdrom] C:\DOCUME~1\Davmanu\APPLIC~1\ONCEOB~1\SafeEach.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O8 - Extra context menu item: &Search - ?p=ZKfox000 O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.74\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.04\AMVConverter\grab.html O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.04\MediaManager\grab.html O8 - Extra context menu item: Options RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Options - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O9 - Extra 'Tools' menuitem: Options RoboForm - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1220099106281 O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
  7. Elin
    Effectivement problème résolu Pourtant lors de l'installation de "MessengerTruc" j'avais bien coché "ne pas pas installer le sponsor" Enfin le principale c'est que ça refonctionne je ne sais comment te remercier
  8. Elin
    Désolé de la réponse tardive, une urgence à regler et encore merci du temps que tu m'accordes Explorer killed successfully File/Folder C:\DOCUME~1\Davmanu\APPLIC~1\ONCEOB~1 not found. File/Folder C:\WINDOWS\Tasks\A5B3292E9190A4B2.job not found. < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Mags cdrom > Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Mags cdrom not found. Explorer started successfully OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06042008_152453 Logfile of HijackThis v1.99.1 Scan saved at 15:26:05, on 04/06/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Davmanu\Bureau\Outil Windows\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: &Search - ?p=ZKfox000 O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.74\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.04\AMVConverter\grab.html O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.04\MediaManager\grab.html O8 - Extra context menu item: Options RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
  9. Elin
    Désolé j'ai rebooté avant de poster le rapport Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 14:26:50, on 04/06/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\notepad.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Davmanu\Bureau\Outil Windows\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [Mags cdrom] C:\DOCUME~1\Davmanu\APPLIC~1\ONCEOB~1\SafeEach.exe O8 - Extra context menu item: &Search - ?p=ZKfox000 O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.74\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.04\AMVConverter\grab.html O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.04\MediaManager\grab.html O8 - Extra context menu item: Options RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
  10. Elin
    Explorer killed successfully Folder move failed. C:\Documents and Settings\All Users\Application Data\flag ace stupid data scheduled to be moved on reboot. C:\Documents and Settings\All Users\Application Data\meetstupidbaseheck moved successfully. C:\Documents and Settings\All Users\Application Data\Stupid Sign Two Heart moved successfully. C:\Documents and Settings\Davmanu\Application Data\Once obj sixth moved successfully. C:\WINDOWS\Tasks\A5B3292E9190A4B2.job moved successfully. C:\Program Files\Alwil Software\Avast4\Setup moved successfully. C:\Program Files\Alwil Software\Avast4 moved successfully. C:\Program Files\Alwil Software moved successfully. C:\Program Files\Circle Developement moved successfully. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Mags cdrom > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Mags cdrom\\ deleted successfully. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stupid Data Dart Wave > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stupid Data Dart Wave\\ deleted successfully. < EmptyTemp > Temp folders emptied. IE temp folders emptied. Explorer started successfully OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06042008_141933
  11. Elin
    Bonjour Angelique et merci de ton aide Rapport lopxpMH2 version 2.0 fait à 13:52:06,18 le 04/06/2008 C:\Documents and Settings\Davmanu\Bureau\lopxpMH2 ****************************************** ## Répertoires Application Data Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\Administrateur\Application Data 26/07/2006 16:23 <REP> . 26/07/2006 16:23 <REP> .. 26/07/2006 16:23 <REP> Microsoft 0 fichier(s) 0 octets 3 Rép(s) 45 259 481 088 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data 26/07/2006 16:23 <REP> . 26/07/2006 16:23 <REP> .. 26/07/2006 16:23 <REP> Microsoft 26/07/2006 16:27 3 184 656 IconCache.db 1 fichier(s) 3 184 656 octets 3 Rép(s) 45 259 476 992 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\Administrateur.DAVMANU\Application Data 04/06/2008 02:19 <REP> . 04/06/2008 02:19 <REP> .. 04/06/2008 02:19 <REP> Microsoft 04/06/2008 02:19 62 desktop.ini 1 fichier(s) 62 octets 3 Rép(s) 45 259 476 992 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\Administrateur.DAVMANU\Local Settings\Application Data 04/06/2008 02:19 <REP> . 04/06/2008 02:19 <REP> .. 04/06/2008 02:19 <REP> Microsoft 04/06/2008 02:20 3 712 656 IconCache.db 1 fichier(s) 3 712 656 octets 3 Rép(s) 45 259 476 992 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\All Users\Application Data 08/04/2006 19:37 <REP> . 08/04/2006 19:37 <REP> .. 02/02/2007 01:23 <REP> Adobe 25/11/2006 13:24 <REP> Ahead 29/09/2006 13:45 <REP> Apple Computer 04/06/2008 10:47 <REP> Avira 27/05/2007 21:02 <REP> Bluetooth 17/05/2006 11:32 <REP> BOONTY 21/08/2006 16:53 <REP> DVD Shrink 16/02/2008 12:47 <REP> flag ace stupid data 17/07/2006 23:23 <REP> Google 10/01/2008 14:57 <REP> Grisoft 17/03/2008 15:23 <REP> InstallShield 17/05/2006 12:36 <REP> Macrovision 30/05/2008 14:07 <REP> Malwarebytes 14/06/2007 15:07 <REP> meetstupidbaseheck 13/09/2006 18:05 <REP> Messenger Plus! 08/04/2006 19:37 <REP> Microsoft 06/06/2007 18:10 <REP> Mix Grey Mode Site 30/12/2006 15:47 <REP> mpDRM 23/03/2008 18:11 <REP> MSN6 10/06/2006 16:42 <REP> Oberongames 12/02/2007 00:13 <REP> PlayFirst 09/01/2007 18:38 <REP> RoboForm 09/04/2006 16:24 <REP> Skype 10/12/2006 22:51 <REP> Spybot - Search & Destroy 21/03/2007 18:23 <REP> STOPzilla! 19/12/2007 19:10 <REP> Stupid Sign Two Heart 16/02/2007 01:19 <REP> Symantec 20/10/2007 16:30 <REP> TEMP 07/12/2006 21:30 <REP> Windows Genuine Advantage 12/02/2007 00:04 <REP> Zabersoft 21/03/2007 18:23 <REP> ZILLAbar 16/06/2007 17:06 <REP> Zylom 08/04/2006 19:38 62 desktop.ini 05/05/2008 19:25 0 LauncherAccess.dt 29/09/2006 13:54 1 755 QTSBandwidthCache 3 fichier(s) 1 817 octets 34 Rép(s) 45 259 476 992 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\Davmanu\Application Data 08/04/2006 19:28 <REP> . 08/04/2006 19:28 <REP> .. 17/10/2006 13:53 <REP> 7Wonders 10/04/2006 10:41 <REP> Adobe 02/02/2007 01:25 <REP> AdobeUM 22/04/2006 22:28 <REP> Ahead 29/09/2006 13:50 <REP> Apple Computer 13/02/2007 17:46 <REP> CamTrack 17/07/2006 23:23 <REP> Google 09/04/2006 11:49 <REP> Help 13/04/2008 19:57 <REP> Identities 03/04/2008 18:17 <REP> InstallShield 09/04/2006 12:26 <REP> Jasc Software Inc 15/03/2007 10:58 <REP> Lavasoft 23/03/2008 14:35 <REP> Leadertech 03/04/2008 18:03 <REP> ma-config.com 08/04/2006 19:51 <REP> Macromedia 30/05/2008 14:07 <REP> Malwarebytes 14/12/2006 14:08 <REP> Media Player Classic 08/04/2006 19:28 <REP> Microsoft 01/09/2006 18:02 <REP> Mozilla 23/03/2008 18:11 <REP> MSN6 16/09/2006 16:09 <REP> Nvu 06/06/2007 18:09 <REP> Once obj sixth 12/02/2007 00:13 <REP> PlayFirst 18/12/2006 12:32 <REP> Real 05/05/2008 19:26 <REP> Samsung 14/03/2007 18:22 <REP> Screenshot Sender 20/10/2007 16:23 <REP> Simply Super Software 09/04/2006 16:24 <REP> Skype 20/09/2006 21:08 <REP> SlipStream 02/09/2006 14:53 <REP> Sun 06/09/2006 23:32 <REP> vlc 28/01/2007 18:38 <REP> XnView 17/10/2006 20:55 <REP> Zak&Jack 13/04/2008 19:57 <REP> Zylom 08/04/2006 19:28 62 desktop.ini 1 fichier(s) 62 octets 36 Rép(s) 45 259 472 896 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\Davmanu\Local Settings\Application Data 08/04/2006 19:28 <REP> . 08/04/2006 19:28 <REP> .. 02/09/2007 18:59 <REP> {C82FE1BB-5140-4F7D-8DBF-56A85573BD49} 02/02/2007 01:10 <REP> Adobe 01/02/2007 23:53 <REP> Ahead 29/09/2006 13:50 <REP> Apple Computer 17/07/2006 23:23 <REP> Google 09/04/2006 11:49 <REP> Help 09/04/2006 20:03 <REP> Identities 08/04/2006 19:28 <REP> Microsoft 01/09/2006 18:03 <REP> Mozilla 20/09/2006 18:47 <REP> ONSPEED 19/04/2006 15:00 35 328 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 08/05/2006 19:01 15 832 GDIPFONTCACHEV1.DAT 08/04/2006 19:48 6 291 456 IconCache.db 3 fichier(s) 6 342 616 octets 12 Rép(s) 45 259 472 896 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\Default User\Application Data 08/04/2006 19:37 <REP> . 08/04/2006 19:37 <REP> .. 08/04/2006 19:37 <REP> Microsoft 08/04/2006 19:38 62 desktop.ini 1 fichier(s) 62 octets 3 Rép(s) 45 259 472 896 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data 08/04/2006 19:38 <REP> . 08/04/2006 19:38 <REP> .. 08/04/2006 19:19 <REP> Microsoft 0 fichier(s) 0 octets 3 Rép(s) 45 259 472 896 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\LocalService\Application Data 08/04/2006 19:24 <REP> . 08/04/2006 19:24 <REP> .. 22/06/2007 11:36 <REP> Help 08/04/2006 19:24 <REP> Microsoft 0 fichier(s) 0 octets 4 Rép(s) 45 259 468 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data 08/04/2006 19:24 <REP> . 08/04/2006 19:24 <REP> .. 22/06/2007 11:36 <REP> Help 08/04/2006 19:24 <REP> Microsoft 0 fichier(s) 0 octets 4 Rép(s) 45 259 468 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\NetworkService\Application Data 08/04/2006 19:24 <REP> . 08/04/2006 19:24 <REP> .. 07/11/2007 18:15 <REP> Macromedia 08/04/2006 19:24 <REP> Microsoft 15/10/2007 09:50 <REP> Mozilla 15/10/2007 09:50 <REP> Talkback 0 fichier(s) 0 octets 6 Rép(s) 45 259 468 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data 08/04/2006 19:24 <REP> . 08/04/2006 19:24 <REP> .. 08/04/2006 19:24 <REP> Microsoft 15/10/2007 09:50 <REP> Mozilla 0 fichier(s) 0 octets 4 Rép(s) 45 259 468 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data 08/04/2006 19:23 <REP> . 08/04/2006 19:23 <REP> .. 08/04/2006 19:23 <REP> Microsoft 08/04/2006 19:23 62 desktop.ini 1 fichier(s) 62 octets 3 Rép(s) 45 259 468 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data 08/04/2006 19:23 <REP> . 08/04/2006 19:23 <REP> .. 08/04/2006 19:23 <REP> Microsoft 0 fichier(s) 0 octets 3 Rép(s) 45 259 468 800 octets libres ****************************************** Recherche des taches planifiées dans C:\WINDOWS\tasks C:\WINDOWS\Tasks\A5B3292E9190A4B2.job s "€!Ø . : c : \ d o c u m e ~ 1 \ d a v m a n u \ a p p l i c ~ 1 \ o n c e o b ~ 1 \ b a r b t i c k c l o c k . e x e D a v m a n u 0 Ñ C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job Ì Ýv$Lš@¢Œ?îl›F . < ÿÿÿÿ @ "!× * Š 5 c : \ P r o g r a m F i l e s \ M i c r o s o f t I n t e l l i T y p e P r o \ i t y p e . e x e , c : \ P r o g r a m F i l e s \ M i c r o s o f t I n t e l l i T y p e P r o \ D a v m a n u ****************************************** ## Répertoires de C:\Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 88A3-65BD Répertoire de C:\Program Files 04/06/2008 10:47 <REP> . 04/06/2008 10:47 <REP> .. 09/04/2006 12:25 <REP> ABBYY FineReader 5.0 Sprint 04/09/2006 13:25 <REP> AbiSuite2 15/02/2008 15:19 <REP> Adobe 10/12/2006 22:52 <REP> AdwareSpywareScannerDeleter 25/11/2006 13:32 <REP> Ahead 19/02/2008 21:19 <REP> Alice 09/04/2006 12:50 <REP> Alwil Software 28/08/2006 13:28 <REP> Audacity 04/06/2008 10:47 <REP> Avira 26/06/2006 14:06 <REP> AXEL 27/02/2007 17:25 <REP> Beneton Software 17/05/2007 08:11 <REP> Blender Foundation 09/03/2007 14:09 <REP> BOOTLOADER 10/12/2006 22:53 <REP> CCleaner 03/09/2006 20:41 <REP> CDex_150 03/06/2008 23:21 <REP> Circle Developement 08/04/2006 19:09 <REP> ComPlus Applications 10/02/2007 01:05 <REP> CPUCooL 09/08/2006 21:13 <REP> Creative 17/03/2008 15:23 <REP> Customer 09/04/2006 12:26 <REP> Dell Computer 23/01/2008 15:42 <REP> Dell Photo AIO Printer 922 27/10/2007 13:14 <REP> DivX 21/08/2006 16:53 <REP> DVD Shrink 27/10/2007 13:15 <REP> e-anim604 05/07/2007 19:53 <REP> Eidos Interactive 07/11/2007 14:40 <REP> El Juky 20/09/2007 17:16 <REP> eMule 05/07/2007 19:53 <REP> eMule(2) 23/01/2008 15:43 <REP> eurobarre 08/01/2007 01:56 <REP> Executive Software 28/03/2008 17:03 <REP> EZFace 17/09/2007 20:09 <REP> Fichiers communs 25/02/2007 21:37 <REP> Gimp 09/01/2007 00:59 <REP> GlobFX Technologies 16/03/2007 10:26 <REP> Google 05/02/2007 23:40 <REP> Google Video 10/01/2008 14:57 <REP> Grisoft 03/04/2008 18:03 <REP> HardwareDetection 16/01/2007 01:55 <REP> Incomplete 09/04/2006 14:07 <REP> Intel 14/03/2008 16:23 <REP> Internet Explorer 29/02/2008 14:29 <REP> Inventel 26/02/2007 14:21 <REP> IVT Corporation 27/01/2007 02:04 <REP> iWin 09/04/2006 12:26 <REP> Jasc Software Inc 07/03/2008 14:00 <REP> Java 02/09/2006 12:40 <REP> Lavalys 15/03/2007 10:56 <REP> Lavasoft 07/01/2007 21:39 <REP> Lecteur CANALPLAY 15/01/2007 20:59 <REP> LocalCooling 09/08/2006 21:06 <REP> Logitech 17/05/2008 22:14 <REP> ma-config.com 30/05/2008 14:08 <REP> Malwarebytes' Anti-Malware 15/01/2007 20:51 <REP> Media Player Classic 23/01/2008 15:53 <REP> Messenger 09/04/2008 18:52 <REP> Messenger Plus! Live 08/04/2006 19:20 <REP> microsoft frontpage 24/02/2007 18:08 <REP> Microsoft GIF Animator 23/01/2008 15:53 <REP> Microsoft IntelliPoint 26/02/2007 17:32 <REP> Microsoft IntelliPoint 5.2 23/01/2008 15:54 <REP> Microsoft IntelliType Pro 10/07/2006 13:41 <REP> Microsoft Office 02/02/2007 01:05 <REP> Microsoft Reader 24/06/2007 21:52 <REP> Microsoft Works 20/04/2008 18:10 <REP> Monopoly 09/05/2006 11:34 <REP> Morgan 15/01/2007 20:54 <REP> Movie Maker 04/06/2008 12:33 <REP> Mozilla Firefox 14/02/2007 14:19 <REP> MP3 Player Utilities 02/02/2007 16:42 <REP> MP3 Player Utilities 4.04 23/01/2008 18:35 <REP> MSI 08/04/2006 19:09 <REP> MSN 08/04/2006 19:09 <REP> MSN Gaming Zone 09/04/2008 18:52 <REP> MSN Messenger 15/01/2007 20:54 <REP> NetMeeting 29/02/2008 14:30 <REP> Nvu 07/05/2008 12:03 <REP> Once obj sixth 19/10/2006 15:26 <REP> OpiStat 15/01/2007 20:54 <REP> Outlook Express 04/06/2008 03:04 <REP> Panda Security 17/09/2006 12:40 <REP> PhotoFiltre 14/12/2006 14:35 <REP> QuickTime 23/03/2008 14:40 <REP> RamBoost XP 15/01/2007 20:51 <REP> Real Alternative 03/04/2008 18:18 <REP> Realtek 03/04/2008 18:21 <REP> Realtek AC97 14/12/2006 14:34 <REP> Ringz Studio 05/05/2008 19:06 <REP> Samsung 27/10/2007 13:14 <REP> Send To Toys 08/04/2006 19:11 <REP> Services en ligne 05/08/2007 12:07 <REP> Setup Files 09/01/2007 18:38 <REP> Siber Systems 14/02/2007 15:03 <REP> SigmaTel 03/06/2007 13:40 <REP> Skype 27/10/2007 13:14 <REP> SLD Codec Pack 20/02/2007 03:11 <REP> SpeedFan 23/01/2008 15:56 <REP> Spybot - Search & Destroy 15/02/2008 12:49 <REP> TechCity Solutions 01/02/2008 14:09 <REP> Trojan Remover 06/03/2007 03:13 <REP> Unlocker 06/04/2007 20:52 <REP> Usability Sciences 06/09/2006 23:30 <REP> VideoLAN 17/07/2006 21:37 <REP> Windows Installer Clean Up 10/01/2008 17:01 <REP> Windows Live 27/10/2007 13:14 <REP> Windows Media Player 15/01/2007 20:54 <REP> Windows NT 01/10/2006 11:52 <REP> WinRAR 02/09/2007 19:38 <REP> Wolfenstein - Enemy Territory 08/04/2006 19:20 <REP> xerox 12/05/2008 18:20 <REP> Zylom Games 0 fichier(s) 0 octets 113 Rép(s) 45 259 456 512 octets libres ****************************************** ## Popups autorisées * Internet Explorer ! REG.EXE VERSION 3.0 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow zonenxt.msn-int.com REG_BINARY zonenxt.msn-ppe.com REG_BINARY zone.msn.com REG_BINARY searchweb2.com REG_SZ www.searchweb2.com REG_SZ *.zylom.com REG_BINARY 00000000 * Mozilla Firefox (1 autorisé 2 interdit) ---------- C:\DOCUMENTS AND SETTINGS\DAVMANU\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\CPHIZMXD.DEFAULT\HOSTPERM.1 host popup 1 www.blancheporte.fr host popup 1 www.gamedesire.com host popup 1 www.enviedeplus.com host popup 1 www.nrj.fr host popup 1 www.laredoute.fr host popup 1 www6.jeux.com host popup 1 membres.lycos.fr host popup 1 jc.bellamy.free.fr host popup 1 mimidu765.skyrock.com host popup 1 www.webcamo.com host popup 1 amour-secret.vu.cx host popup 1 www.01net.com host popup 1 webmessenger.msn.com host popup 1 fr.garnier.com host popup 1 game3.pogo.com host popup 1 uploads.ungrounded.net host popup 1 www.anpe.fr host popup 1 blingee.com host popup 1 www.afipa.net host popup 1 www.3suisses.fr host popup 1 www.lorealparis.fr ****************************************** ## Registre * [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main] Search Bar REG_SZ http://search.msn.fr/spbasic.htm [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Mags cdrom] command REG_SZ C:\DOCUME~1\Davmanu\APPLIC~1\ONCEOB~1\SafeEach.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stupid Data Dart Wave] command REG_SZ C:\Documents and Settings\All Users\Application Data\flag ace stupid data\one cdrom.exe ****************************************** ## Zones de sécurité * HKCU Domains (4) * P3P History (5) ****************************************** ## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif" *************** Fin du rapport ****************
  12. Elin
    Bonjour, voilà mon(mes) problème(s): Lenteur au demarrage, fenêtres CID intempestives; J'ai changer mon antivirus Avast vers Antivir plusieurs virus ont étaient supprimés ensuite Ccleaner, Spyboat mais le problème persiste Si une ame charitable voulait bien m'aider, je lui en serais très reconnaissant Logfile of HijackThis v1.99.1 Scan saved at 12:32:30, on 04/06/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe C:\Documents and Settings\Davmanu\Bureau\Outil Windows\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: (no name) - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - (no file) O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k O4 - HKLM\..\Run: [Two Heart Aim Global] C:\Documents and Settings\All Users\Application Data\Stupid Sign Two Heart\Soft find.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Mags cdrom] C:\DOCUME~1\Davmanu\APPLIC~1\ONCEOB~1\SafeEach.exe O4 - Startup: Eurobarre.lnk = C:\Program Files\eurobarre\eb.exe O8 - Extra context menu item: &Search - ?p=ZKfox000 O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.74\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.04\AMVConverter\grab.html O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.04\MediaManager\grab.html O8 - Extra context menu item: Options RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra 'Tools' menuitem: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
×
×
  • Créer...