pub qui apparaissent

[dragonnette]

bonjour

j'ai des pubs qui surgissent (ad revolver, right media ect...souvent CID???), si quelqu'un peut m'aider ci joint le scan hijackthis

merci d'avance

 

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:43:49, on 22/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\CA\eTrust Antivirus\InoRpc.exe

C:\Program Files\CA\eTrust Antivirus\InoRT.exe

C:\Program Files\CA\eTrust Antivirus\InoTask.exe

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\CA\ETRUST~1\realmon.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab

O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Serveur Admin eTrust Antivirus (InoNmSrv) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe

O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe

O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe

O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O24 - Desktop Component 0: ElÚment crÚÚ par Ulead GIF Animator - C:\WINDOWS\system32\gaadi001.gif

 

--

End of file - 11055 bytes

[pear]

Bonjour,

 

Téléchargezrandom's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

 

Double-cliquez sur RSIT.exe afin de lancer RSIT.

* Cliquez Continue à l'écran Disclaimer.

* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.

* L'analyse terminée, deux fichiers texte s'ouvriront.:

Poster le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).

* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit

[dragonnette]

Logfile of random's system information tool 1.04 (written by random/random)

Run by autin joelle at 2008-10-22 21:05:59

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 96 GB (50%) free of 191 GB

Total RAM: 1023 MB (53% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:06:04, on 22/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\CA\eTrust Antivirus\InoRpc.exe

C:\Program Files\CA\eTrust Antivirus\InoRT.exe

C:\Program Files\CA\eTrust Antivirus\InoTask.exe

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\CA\ETRUST~1\realmon.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\autin joelle\Bureau\RSIT.exe

C:\Program Files\Trend Micro\HijackThis\autin joelle.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Windowjugs] C:\DOCUME~1\AUTINJ~1\APPLIC~1\EQLIST~1\Move Mapi Save.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab

O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Serveur Admin eTrust Antivirus (InoNmSrv) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe

O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe

O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe

O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O24 - Desktop Component 0: ElÚment crÚÚ par Ulead GIF Animator - C:\WINDOWS\system32\gaadi001.gif

 

--

End of file - 11285 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\ABDB46B39188FE3F.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Maintenance en 1 clic.job

C:\WINDOWS\tasks\Norton Security Scan.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{8AB8951B-7936-40C6-9E66-EEDF2C07A808}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-05-21 2582136]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-21 652784]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]

EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-05-21 2582136]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Realtime Monitor"=C:\PROGRA~1\CA\ETRUST~1\realmon.exe [2004-06-26 504080]

"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"Windowjugs"=C:\DOCUME~1\AUTINJ~1\APPLIC~1\EQLIST~1\Move Mapi Save.exe [2008-10-21 532480]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

C:\ATI-CPanel\atiptaxx.exe [2004-11-24 344064]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2007-03-20 20480]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]

C:\Program Files\Logitech\Video\ManifestEngine.exe boot []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

C:\Program Files\Logitech\Video\ISStart.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

C:\Program Files\Logitech\Video\LogiTray.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

C:\WINDOWS\SOUNDMAN.EXE [2005-03-24 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-30 68856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]

C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2007-03-20 450560]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2004-11-25 94208]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2008-02-29 79408]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"

"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"

"C:\Program Files\Warcraft III\War3.exe"="C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"

"C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe"

"C:\Program Files\Pinnacle\MediaCenter\PmcSettings.exe"="C:\Program Files\Pinnacle\MediaCenter\PmcSettings.exe:LocalSubNet:Enabled:pmcsettings.exe"

"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe"

"C:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe"="C:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe:LocalSubNet:Enabled:EpgSpoolerSrv.exe"

"C:\Program Files\Pinnacle\MediaCenter\tvtvWizard.exe"="C:\Program Files\Pinnacle\MediaCenter\tvtvWizard.exe:LocalSubNet:Enabled:tvtvWizard.exe"

"C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"

"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Program Files\PeerCast\PeerCast.exe"="C:\Program Files\PeerCast\PeerCast.exe:*:Disabled:PeerCast"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{68f8fc5a-b892-11dc-9089-001a92c9350b}]

shell\Setup\command - D:\setup.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5998317-daaa-11db-8d3a-0015f2f33c8b}]

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

 

 

======List of files/folders created in the last 1 months======

 

2008-10-22 21:05:59 ----D---- C:\rsit

2008-10-21 21:38:12 ----D---- C:\Documents and Settings\autin joelle\Application Data\eq list tons

2008-10-21 19:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping

2008-10-21 19:12:01 ----D---- C:\Program Files\eq list tons

2008-10-21 19:11:47 ----D---- C:\Program Files\Circle Developement

2008-10-15 13:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-15 13:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-15 13:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-15 13:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-15 13:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-09-28 18:06:03 ----D---- C:\Program Files\PeerCast

 

======List of files/folders modified in the last 1 months======

 

2008-10-22 21:05:59 ----D---- C:\WINDOWS\Prefetch

2008-10-22 19:23:52 ----D---- C:\WINDOWS\Temp

2008-10-22 19:23:46 ----D---- C:\WINDOWS

2008-10-22 19:23:41 ----D---- C:\WINDOWS\system32

2008-10-22 15:56:32 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-22 15:43:24 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-22 15:43:23 ----D---- C:\Program Files\Spybot - Search & Destroy

2008-10-22 14:43:28 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater

2008-10-22 14:39:27 ----D---- C:\Program Files\Mozilla Firefox

2008-10-22 14:28:01 ----SHD---- C:\RECYCLER

2008-10-22 13:07:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-10-22 12:57:11 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-21 19:12:36 ----SD---- C:\WINDOWS\Tasks

2008-10-21 19:12:01 ----AD---- C:\Program Files

2008-10-21 19:11:47 ----D---- C:\Program Files\MSN Messenger

2008-10-21 19:11:47 ----D---- C:\Program Files\Messenger Plus! Live

2008-10-20 09:11:59 ----RSD---- C:\WINDOWS\assembly

2008-10-20 09:11:37 ----SHD---- C:\WINDOWS\Installer

2008-10-20 09:11:37 ----D---- C:\Config.Msi

2008-10-20 09:11:34 ----D---- C:\WINDOWS\WinSxS

2008-10-20 09:11:34 ----D---- C:\Program Files\Paint.NET

2008-10-20 09:04:51 ----D---- C:\WINDOWS\Debug

2008-10-16 13:19:52 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-15 21:07:24 ----D---- C:\Program Files\FXhome EffectsLab Pro

2008-10-15 15:44:37 ----D---- C:\WINDOWS\network diagnostic

2008-10-15 15:32:17 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-15 15:24:56 ----D---- C:\WINDOWS\system32\Adobe

2008-10-15 15:24:56 ----D---- C:\Program Files\Fichiers communs\Adobe

2008-10-15 14:34:49 ----D---- C:\Program Files\epson

2008-10-15 14:34:48 ----HD---- C:\Program Files\InstallShield Installation Information

2008-10-15 14:02:17 ----HD---- C:\WINDOWS\inf

2008-10-15 13:59:58 ----D---- C:\Documents and Settings\autin joelle\Application Data\Help

2008-10-15 13:08:34 ----D---- C:\WINDOWS\system32\drivers

2008-10-15 13:08:32 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-15 13:08:09 ----D---- C:\Program Files\Internet Explorer

2008-10-15 13:07:45 ----A---- C:\WINDOWS\win.ini

2008-10-07 21:19:40 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-03 19:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]

R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]

R2 INO_FLTR;INO_FLTR; \??\C:\WINDOWS\system32\Drivers\ino_fltr.sys []

R2 Machnm32;Machnm32 Driver; \??\C:\WINDOWS\System32\Machnm32.sys []

R3 3xHybrid;Pinnacle PCTV Stereo service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 985088]

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-03-25 2314560]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2003-11-28 11264]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-25 872960]

R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]

R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]

R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]

R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-02-24 33408]

R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-02-24 12928]

R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]

R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-08-20 548952]

R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]

R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]

S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]

S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]

S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]

S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]

S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]

S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]

S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-10-29 32000]

S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]

S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-10-30 47360]

S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug; C:\WINDOWS\System32\Drivers\PMUSB.sys [2004-11-25 18944]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-07-02 86128]

S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 atapi;atapi; C:\WINDOWS\system32\drivers\atapi.sys [2008-04-13 96512]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-25 425984]

R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]

R2 CA_LIC_CLNT;CA License Client; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2003-10-13 143360]

R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-21 168432]

R2 InoRPC;Serveur RPC eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoRpc.exe [2004-06-26 139536]

R2 InoRT;Serveur eTrust Antivirus Temps réel; C:\Program Files\CA\eTrust Antivirus\InoRT.exe [2004-06-26 241936]

R2 InoTask;Serveur de jobs eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoTask.exe [2004-06-26 254224]

R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248]

R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]

R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]

R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2002-12-17 7520337]

R2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2004-10-29 45056]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S2 InoNmSrv;Serveur Admin eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe [2004-06-26 344336]

S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]

S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 CA_LIC_SRVR;CA License Server; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2003-04-07 151552]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]

S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]

S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-10-29 86016]

S3 ServiceLayer;ServiceLayer; C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]

S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2002-12-17 311872]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

 

-----------------EOF-----------------

 

 

Logfile of random's system information tool 1.04 (written by random/random)

Run by autin joelle at 2008-10-22 21:05:59

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 96 GB (50%) free of 191 GB

Total RAM: 1023 MB (53% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:06:04, on 22/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\CA\eTrust Antivirus\InoRpc.exe

C:\Program Files\CA\eTrust Antivirus\InoRT.exe

C:\Program Files\CA\eTrust Antivirus\InoTask.exe

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\CA\ETRUST~1\realmon.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\autin joelle\Bureau\RSIT.exe

C:\Program Files\Trend Micro\HijackThis\autin joelle.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Windowjugs] C:\DOCUME~1\AUTINJ~1\APPLIC~1\EQLIST~1\Move Mapi Save.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab

O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Serveur Admin eTrust Antivirus (InoNmSrv) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe

O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe

O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe

O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O24 - Desktop Component 0: ElÚment crÚÚ par Ulead GIF Animator - C:\WINDOWS\system32\gaadi001.gif

 

--

End of file - 11285 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\ABDB46B39188FE3F.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Maintenance en 1 clic.job

C:\WINDOWS\tasks\Norton Security Scan.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{8AB8951B-7936-40C6-9E66-EEDF2C07A808}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-05-21 2582136]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-21 652784]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]

EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-05-21 2582136]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Realtime Monitor"=C:\PROGRA~1\CA\ETRUST~1\realmon.exe [2004-06-26 504080]

"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"Windowjugs"=C:\DOCUME~1\AUTINJ~1\APPLIC~1\EQLIST~1\Move Mapi Save.exe [2008-10-21 532480]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

C:\ATI-CPanel\atiptaxx.exe [2004-11-24 344064]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2007-03-20 20480]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]

C:\Program Files\Logitech\Video\ManifestEngine.exe boot []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

C:\Program Files\Logitech\Video\ISStart.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

C:\Program Files\Logitech\Video\LogiTray.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

C:\WINDOWS\SOUNDMAN.EXE [2005-03-24 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-30 68856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]

C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2007-03-20 450560]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2004-11-25 94208]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2008-02-29 79408]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"

"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"

"C:\Program Files\Warcraft III\War3.exe"="C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"

"C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe"

"C:\Program Files\Pinnacle\MediaCenter\PmcSettings.exe"="C:\Program Files\Pinnacle\MediaCenter\PmcSettings.exe:LocalSubNet:Enabled:pmcsettings.exe"

"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe"

"C:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe"="C:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe:LocalSubNet:Enabled:EpgSpoolerSrv.exe"

"C:\Program Files\Pinnacle\MediaCenter\tvtvWizard.exe"="C:\Program Files\Pinnacle\MediaCenter\tvtvWizard.exe:LocalSubNet:Enabled:tvtvWizard.exe"

"C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"

"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Program Files\PeerCast\PeerCast.exe"="C:\Program Files\PeerCast\PeerCast.exe:*:Disabled:PeerCast"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{68f8fc5a-b892-11dc-9089-001a92c9350b}]

shell\Setup\command - D:\setup.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5998317-daaa-11db-8d3a-0015f2f33c8b}]

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

 

 

======List of files/folders created in the last 1 months======

 

2008-10-22 21:05:59 ----D---- C:\rsit

2008-10-21 21:38:12 ----D---- C:\Documents and Settings\autin joelle\Application Data\eq list tons

2008-10-21 19:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping

2008-10-21 19:12:01 ----D---- C:\Program Files\eq list tons

2008-10-21 19:11:47 ----D---- C:\Program Files\Circle Developement

2008-10-15 13:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-15 13:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-15 13:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-15 13:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-15 13:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-09-28 18:06:03 ----D---- C:\Program Files\PeerCast

 

======List of files/folders modified in the last 1 months======

 

2008-10-22 21:05:59 ----D---- C:\WINDOWS\Prefetch

2008-10-22 19:23:52 ----D---- C:\WINDOWS\Temp

2008-10-22 19:23:46 ----D---- C:\WINDOWS

2008-10-22 19:23:41 ----D---- C:\WINDOWS\system32

2008-10-22 15:56:32 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-22 15:43:24 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-22 15:43:23 ----D---- C:\Program Files\Spybot - Search & Destroy

2008-10-22 14:43:28 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater

2008-10-22 14:39:27 ----D---- C:\Program Files\Mozilla Firefox

2008-10-22 14:28:01 ----SHD---- C:\RECYCLER

2008-10-22 13:07:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-10-22 12:57:11 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-21 19:12:36 ----SD---- C:\WINDOWS\Tasks

2008-10-21 19:12:01 ----AD---- C:\Program Files

2008-10-21 19:11:47 ----D---- C:\Program Files\MSN Messenger

2008-10-21 19:11:47 ----D---- C:\Program Files\Messenger Plus! Live

2008-10-20 09:11:59 ----RSD---- C:\WINDOWS\assembly

2008-10-20 09:11:37 ----SHD---- C:\WINDOWS\Installer

2008-10-20 09:11:37 ----D---- C:\Config.Msi

2008-10-20 09:11:34 ----D---- C:\WINDOWS\WinSxS

2008-10-20 09:11:34 ----D---- C:\Program Files\Paint.NET

2008-10-20 09:04:51 ----D---- C:\WINDOWS\Debug

2008-10-16 13:19:52 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-15 21:07:24 ----D---- C:\Program Files\FXhome EffectsLab Pro

2008-10-15 15:44:37 ----D---- C:\WINDOWS\network diagnostic

2008-10-15 15:32:17 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-15 15:24:56 ----D---- C:\WINDOWS\system32\Adobe

2008-10-15 15:24:56 ----D---- C:\Program Files\Fichiers communs\Adobe

2008-10-15 14:34:49 ----D---- C:\Program Files\epson

2008-10-15 14:34:48 ----HD---- C:\Program Files\InstallShield Installation Information

2008-10-15 14:02:17 ----HD---- C:\WINDOWS\inf

2008-10-15 13:59:58 ----D---- C:\Documents and Settings\autin joelle\Application Data\Help

2008-10-15 13:08:34 ----D---- C:\WINDOWS\system32\drivers

2008-10-15 13:08:32 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-15 13:08:09 ----D---- C:\Program Files\Internet Explorer

2008-10-15 13:07:45 ----A---- C:\WINDOWS\win.ini

2008-10-07 21:19:40 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-03 19:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]

R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]

R2 INO_FLTR;INO_FLTR; \??\C:\WINDOWS\system32\Drivers\ino_fltr.sys []

R2 Machnm32;Machnm32 Driver; \??\C:\WINDOWS\System32\Machnm32.sys []

R3 3xHybrid;Pinnacle PCTV Stereo service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 985088]

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-03-25 2314560]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2003-11-28 11264]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-25 872960]

R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]

R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]

R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]

R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-02-24 33408]

R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-02-24 12928]

R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]

R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-08-20 548952]

R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]

R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]

S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]

S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]

S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]

S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]

S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]

S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]

S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-10-29 32000]

S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]

S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-10-30 47360]

S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug; C:\WINDOWS\System32\Drivers\PMUSB.sys [2004-11-25 18944]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-07-02 86128]

S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 atapi;atapi; C:\WINDOWS\system32\drivers\atapi.sys [2008-04-13 96512]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-25 425984]

R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]

R2 CA_LIC_CLNT;CA License Client; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2003-10-13 143360]

R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-21 168432]

R2 InoRPC;Serveur RPC eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoRpc.exe [2004-06-26 139536]

R2 InoRT;Serveur eTrust Antivirus Temps réel; C:\Program Files\CA\eTrust Antivirus\InoRT.exe [2004-06-26 241936]

R2 InoTask;Serveur de jobs eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoTask.exe [2004-06-26 254224]

R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248]

R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]

R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]

R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2002-12-17 7520337]

R2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2004-10-29 45056]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S2 InoNmSrv;Serveur Admin eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe [2004-06-26 344336]

S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]

S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 CA_LIC_SRVR;CA License Server; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2003-04-07 151552]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]

S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]

S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-10-29 86016]

S3 ServiceLayer;ServiceLayer; C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]

S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2002-12-17 311872]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

 

-----------------EOF-----------------

[pear]

Bonsoir,

 

Cet outil est conçu pour traiter les infections de type "Lop , Cid, Trojan Swizzor" , il peut indiquer des Fichiers / Dossiers légitimes !

 

Désactiver les protections résidentes ( Antivirus, etc...), vous les réactiverez ensuite,

http://eric.71.mespages.googlepages.com/LopSD.exe Télécharger Lop S&D de Eric71

sur le bureau,

 

* Double-cliquer dessus pour lancer l'installation

* Puis double-cliquer sur le raccourci Lop S&D présent sur le bureau

* Séléctionner la langue souhaitée , puis choisir l'Option 1 (Recherche)

* Patienter jusqu'à la fin du scan

* Poster le rapport généré (C:\lopR.txt)

 

( Si le Bureau ne réapparait pas presser Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , taper explorer.exe et valider )

 

Relancer Lop S&D

 

* Choisir l'Option 2 (Suppression)

* Ne fermez pas la fenêtre lors de la suppression !

* Poster le rapport généré (C:\lopR.txt)

 

 

(Si le Bureau ne réapparaît pas presser Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , taper explorer.exe et valider)

[dragonnette]

--------------------\\ Lop S&D 4.2.4-6 XP/Vista

 

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3400+ )

BIOS : Phoenix - AwardBIOS v6.00PG

USER : autin joelle ( Administrator )

BOOT : Normal boot

A:\ (USB)

C:\ (Local Disk) - NTFS - Total : 186 Go Free : 93 Go

E:\ (USB)

F:\ (USB)

G:\ (USB)

H:\ (USB)

I:\ (CD or DVD)

J:\ (USB)

 

"C:\Lop SD" ( MAJ : 20-10-2008|20:35 )

Option : [1] ( 22/10/2008|21:29 )

 

--------------------\\ Listing des dossiers dans APPLIC~1

 

[07/09/2008|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[17/03/2007|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead

[01/05/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[24/03/2007|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[11/11/2007|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

[14/04/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem

[17/09/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations

[06/03/2008|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink

[22/03/2007|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GalleryPlayer

[22/03/2007|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[22/10/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater

[24/01/2008|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft

[21/01/2008|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab

[02/05/2008|08:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd

[02/05/2008|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech

[12/07/2007|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[18/06/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[11/01/2008|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero

[07/09/2008|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS

[17/09/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite

[17/03/2007|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle

[21/10/2008|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping

[20/12/2007|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline

[16/12/2007|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft

[31/01/2008|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games

[22/10/2008|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[28/04/2007|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames

[18/06/2008|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[30/01/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia

[05/04/2007|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software

[19/03/2007|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL

[21/06/2007|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems

[19/03/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[28/06/2007|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[09/07/2007|13:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller

[25/04/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[28/08/2007|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

 

[01/08/2008|15:40] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Adobe

[29/07/2008|15:04] C:\DOCUME~1\AUTINJ~1\APPLIC~1\AdobeUM

[30/12/2007|15:31] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Ahead

[04/04/2007|15:33] C:\DOCUME~1\AUTINJ~1\APPLIC~1\aignes

[02/05/2008|09:12] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Apple Computer

[27/05/2007|20:57] C:\DOCUME~1\AUTINJ~1\APPLIC~1\ArcSoft

[11/11/2007|23:29] C:\DOCUME~1\AUTINJ~1\APPLIC~1\AVS4YOU

[16/12/2007|15:11] C:\DOCUME~1\AUTINJ~1\APPLIC~1\AVSMedia

[05/01/2008|23:11] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Blacksmith3D

[01/08/2008|15:40] C:\DOCUME~1\AUTINJ~1\APPLIC~1\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[04/05/2008|23:24] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Datalayer

[29/04/2007|13:58] C:\DOCUME~1\AUTINJ~1\APPLIC~1\EFF

[20/03/2007|11:26] C:\DOCUME~1\AUTINJ~1\APPLIC~1\FotoWire

[20/08/2008|08:06] C:\DOCUME~1\AUTINJ~1\APPLIC~1\G‚n‚atique2009

[01/04/2007|09:42] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Google

[29/02/2008|15:44] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Grisoft

[29/10/2007|10:31] C:\DOCUME~1\AUTINJ~1\APPLIC~1\gtk-2.0

[15/10/2008|13:59] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Help

[14/04/2008|12:29] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Identities

[29/07/2008|17:17] C:\DOCUME~1\AUTINJ~1\APPLIC~1\InstallShield

[03/04/2007|13:45] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Lavasoft

[07/07/2007|20:17] C:\DOCUME~1\AUTINJ~1\APPLIC~1\LimeWire

[29/05/2007|11:09] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Macromedia

[06/05/2008|13:52] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Microsoft

[25/06/2008|22:49] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Morpheus Software

[27/08/2008|23:55] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Mozilla

[17/03/2007|18:31] C:\DOCUME~1\AUTINJ~1\APPLIC~1\MSNInstaller

[29/12/2007|21:16] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Nero

[15/06/2007|17:10] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Nikon

[04/05/2008|23:19] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Nokia Multimedia Player

[18/09/2007|10:20] C:\DOCUME~1\AUTINJ~1\APPLIC~1\PC Suite

[16/05/2007|20:08] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Pegasys Inc

[19/05/2008|09:21] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Real

[30/07/2008|11:44] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Reallusion

[29/10/2007|11:08] C:\DOCUME~1\AUTINJ~1\APPLIC~1\STOIK

[26/03/2007|22:04] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Sun

[03/05/2007|19:50] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Template

[05/04/2007|13:10] C:\DOCUME~1\AUTINJ~1\APPLIC~1\TuneUp Software

[14/12/2007|11:34] C:\DOCUME~1\AUTINJ~1\APPLIC~1\uk.co.planetside

[31/01/2008|11:34] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Uniblue

[30/10/2007|12:33] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Vso

[22/04/2008|09:34] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Zylom

 

[25/07/2008|14:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[02/01/2008|11:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

 

[29/06/2007|20:48] C:\DOCUME~1\J.J\APPLIC~1\Microsoft

 

[17/03/2007|17:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

[17/03/2007|17:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 

 

[21/08/2008|17:50] C:\DOCUME~1\Yoan56\APPLIC~1\Adobe

[07/10/2008|16:44] C:\DOCUME~1\Yoan56\APPLIC~1\Apple Computer

[21/10/2008|19:12] C:\DOCUME~1\Yoan56\APPLIC~1\eq list tons

[21/08/2008|17:47] C:\DOCUME~1\Yoan56\APPLIC~1\Google

[21/08/2008|17:46] C:\DOCUME~1\Yoan56\APPLIC~1\Grisoft

[21/08/2008|17:46] C:\DOCUME~1\Yoan56\APPLIC~1\Identities

[25/07/2008|14:19] C:\DOCUME~1\Yoan56\APPLIC~1\Macromedia

[31/08/2008|16:33] C:\DOCUME~1\Yoan56\APPLIC~1\Microsoft

[01/09/2008|17:57] C:\DOCUME~1\Yoan56\APPLIC~1\PC Suite

[21/10/2008|21:31] C:\DOCUME~1\Yoan56\APPLIC~1\Sun

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[22/10/2008 21:00][--ah-----] C:\WINDOWS\tasks\ABDB46B39188FE3F.job

[19/10/2008 18:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job

[16/09/2008 07:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[22/10/2008 11:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{8AB8951B-7936-40C6-9E66-EEDF2C07A808}.job

[03/10/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job

[22/10/2008 19:22][--ah-----] C:\WINDOWS\tasks\SA.DAT

[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

( ABDB46B39188FE3F.job )=( c:\docume~1\yoan56\applic~1\eqlist~1\Cashdupeopen.exe )

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[16/01/2008|19:59] C:\Program Files\Abrosoft

[03/04/2007|00:15] C:\Program Files\Acro Software

[01/08/2008|15:11] C:\Program Files\Adobe

[11/01/2008|16:31] C:\Program Files\Ahead

[01/05/2008|22:28] C:\Program Files\Apple Software Update

[27/05/2007|20:50] C:\Program Files\ArcSoft

[27/03/2007|00:30] C:\Program Files\Audacity

[16/05/2007|12:50] C:\Program Files\AviSynth 2.5

[12/11/2007|01:46] C:\Program Files\AVS4YOU

[11/12/2007|17:58] C:\Program Files\AVSMedia

[05/01/2008|23:11] C:\Program Files\Blacksmith3D-Suite 3.0

[22/07/2008|23:55] C:\Program Files\Bonjour

[17/03/2007|18:22] C:\Program Files\CA

[05/04/2007|13:00] C:\Program Files\CCleaner

[17/03/2007|17:36] C:\Program Files\ComPlus Applications

[28/01/2008|01:04] C:\Program Files\DAZ

[17/09/2007|20:52] C:\Program Files\DIFX

[20/09/2007|16:51] C:\Program Files\DivX

[31/12/2007|20:55] C:\Program Files\Dj_show

[09/12/2007|23:04] C:\Program Files\dogwaffle

[22/11/2007|21:21] C:\Program Files\DVD Shrink

[05/06/2007|14:27] C:\Program Files\Elaborate Bytes

[03/01/2008|23:24] C:\Program Files\Electronic Arts

[13/07/2007|22:26] C:\Program Files\Eltima Software

[15/10/2008|14:34] C:\Program Files\epson

[17/08/2008|14:38] C:\Program Files\ExtraFilm FotoFacil

[01/08/2008|15:11] C:\Program Files\Fichiers communs

[20/06/2008|20:28] C:\Program Files\Free Audio Pack

[27/05/2008|17:57] C:\Program Files\freeDoc

[15/10/2008|21:07] C:\Program Files\FXhome EffectsLab Pro

[18/06/2008|18:14] C:\Program Files\Gamenext

[18/06/2008|18:26] C:\Program Files\GamesBar

[20/08/2008|08:08] C:\Program Files\Geneatique2009

[09/12/2007|23:08] C:\Program Files\Gimp

[14/07/2007|08:57] C:\Program Files\GlobFX Technologies

[21/05/2008|22:55] C:\Program Files\Google

[24/01/2008|10:17] C:\Program Files\Grisoft

[01/07/2008|00:00] C:\Program Files\Incomplete

[15/10/2008|14:34] C:\Program Files\InstallShield Installation Information

[15/10/2008|13:08] C:\Program Files\Internet Explorer

[24/03/2007|23:15] C:\Program Files\iPod

[01/05/2008|22:14] C:\Program Files\iTunes

[16/01/2008|12:25] C:\Program Files\Java

[31/12/2007|21:26] C:\Program Files\KaraFun

[22/11/2007|22:25] C:\Program Files\Kate's Video Converter

[19/04/2008|09:18] C:\Program Files\lame3.97

[03/04/2007|14:04] C:\Program Files\Lavasoft

[02/05/2008|08:24] C:\Program Files\Logitech

[29/06/2007|20:32] C:\Program Files\Macrogaming

[07/09/2008|12:33] C:\Program Files\Messenger

[21/10/2008|19:11] C:\Program Files\Messenger Plus! Live

[29/06/2007|20:55] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[17/03/2007|17:40] C:\Program Files\microsoft frontpage

[13/05/2007|13:12] C:\Program Files\Microsoft Office

[17/03/2007|18:59] C:\Program Files\Microsoft SQL Server

[01/01/2008|16:06] C:\Program Files\Microsoft SQL Server Compact Edition

[13/05/2007|13:11] C:\Program Files\Microsoft.NET

[25/06/2008|22:49] C:\Program Files\Morpheus Photo Morpher

[06/09/2008|23:06] C:\Program Files\Movie Maker

[22/10/2008|21:20] C:\Program Files\Mozilla Firefox

[17/03/2007|18:31] C:\Program Files\MSN

[17/03/2007|17:35] C:\Program Files\MSN Gaming Zone

[21/10/2008|19:11] C:\Program Files\MSN Messenger

[15/01/2008|19:41] C:\Program Files\Navilog1

[11/01/2008|16:20] C:\Program Files\Nero

[06/09/2008|23:01] C:\Program Files\NetMeeting

[16/05/2007|12:01] C:\Program Files\Neuf

[27/05/2007|20:52] C:\Program Files\Nikon

[17/09/2007|20:52] C:\Program Files\Nokia

[20/08/2008|18:00] C:\Program Files\Norton Security Scan

[07/09/2008|00:02] C:\Program Files\NOS

[29/06/2007|20:50] C:\Program Files\Online Services

[11/01/2008|14:11] C:\Program Files\Orange

[06/09/2008|23:01] C:\Program Files\Outlook Express

[20/10/2008|09:11] C:\Program Files\Paint.NET

[22/10/2008|13:05] C:\Program Files\PeerCast

[04/11/2007|23:02] C:\Program Files\PhotoBox

[30/05/2008|09:57] C:\Program Files\PhotoFiltre

[27/05/2008|17:01] C:\Program Files\Picasa2

[17/03/2007|18:59] C:\Program Files\Pinnacle

[17/08/2008|09:19] C:\Program Files\Pixum

[29/08/2007|16:36] C:\Program Files\printFIT

[23/12/2007|11:31] C:\Program Files\project dogwaffle

[20/08/2008|08:46] C:\Program Files\Protectis

[01/05/2008|22:13] C:\Program Files\QuickTime

[30/10/2007|17:07] C:\Program Files\RADVideo

[27/07/2007|10:13] C:\Program Files\Real

[29/07/2008|17:18] C:\Program Files\Reallusion

[01/10/2007|19:06] C:\Program Files\ReflexiveArcade

[30/03/2007|12:26] C:\Program Files\RegCleaner

[15/05/2008|18:19] C:\Program Files\Screamer Radio

[17/03/2007|17:37] C:\Program Files\Services en ligne

[20/12/2007|21:31] C:\Program Files\Skyline

[22/10/2008|15:43] C:\Program Files\Spybot - Search & Destroy

[29/07/2008|16:32] C:\Program Files\Sqirlz Morph

[17/05/2007|13:28] C:\Program Files\ToniArts

[20/08/2008|08:04] C:\Program Files\Tracker Software

[14/01/2008|10:43] C:\Program Files\Trend Micro

[22/09/2007|13:15] C:\Program Files\Ubisoft

[22/06/2007|07:38] C:\Program Files\Ulead Systems

[21/06/2007|16:45] C:\Program Files\UnFREEz

[31/01/2008|11:34] C:\Program Files\Uniblue

[17/03/2007|18:59] C:\Program Files\Uninstall Information

[10/10/2007|17:06] C:\Program Files\VCW VicMan's Photo Editor

[27/07/2008|20:51] C:\Program Files\VideoMach-4.0.4

[27/03/2007|17:59] C:\Program Files\VirtualDub

[30/10/2007|13:20] C:\Program Files\VirtualDubMOD

[07/11/2007|20:57] C:\Program Files\Warcraft III

[01/01/2008|16:08] C:\Program Files\Windows Live

[29/06/2007|21:02] C:\Program Files\Windows Live Toolbar

[29/06/2007|17:29] C:\Program Files\Windows Media Connect 2

[06/09/2008|23:01] C:\Program Files\Windows Media Player

[06/09/2008|23:01] C:\Program Files\Windows NT

[17/03/2007|17:37] C:\Program Files\WindowsUpdate

[24/05/2007|17:49] C:\Program Files\WinPcap

[17/03/2007|17:40] C:\Program Files\xerox

[05/04/2007|13:34] C:\Program Files\Yahoo!

[14/04/2008|13:31] C:\Program Files\Zylom Games

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[15/10/2008|15:24] C:\Program Files\Fichiers communs\Adobe

[01/08/2008|15:11] C:\Program Files\Fichiers communs\Adobe AIR

[11/01/2008|16:29] C:\Program Files\Fichiers communs\Ahead

[01/05/2008|22:11] C:\Program Files\Fichiers communs\Apple

[11/12/2007|17:59] C:\Program Files\Fichiers communs\AVSMedia

[10/01/2008|17:43] C:\Program Files\Fichiers communs\DAZ

[13/05/2007|13:12] C:\Program Files\Fichiers communs\DESIGNER

[20/03/2007|11:26] C:\Program Files\Fichiers communs\FotoWire

[21/06/2007|16:46] C:\Program Files\Fichiers communs\InstallShield

[16/01/2008|12:25] C:\Program Files\Fichiers communs\Java

[02/05/2008|08:24] C:\Program Files\Fichiers communs\LogiShrd

[20/03/2007|11:24] C:\Program Files\Fichiers communs\Logitech

[22/07/2008|12:17] C:\Program Files\Fichiers communs\Microsoft Shared

[17/03/2007|17:36] C:\Program Files\Fichiers communs\MSSoap

[11/01/2008|16:31] C:\Program Files\Fichiers communs\Nero

[15/06/2007|17:10] C:\Program Files\Fichiers communs\Nikon

[17/09/2007|20:52] C:\Program Files\Fichiers communs\Nokia

[18/06/2008|17:51] C:\Program Files\Fichiers communs\Oberon Media

[17/03/2007|18:30] C:\Program Files\Fichiers communs\ODBC

[17/09/2007|20:52] C:\Program Files\Fichiers communs\PCSuite

[19/05/2008|09:21] C:\Program Files\Fichiers communs\Real

[29/07/2008|17:18] C:\Program Files\Fichiers communs\Reallusion

[17/03/2007|17:36] C:\Program Files\Fichiers communs\Services

[17/03/2007|18:30] C:\Program Files\Fichiers communs\SpeechEngines

[25/07/2008|14:16] C:\Program Files\Fichiers communs\Symantec Shared

[06/09/2008|23:01] C:\Program Files\Fichiers communs\System

[01/01/2008|15:56] C:\Program Files\Fichiers communs\WindowsLiveInstaller

 

--------------------\\ Process

 

( 41 Processes )

 

IEXPLORE.EXE ~ [PID:2360]

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping\Five burn.exe

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\beep great book platform.exe

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\Cash dupe open.exe

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\dunyczoo.exe

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\Move Mapi Save.exe

C:\WINDOWS\Tasks\ABDB46B39188FE3F.job

 

--------------------\\ Verification du Registre

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-10-22 21:29:45

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 20

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\AUTINJ~1\Local Settings\Application Data\IM\Notifier\cracking_up.imn

C:\DOCUME~1\AUTINJ~1\Local Settings\Application Data\IM\Runtime\NotifierThumbnail\E02C28C0-38CB-4505-B0F1-B6A2D6625408\cracking_up_thumb.bmp

 

 

[F:26][D:7]-> C:\DOCUME~1\ J~1\LOCALS~1\Temp

[F:91][D:0]-> C:\DOCUME~1\ J~1\Cookies

[F:158][D:4]-> C:\DOCUME~1\ J~1\LOCALS~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - 22/10/2008|21:30 - Option : [1]

 

--------------------\\ Fin du rapport a 21:30:56

 

 

je voulais te demander aussi comment ne pas faire apparaitre mon nom dans les rapports?

merci deton aide

[dragonnette]

sinon j'ai supprimer les sponsor de messenger live(que mon fils avait installé ) peut etre que cela suffit

pour le moment je n'ai plus de pub

[pear]

comment ne pas faire apparaitre mon nom dans les rapports?

 

Si vous y tenez absolument, vous pouvez éditer les rapports, je pense.

Mais je dois dire que c'est une pudeur suprfétatoire!

 

Pour en revenir à votre problème initial, je ne crois pas que vous ayez lancé l'option 2 (Nettoyage)

[dragonnette]

je pense avoir mis l'option 1....mais bon ..... c'est fini avec les pubs c'est le principal

et merci pour l'aide

[pear]

je pense avoir mis l'option 1....mais bon .

 

Mais il faut les 2 options: 1 ^pour la recherche et 2 ensuite , après avoir relancé l'outil,pour le nettoyage!

[dragonnette]

bonjour

j'ai refait un scan car de temps en temps j'ai des pubs

est-ce que je relance lopsd en option2?

merci d'avance

 

 

--------------------\\ Lop S&D 4.2.4-6 XP/Vista

 

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3400+ )

BIOS : Phoenix - AwardBIOS v6.00PG

USER : joelle ( Administrator )

BOOT : Normal boot

A:\ (USB)

C:\ (Local Disk) - NTFS - Total : 186 Go Free : 92 Go

E:\ (USB)

F:\ (USB)

G:\ (USB)

H:\ (USB)

I:\ (CD or DVD)

J:\ (USB)

 

"C:\Lop SD" ( MAJ : 20-10-2008|20:35 )

Option : [1] ( 01/11/2008| 8:50 )

 

--------------------\\ Listing des dossiers dans APPLIC~1

 

[06/09/2008|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[17/03/2007|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead

[01/05/2008|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[24/03/2007|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[11/11/2007|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

[14/04/2008|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem

[17/09/2007|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations

[06/03/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink

[22/03/2007|22:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GalleryPlayer

[22/03/2007|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[31/10/2008|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater

[24/01/2008|09:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft

[21/01/2008|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab

[02/05/2008|07:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd

[02/05/2008|07:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech

[18/06/2008|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[11/01/2008|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero

[06/09/2008|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS

[17/09/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite

[17/03/2007|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle

[30/10/2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping

[20/12/2007|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline

[31/10/2008|08:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype

[16/12/2007|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft

[31/01/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games

[22/10/2008|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[28/04/2007|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames

[18/06/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[30/01/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia

[05/04/2007|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software

[19/03/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL

[21/06/2007|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems

[19/03/2007|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[28/06/2007|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[24/10/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller

[25/04/2008|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[28/08/2007|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

 

[01/08/2008|14:40] C:\DOCUME~1\A NJ~1\APPLIC~1\Adobe

[29/07/2008|14:04] C:\DOCUME~1\A J~1\APPLIC~1\AdobeUM

[30/12/2007|14:31] C:\DOCUME~1\A J~1\APPLIC~1\Ahead

[04/04/2007|14:33] C:\DOCUME~1\A J~1\APPLIC~1\aignes

[02/05/2008|08:12] C:\DOCUME~1\A J~1\APPLIC~1\Apple Computer

[27/05/2007|19:57] C:\DOCUME~1\A J~1\APPLIC~1\ArcSoft

[11/11/2007|22:29] C:\DOCUME~1\A J~1\APPLIC~1\AVS4YOU

[16/12/2007|14:11] C:\DOCUME~1\A J~1\APPLIC~1\AVSMedia

[05/01/2008|22:11] C:\DOCUME~1\A J~1\APPLIC~1\Blacksmith3D

[01/08/2008|14:40] C:\DOCUME~1\A J~1\APPLIC~1\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[04/05/2008|22:24] C:\DOCUME~1\A J~1\APPLIC~1\Datalayer

[29/04/2007|12:58] C:\DOCUME~1\A J~1\APPLIC~1\EFF

[30/10/2008|21:16] C:\DOCUME~1\A J~1\APPLIC~1\eq list tons

[20/03/2007|10:26] C:\DOCUME~1\A J~1\APPLIC~1\FotoWire

[20/08/2008|07:06] C:\DOCUME~1\A NJ~1\APPLIC~1\G‚n‚atique2009

[01/04/2007|08:42] C:\DOCUME~1\A J~1\APPLIC~1\Google

[29/02/2008|14:44] C:\DOCUME~1\A NJ~1\APPLIC~1\Grisoft

[29/10/2007|09:31] C:\DOCUME~1\A NJ~1\APPLIC~1\gtk-2.0

[15/10/2008|12:59] C:\DOCUME~1\A NJ~1\APPLIC~1\Help

[14/04/2008|11:29] C:\DOCUME~1\A J~1\APPLIC~1\Identities

[29/07/2008|16:17] C:\DOCUME~1\A J~1\APPLIC~1\InstallShield

[03/04/2007|12:45] C:\DOCUME~1\A J~1\APPLIC~1\Lavasoft

[07/07/2007|19:17] C:\DOCUME~1\A J~1\APPLIC~1\LimeWire

[29/05/2007|10:09] C:\DOCUME~1\A J~1\APPLIC~1\Macromedia

[06/05/2008|12:52] C:\DOCUME~1\A J~1\APPLIC~1\Microsoft

[25/06/2008|21:49] C:\DOCUME~1\A J~1\APPLIC~1\Morpheus Software

[27/08/2008|22:55] C:\DOCUME~1\A J~1\APPLIC~1\Mozilla

[17/03/2007|17:31] C:\DOCUME~1\A J~1\APPLIC~1\MSNInstaller

[29/12/2007|20:16] C:\DOCUME~1\A J~1\APPLIC~1\Nero

[15/06/2007|16:10] C:\DOCUME~1\A J~1\APPLIC~1\Nikon

[04/05/2008|22:19] C:\DOCUME~1\A J~1\APPLIC~1\Nokia Multimedia Player

[18/09/2007|09:20] C:\DOCUME~1\A J~1\APPLIC~1\PC Suite

[16/05/2007|19:08] C:\DOCUME~1\A J~1\APPLIC~1\Pegasys Inc

[19/05/2008|08:21] C:\DOCUME~1\A NJ~1\APPLIC~1\Real

[30/07/2008|10:44] C:\DOCUME~1\A J~1\APPLIC~1\Reallusion

[31/10/2008|10:40] C:\DOCUME~1\A J~1\APPLIC~1\Skype

[31/10/2008|08:42] C:\DOCUME~1\A J~1\APPLIC~1\skypePM

[29/10/2007|10:08] C:\DOCUME~1\A J~1\APPLIC~1\STOIK

[26/03/2007|21:04] C:\DOCUME~1\A J~1\APPLIC~1\Sun

[03/05/2007|18:50] C:\DOCUME~1\A J~1\APPLIC~1\Template

[05/04/2007|12:10] C:\DOCUME~1\A NJ~1\APPLIC~1\TuneUp Software

[14/12/2007|10:34] C:\DOCUME~1\A J~1\APPLIC~1\uk.co.planetside

[31/01/2008|10:34] C:\DOCUME~1\A NJ~1\APPLIC~1\Uniblue

[30/10/2007|11:33] C:\DOCUME~1\A J~1\APPLIC~1\Vso

[22/04/2008|08:34] C:\DOCUME~1\A J~1\APPLIC~1\Zylom

 

[25/07/2008|13:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[02/01/2008|10:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

 

[29/06/2007|19:48] C:\DOCUME~1\J.J\APPLIC~1\Microsoft

 

[17/03/2007|16:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

[17/03/2007|16:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 

 

[21/08/2008|16:50] C:\DOCUME~1\Yoan56\APPLIC~1\Adobe

[07/10/2008|15:44] C:\DOCUME~1\Yoan56\APPLIC~1\Apple Computer

[30/10/2008|19:39] C:\DOCUME~1\Yoan56\APPLIC~1\eq list tons

[21/08/2008|16:47] C:\DOCUME~1\Yoan56\APPLIC~1\Google

[21/08/2008|16:46] C:\DOCUME~1\Yoan56\APPLIC~1\Grisoft

[21/08/2008|16:46] C:\DOCUME~1\Yoan56\APPLIC~1\Identities

[25/07/2008|13:19] C:\DOCUME~1\Yoan56\APPLIC~1\Macromedia

[31/08/2008|15:33] C:\DOCUME~1\Yoan56\APPLIC~1\Microsoft

[01/09/2008|16:57] C:\DOCUME~1\Yoan56\APPLIC~1\PC Suite

[21/10/2008|20:31] C:\DOCUME~1\Yoan56\APPLIC~1\Sun

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[31/10/2008 23:00][--ah-----] C:\WINDOWS\tasks\AFF6C93E91897BA6.job

[19/10/2008 17:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job

[16/09/2008 06:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[31/10/2008 16:01][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{8AB8951B-7936-40C6-9E66-EEDF2C07A808}.job

[03/10/2008 16:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job

[01/11/2008 08:35][--ah-----] C:\WINDOWS\tasks\SA.DAT

[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

( AFF6C93E91897BA6.job )=( c:\docume~1\yoan56\applic~1\eqlist~1\Cashdupeopen.exe )

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[16/01/2008|18:59] C:\Program Files\Abrosoft

[02/04/2007|23:15] C:\Program Files\Acro Software

[01/08/2008|14:11] C:\Program Files\Adobe

[11/01/2008|15:31] C:\Program Files\Ahead

[01/05/2008|21:28] C:\Program Files\Apple Software Update

[27/05/2007|19:50] C:\Program Files\ArcSoft

[26/03/2007|23:30] C:\Program Files\Audacity

[16/05/2007|11:50] C:\Program Files\AviSynth 2.5

[12/11/2007|00:46] C:\Program Files\AVS4YOU

[11/12/2007|16:58] C:\Program Files\AVSMedia

[05/01/2008|22:11] C:\Program Files\Blacksmith3D-Suite 3.0

[22/07/2008|22:55] C:\Program Files\Bonjour

[17/03/2007|17:22] C:\Program Files\CA

[05/04/2007|12:00] C:\Program Files\CCleaner

[17/03/2007|16:36] C:\Program Files\ComPlus Applications

[28/01/2008|00:04] C:\Program Files\DAZ

[17/09/2007|19:52] C:\Program Files\DIFX

[20/09/2007|15:51] C:\Program Files\DivX

[31/12/2007|19:55] C:\Program Files\Dj_show

[09/12/2007|22:04] C:\Program Files\dogwaffle

[22/11/2007|20:21] C:\Program Files\DVD Shrink

[05/06/2007|13:27] C:\Program Files\Elaborate Bytes

[03/01/2008|22:24] C:\Program Files\Electronic Arts

[13/07/2007|21:26] C:\Program Files\Eltima Software

[15/10/2008|13:34] C:\Program Files\epson

[30/10/2008|19:36] C:\Program Files\eq list tons

[17/08/2008|13:38] C:\Program Files\ExtraFilm FotoFacil

[31/10/2008|08:40] C:\Program Files\Fichiers communs

[20/06/2008|19:28] C:\Program Files\Free Audio Pack

[27/05/2008|16:57] C:\Program Files\freeDoc

[15/10/2008|20:07] C:\Program Files\FXhome EffectsLab Pro

[18/06/2008|17:14] C:\Program Files\Gamenext

[18/06/2008|17:26] C:\Program Files\GamesBar

[20/08/2008|07:08] C:\Program Files\Geneatique2009

[09/12/2007|22:08] C:\Program Files\Gimp

[14/07/2007|07:57] C:\Program Files\GlobFX Technologies

[21/05/2008|21:55] C:\Program Files\Google

[24/01/2008|09:17] C:\Program Files\Grisoft

[30/06/2008|23:00] C:\Program Files\Incomplete

[15/10/2008|13:34] C:\Program Files\InstallShield Installation Information

[15/10/2008|12:08] C:\Program Files\Internet Explorer

[24/03/2007|22:15] C:\Program Files\iPod

[01/05/2008|21:14] C:\Program Files\iTunes

[16/01/2008|11:25] C:\Program Files\Java

[31/12/2007|20:26] C:\Program Files\KaraFun

[22/11/2007|21:25] C:\Program Files\Kate's Video Converter

[19/04/2008|08:18] C:\Program Files\lame3.97

[03/04/2007|13:04] C:\Program Files\Lavasoft

[02/05/2008|07:24] C:\Program Files\Logitech

[29/06/2007|19:32] C:\Program Files\Macrogaming

[07/09/2008|11:33] C:\Program Files\Messenger

[24/10/2008|19:58] C:\Program Files\Messenger Plus! Live

[29/06/2007|19:55] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[17/03/2007|16:40] C:\Program Files\microsoft frontpage

[13/05/2007|12:12] C:\Program Files\Microsoft Office

[17/03/2007|17:59] C:\Program Files\Microsoft SQL Server

[01/01/2008|15:06] C:\Program Files\Microsoft SQL Server Compact Edition

[13/05/2007|12:11] C:\Program Files\Microsoft.NET

[25/06/2008|21:49] C:\Program Files\Morpheus Photo Morpher

[06/09/2008|22:06] C:\Program Files\Movie Maker

[01/11/2008|08:37] C:\Program Files\Mozilla Firefox

[17/03/2007|17:31] C:\Program Files\MSN

[17/03/2007|16:35] C:\Program Files\MSN Gaming Zone

[24/10/2008|19:43] C:\Program Files\MSN Messenger

[15/01/2008|18:41] C:\Program Files\Navilog1

[11/01/2008|15:20] C:\Program Files\Nero

[06/09/2008|22:01] C:\Program Files\NetMeeting

[16/05/2007|11:01] C:\Program Files\Neuf

[27/05/2007|19:52] C:\Program Files\Nikon

[17/09/2007|19:52] C:\Program Files\Nokia

[20/08/2008|17:00] C:\Program Files\Norton Security Scan

[06/09/2008|23:02] C:\Program Files\NOS

[29/06/2007|19:50] C:\Program Files\Online Services

[11/01/2008|13:11] C:\Program Files\Orange

[06/09/2008|22:01] C:\Program Files\Outlook Express

[20/10/2008|08:11] C:\Program Files\Paint.NET

[22/10/2008|12:05] C:\Program Files\PeerCast

[04/11/2007|22:02] C:\Program Files\PhotoBox

[30/05/2008|08:57] C:\Program Files\PhotoFiltre

[27/05/2008|16:01] C:\Program Files\Picasa2

[17/03/2007|17:59] C:\Program Files\Pinnacle

[17/08/2008|08:19] C:\Program Files\Pixum

[29/08/2007|15:36] C:\Program Files\printFIT

[23/12/2007|10:31] C:\Program Files\project dogwaffle

[20/08/2008|07:46] C:\Program Files\Protectis

[01/05/2008|21:13] C:\Program Files\QuickTime

[30/10/2007|16:07] C:\Program Files\RADVideo

[27/07/2007|09:13] C:\Program Files\Real

[29/07/2008|16:18] C:\Program Files\Reallusion

[01/10/2007|18:06] C:\Program Files\ReflexiveArcade

[30/03/2007|11:26] C:\Program Files\RegCleaner

[15/05/2008|17:19] C:\Program Files\Screamer Radio

[17/03/2007|16:37] C:\Program Files\Services en ligne

[20/12/2007|20:31] C:\Program Files\Skyline

[31/10/2008|08:40] C:\Program Files\Skype

[22/10/2008|14:43] C:\Program Files\Spybot - Search & Destroy

[29/07/2008|15:32] C:\Program Files\Sqirlz Morph

[17/05/2007|12:28] C:\Program Files\ToniArts

[20/08/2008|07:04] C:\Program Files\Tracker Software

[14/01/2008|09:43] C:\Program Files\Trend Micro

[22/09/2007|12:15] C:\Program Files\Ubisoft

[22/06/2007|06:38] C:\Program Files\Ulead Systems

[21/06/2007|15:45] C:\Program Files\UnFREEz

[31/01/2008|10:34] C:\Program Files\Uniblue

[17/03/2007|17:59] C:\Program Files\Uninstall Information

[10/10/2007|16:06] C:\Program Files\VCW VicMan's Photo Editor

[27/07/2008|19:51] C:\Program Files\VideoMach-4.0.4

[27/03/2007|16:59] C:\Program Files\VirtualDub

[30/10/2007|12:20] C:\Program Files\VirtualDubMOD

[07/11/2007|19:57] C:\Program Files\Warcraft III

[24/10/2008|19:47] C:\Program Files\Windows Live

[29/06/2007|20:02] C:\Program Files\Windows Live Toolbar

[29/06/2007|16:29] C:\Program Files\Windows Media Connect 2

[06/09/2008|22:01] C:\Program Files\Windows Media Player

[06/09/2008|22:01] C:\Program Files\Windows NT

[17/03/2007|16:37] C:\Program Files\WindowsUpdate

[24/05/2007|16:49] C:\Program Files\WinPcap

[17/03/2007|16:40] C:\Program Files\xerox

[05/04/2007|12:34] C:\Program Files\Yahoo!

[14/04/2008|12:31] C:\Program Files\Zylom Games

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[15/10/2008|14:24] C:\Program Files\Fichiers communs\Adobe

[01/08/2008|14:11] C:\Program Files\Fichiers communs\Adobe AIR

[11/01/2008|15:29] C:\Program Files\Fichiers communs\Ahead

[01/05/2008|21:11] C:\Program Files\Fichiers communs\Apple

[11/12/2007|16:59] C:\Program Files\Fichiers communs\AVSMedia

[10/01/2008|16:43] C:\Program Files\Fichiers communs\DAZ

[13/05/2007|12:12] C:\Program Files\Fichiers communs\DESIGNER

[20/03/2007|10:26] C:\Program Files\Fichiers communs\FotoWire

[21/06/2007|15:46] C:\Program Files\Fichiers communs\InstallShield

[16/01/2008|11:25] C:\Program Files\Fichiers communs\Java

[02/05/2008|07:24] C:\Program Files\Fichiers communs\LogiShrd

[20/03/2007|10:24] C:\Program Files\Fichiers communs\Logitech

[22/07/2008|11:17] C:\Program Files\Fichiers communs\Microsoft Shared

[17/03/2007|16:36] C:\Program Files\Fichiers communs\MSSoap

[11/01/2008|15:31] C:\Program Files\Fichiers communs\Nero

[15/06/2007|16:10] C:\Program Files\Fichiers communs\Nikon

[17/09/2007|19:52] C:\Program Files\Fichiers communs\Nokia

[18/06/2008|16:51] C:\Program Files\Fichiers communs\Oberon Media

[17/03/2007|17:30] C:\Program Files\Fichiers communs\ODBC

[17/09/2007|19:52] C:\Program Files\Fichiers communs\PCSuite

[19/05/2008|08:21] C:\Program Files\Fichiers communs\Real

[29/07/2008|16:18] C:\Program Files\Fichiers communs\Reallusion

[17/03/2007|16:36] C:\Program Files\Fichiers communs\Services

[31/10/2008|08:40] C:\Program Files\Fichiers communs\Skype

[17/03/2007|17:30] C:\Program Files\Fichiers communs\SpeechEngines

[25/07/2008|13:16] C:\Program Files\Fichiers communs\Symantec Shared

[06/09/2008|22:01] C:\Program Files\Fichiers communs\System

[01/01/2008|14:56] C:\Program Files\Fichiers communs\WindowsLiveInstaller

 

--------------------\\ Process

 

( 38 Processes )

 

... OK !

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping\Type Less.exe

C:\DOCUME~1\A J~1\APPLIC~1\eqlist~1

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\beep great book platform.exe

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\Cash dupe open.exe

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\dunyczoo.exe

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\Move Mapi Save.exe

C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\mxxtmjyc.exe

C:\Program Files\eqlist~1

C:\DOCUME~1\A J~1\Cookies\a _joelle@bigpoint[1].txt

C:\DOCUME~1\A J~1\Cookies\a _joelle@fr.xblaster.bigpoint[1].txt

C:\DOCUME~1\A J~1\Cookies\a n_joelle@adopt.euroclick[2].txt

C:\DOCUME~1\A J~1\Cookies\a _joelle@partypoker[2].txt

C:\WINDOWS\Tasks\AFF6C93E91897BA6.job

 

--------------------\\ Verification du Registre

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-11-01 08:51:10

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 20

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\A J~1\Local Settings\Application Data\IM\Notifier\cracking_up.imn

C:\DOCUME~1\A J~1\Local Settings\Application Data\IM\Runtime\NotifierThumbnail\E02C28C0-38CB-4505-B0F1-B6A2D6625408\cracking_up_thumb.bmp

 

 

[F:89][D:13]-> C:\DOCUME~1\A J~1\LOCALS~1\Temp

[F:53][D:0]-> C:\DOCUME~1\A J~1\Cookies

[F:29][D:5]-> C:\DOCUME~1\A J~1\LOCALS~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - 22/10/2008|21:30 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 01/11/2008| 8:44 - Option : [1]

3 - "C:\Lop SD\LopR_3.txt" - 01/11/2008| 8:52 - Option : [1]

 

--------------------\\ Fin du rapport a 8:52:06