HIJACKTIS : Nettoyage aussi pour moi

mamquentin · le 18 février 2010

Bonjour,

Mon ordinateur est super lent et se bloque souvent alors qu'on ne fait pas grand chose. Des fenêtres se lancent toutes seules (CID: ...)

J'ai lancé le programme HIJACKTIS, voici son rapport ci-dessous. Pouvez vous me dire la procédure rapide et simple à faire pour que mon PC ne soit plus infecté ?

Je vous remercie par avance pour votre aide.

Cordialement.

RAPPORT :

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:56:06, on 18/02/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

C:\Program Files\Bonjour\mDNSResponder.exe

c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

c:\APPS\Powercinema\Kernel\TV\CLSched.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

c:\APPS\HIDSERVICE\HIDSERVICE.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\V0610Mon.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe

C:\PROGRA~1\Wanadoo\ComComp.exe

C:\Program Files\Antipub\antipub.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\PROGRA~1\Wanadoo\Watch.exe

C:\WINDOWS\explorer.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

R3 - URLSearchHook: My-Tool Toolbar - {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} - C:\Program Files\My-Tool\tbMy-T.dll

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\mss\LOCALS~1\Temp\services.exe

O2 - BHO: My-Tool Toolbar - {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} - C:\Program Files\My-Tool\tbMy-T.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: My-Tool Toolbar - {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} - C:\Program Files\My-Tool\tbMy-T.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler

O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\mss\LOCALS~1\Temp\services.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [MigrationAnalyzer] "C:\Program Files\FT_Migration\MigrationAnalyzer\MigrationAnalyzer.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [V0610Mon.exe] C:\WINDOWS\V0610Mon.exe

O4 - HKLM\..\Run: [Live! Central 2] "C:\Program Files\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe" /mode2

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx

O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [F5JMWNZTHI] C:\DOCUME~1\mss\LOCALS~1\Temp\Jch.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-21-1816353710-3669559888-3047474470-1006\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')

O4 - HKUS\S-1-5-21-1816353710-3669559888-3047474470-1006\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx (User '?')

O4 - HKUS\S-1-5-21-1816353710-3669559888-3047474470-1006\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe (User '?')

O4 - HKUS\S-1-5-21-1816353710-3669559888-3047474470-1006\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (User '?')

O4 - HKUS\S-1-5-21-1816353710-3669559888-3047474470-1006\..\Run: [F5JMWNZTHI] C:\DOCUME~1\mss\LOCALS~1\Temp\Jch.exe (User '?')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-21-1816353710-3669559888-3047474470-1006 Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe (User '?')

O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm

O15 - Trusted Zone: www.ebay.fr

O15 - Trusted Zone: www.wanadoo.fr

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_E...l_v1-0-3-30.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareup...15111/CTPID.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe

O23 - Service: Service Google Update (gupdate1c996a123102e) (gupdate1c996a123102e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O24 - Desktop Component 1: PC-Aquarium Deluxe - 7db39a0d-580f-4be9-9195-8bfcd226f6c2

--

End of file - 14800 bytes

Apollo · le 18 février 2010

Bonsoir,

Ah oui, tu as plusieurs visiteurs indésirables, mais il faut bien dire que ta machine est bien mal protégée; on corrigera ça plus tard si tu es d'accord.

1) Télécharge Lop S&D.exe sur ton Bureau.

http://eric.71.mespages.googlepages.com/LopSD.exe

Ou: http://eric71.geekstogo.com/tools/LopSD.exe

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau

Sous Vista: Clic droit/exécuter en temps qu'administrateur ***

Sélectionne la langue souhaitée , puis choisis l'option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

--------------------------------------------

2) Relance Lop S&D

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

Poste les deux rapports stp.

@++

mamquentin · le 18 février 2010

Merci pour ta réponse !

Alors voici le premier rapport après le choix 1)

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

( : )

USER : mss ( Administrator )

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [1] ( 18/02/2010|22:40 )

--------------------\\ Listing des dossiers dans APPLIC~1

[11/05/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ableton

[18/11/2009|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[03/11/2007|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems

[28/04/2009|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AMV Converter Studio

[20/12/2005|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL

[17/03/2008|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[17/03/2008|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[28/04/2009|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

[09/02/2009|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon

[12/02/2006|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY

[06/01/2007|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ

[01/01/2010|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative

[03/09/2007|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[08/02/2009|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes

[23/11/2009|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[18/02/2010|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater

[06/12/2009|07:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations

[07/11/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield

[08/07/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure

[30/01/2009|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe

[25/11/2009|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[04/02/2009|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero

[20/10/2009|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia

[02/09/2006|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[18/02/2010|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs

[23/05/2009|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite

[20/11/2005|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[16/08/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[23/11/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype

[05/03/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com

[27/06/2007|06:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[26/10/2005|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

[05/01/2009|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vivendi Universal Games

[25/07/2006|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[16/08/2004|17:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[08/02/2008|17:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[16/08/2004|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[26/10/2005|12:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[26/10/2005|12:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[26/10/2005|12:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[26/10/2005|12:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[29/10/2009|23:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Identities

[05/10/2007|18:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/10/2009|23:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Real

[01/01/2005|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[11/05/2008|17:12] C:\DOCUME~1\mss\APPLIC~1\Ableton

[25/05/2008|13:15] C:\DOCUME~1\mss\APPLIC~1\Adobe

[17/07/2007|18:46] C:\DOCUME~1\mss\APPLIC~1\AdobeUM

[17/03/2008|22:22] C:\DOCUME~1\mss\APPLIC~1\Apple Computer

[28/04/2009|12:00] C:\DOCUME~1\mss\APPLIC~1\AVS4YOU

[13/02/2010|14:57] C:\DOCUME~1\mss\APPLIC~1\AVSMedia

[09/02/2009|22:55] C:\DOCUME~1\mss\APPLIC~1\Babylon

[29/11/2007|19:14] C:\DOCUME~1\mss\APPLIC~1\Canon

[01/01/2010|18:07] C:\DOCUME~1\mss\APPLIC~1\Creative

[26/10/2005|13:14] C:\DOCUME~1\mss\APPLIC~1\CyberLink

[15/08/2009|13:53] C:\DOCUME~1\mss\APPLIC~1\DeepBurner

[07/07/2008|13:36] C:\DOCUME~1\mss\APPLIC~1\DivX

[13/05/2009|12:29] C:\DOCUME~1\mss\APPLIC~1\drivers

[01/11/2006|15:37] C:\DOCUME~1\mss\APPLIC~1\Google

[20/11/2005|12:35] C:\DOCUME~1\mss\APPLIC~1\Help

[29/10/2009|23:47] C:\DOCUME~1\mss\APPLIC~1\Icones

[16/08/2004|17:19] C:\DOCUME~1\mss\APPLIC~1\Identities

[11/11/2009|11:33] C:\DOCUME~1\mss\APPLIC~1\InstallShield

[08/08/2006|10:46] C:\DOCUME~1\mss\APPLIC~1\iShell

[04/01/2006|21:50] C:\DOCUME~1\mss\APPLIC~1\Leadertech

[24/05/2009|17:52] C:\DOCUME~1\mss\APPLIC~1\LG Electronics

[24/11/2007|21:46] C:\DOCUME~1\mss\APPLIC~1\Macromedia

[19/11/2007|00:06] C:\DOCUME~1\mss\APPLIC~1\MessengerSkinner

[25/06/2008|19:18] C:\DOCUME~1\mss\APPLIC~1\Microsoft

[28/08/2008|21:14] C:\DOCUME~1\mss\APPLIC~1\Mozilla

[25/06/2008|19:18] C:\DOCUME~1\mss\APPLIC~1\MP-Manager

[20/10/2009|21:04] C:\DOCUME~1\mss\APPLIC~1\Nokia

[23/05/2009|12:36] C:\DOCUME~1\mss\APPLIC~1\PC Suite

[26/10/2005|12:39] C:\DOCUME~1\mss\APPLIC~1\Real

[01/01/2010|18:17] C:\DOCUME~1\mss\APPLIC~1\Reallusion

[31/10/2007|12:50] C:\DOCUME~1\mss\APPLIC~1\Samsung

[23/11/2008|19:00] C:\DOCUME~1\mss\APPLIC~1\Skype

[04/01/2006|21:53] C:\DOCUME~1\mss\APPLIC~1\Sonic

[26/10/2005|12:27] C:\DOCUME~1\mss\APPLIC~1\Sun

[05/03/2008|11:44] C:\DOCUME~1\mss\APPLIC~1\SUPERAntiSpyware.com

[20/11/2005|12:26] C:\DOCUME~1\mss\APPLIC~1\Symantec

[02/11/2007|15:53] C:\DOCUME~1\mss\APPLIC~1\Teleca

[01/05/2008|18:46] C:\DOCUME~1\mss\APPLIC~1\Template

[04/08/2008|23:17] C:\DOCUME~1\mss\APPLIC~1\uTorrent

[18/06/2008|09:34] C:\DOCUME~1\mss\APPLIC~1\Viewpoint

[26/10/2005|12:33] C:\DOCUME~1\mss\APPLIC~1\You've Got Pictures Screensaver

[16/08/2004|16:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/11/2005|12:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[20/11/2005|23:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/02/2010 08:08][--ah-----] C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

[03/11/2009 13:50][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5c843ed3862e.job

[18/02/2010 19:52][--a------] C:\WINDOWS\tasks\Google Software Updater.job

[26/10/2005 12:59][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 3.job

[26/10/2005 12:59][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job

[18/02/2010 18:54][--ah-----] C:\WINDOWS\tasks\SA.DAT

[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[18/11/2009|17:14] C:\Program Files\Adobe

[06/03/2006|21:26] C:\Program Files\Alcohol Soft

[27/06/2007|07:18] C:\Program Files\Alwil Software

[18/02/2010|21:35] C:\Program Files\Antipub

[01/01/2010|16:19] C:\Program Files\AOL 9.0

[26/10/2005|12:33] C:\Program Files\AOL Compagnon

[28/04/2009|12:05] C:\Program Files\Apowersoft

[17/03/2008|22:16] C:\Program Files\Apple Software Update

[30/01/2009|19:02] C:\Program Files\AskTBar

[15/08/2009|13:21] C:\Program Files\Astonsoft

[12/04/2007|22:43] C:\Program Files\Attansic

[14/06/2006|21:14] C:\Program Files\Audacity

[17/02/2010|22:04] C:\Program Files\AVS4YOU

[18/02/2010|21:36] C:\Program Files\Barbie

[14/07/2007|23:26] C:\Program Files\BitSpirit

[17/03/2008|22:17] C:\Program Files\Bonjour

[01/01/2010|16:19] C:\Program Files\BoontyGames

[05/01/2007|22:33] C:\Program Files\C&E

[27/06/2007|07:10] C:\Program Files\CCleaner

[13/02/2010|14:56] C:\Program Files\Conduit

[01/01/2010|16:47] C:\Program Files\Creative

[26/10/2005|12:38] C:\Program Files\CyberLink

[03/03/2007|16:03] C:\Program Files\denouvel

[12/07/2009|20:56] C:\Program Files\DIFX

[20/05/2007|16:15] C:\Program Files\Disc2Phone

[05/01/2009|00:19] C:\Program Files\Disney Interactive

[01/01/2010|16:19] C:\Program Files\DivX

[20/11/2005|14:27] C:\Program Files\Dynamic Toolbar

[08/02/2009|17:39] C:\Program Files\Elaborate Bytes

[13/02/2010|14:43] C:\Program Files\eMule

[15/06/2008|20:31] C:\Program Files\eToro

[13/01/2010|23:05] C:\Program Files\Fichiers communs

[25/03/2007|14:09] C:\Program Files\FitKids

[23/09/2007|17:44] C:\Program Files\Formosoft

[05/01/2009|00:16] C:\Program Files\Frankie

[08/02/2009|17:10] C:\Program Files\Free Easy Burner

[06/11/2009|15:56] C:\Program Files\FT_Migration

[05/09/2007|22:50] C:\Program Files\Gartriage

[05/02/2010|20:46] C:\Program Files\Google

[29/11/2006|21:12] C:\Program Files\Happyneuron

[15/04/2006|14:38] C:\Program Files\HbTools_Icons

[17/02/2010|22:07] C:\Program Files\InstallShield Installation Information

[12/04/2007|22:06] C:\Program Files\Intel

[01/01/2010|16:19] C:\Program Files\Internet Explorer

[17/03/2008|22:17] C:\Program Files\iPod

[17/03/2008|22:17] C:\Program Files\iTunes

[10/06/2009|08:38] C:\Program Files\Java

[24/01/2010|15:14] C:\Program Files\Jeune Styliste 2

[15/05/2007|22:55] C:\Program Files\Lavalys

[26/10/2005|12:33] C:\Program Files\Learn2.com

[24/05/2009|17:53] C:\Program Files\LG Electronics

[01/01/2010|16:19] C:\Program Files\LG PC Suite II

[18/02/2010|21:41] C:\Program Files\Magic Karaoke Maker

[18/02/2010|21:35] C:\Program Files\Mattel Interactive

[13/09/2008|13:53] C:\Program Files\Messenger

[07/02/2009|16:31] C:\Program Files\Micro Application

[25/11/2009|17:44] C:\Program Files\Microsoft

[19/03/2009|00:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[16/08/2004|17:11] C:\Program Files\microsoft frontpage

[26/10/2005|12:41] C:\Program Files\microsoft office

[25/11/2009|17:44] C:\Program Files\Microsoft Office Outlook Connector

[21/01/2010|18:04] C:\Program Files\Microsoft Silverlight

[25/11/2009|17:41] C:\Program Files\Microsoft SQL Server Compact Edition

[25/11/2009|17:43] C:\Program Files\Microsoft Sync Framework

[26/10/2005|12:40] C:\Program Files\Microsoft Works

[26/10/2005|12:41] C:\Program Files\Microsoft.NET

[05/01/2009|00:20] C:\Program Files\Mindscape

[20/01/2010|17:51] C:\Program Files\Movie Maker

[18/02/2010|21:47] C:\Program Files\Mozilla Firefox

[28/12/2005|11:28] C:\Program Files\MP3 Player Utilities 1.47

[25/06/2008|19:17] C:\Program Files\MPMAN

[20/10/2009|20:56] C:\Program Files\MSBuild

[14/01/2006|18:24] C:\Program Files\MSN

[16/08/2004|17:03] C:\Program Files\MSN Gaming Zone

[17/03/2009|23:00] C:\Program Files\MSN Messenger

[13/02/2010|14:56] C:\Program Files\My-Tool

[21/10/2007|13:37] C:\Program Files\Nathan

[05/03/2008|11:00] C:\Program Files\Navilog1

[13/09/2008|13:48] C:\Program Files\NetMeeting

[06/12/2009|08:04] C:\Program Files\Nokia

[16/08/2004|17:03] C:\Program Files\Online Services

[12/08/2009|12:12] C:\Program Files\Outlook Express

[06/12/2009|08:01] C:\Program Files\PC Connectivity Solution

[24/01/2010|21:00] C:\Program Files\PeerTV

[07/02/2009|16:38] C:\Program Files\Photo To Sketch

[01/01/2010|16:19] C:\Program Files\QuickTime

[26/10/2005|12:32] C:\Program Files\Real

[12/04/2007|22:30] C:\Program Files\Realtek

[20/10/2009|20:56] C:\Program Files\Reference Assemblies

[04/01/2008|23:03] C:\Program Files\SC

[03/03/2007|15:52] C:\Program Files\SDLL

[16/08/2004|17:07] C:\Program Files\Services en ligne

[26/10/2005|12:42] C:\Program Files\Sonic

[18/01/2010|19:06] C:\Program Files\Styliste2

[28/04/2009|19:33] C:\Program Files\SUPERAntiSpyware

[20/08/2008|18:00] C:\Program Files\SystemRequirementsLab

[02/12/2006|10:14] C:\Program Files\TLC

[25/04/2009|14:41] C:\Program Files\U.B. Funkeys

[16/08/2004|17:19] C:\Program Files\Uninstall Information

[04/08/2008|22:28] C:\Program Files\uTorrent

[26/09/2007|12:51] C:\Program Files\ValuSoft

[26/10/2005|12:33] C:\Program Files\Viewpoint

[05/01/2008|19:54] C:\Program Files\VTech

[18/02/2010|21:47] C:\Program Files\Wanadoo

[21/03/2008|22:54] C:\Program Files\WinAVI Video Converter

[25/11/2009|17:43] C:\Program Files\Windows Live

[17/03/2009|22:59] C:\Program Files\Windows Live SkyDrive

[16/08/2007|18:44] C:\Program Files\Windows Media Components

[01/10/2007|20:18] C:\Program Files\Windows Media Connect 2

[01/01/2010|16:19] C:\Program Files\Windows Media Player

[13/09/2008|13:48] C:\Program Files\Windows NT

[02/01/2009|13:11] C:\Program Files\Windows Sidebar

[06/11/2007|10:54] C:\Program Files\WinRAR

[16/08/2004|17:11] C:\Program Files\xerox

[07/02/2009|16:29] C:\Program Files\Yahoo!

[04/01/2006|10:29] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[18/11/2009|17:15] C:\Program Files\Fichiers communs\Adobe

[03/11/2007|15:15] C:\Program Files\Fichiers communs\Adobe Systems Shared

[26/10/2005|12:33] C:\Program Files\Fichiers communs\AOL

[26/10/2005|12:33] C:\Program Files\Fichiers communs\aolshare

[18/02/2010|20:51] C:\Program Files\Fichiers communs\AVSMedia

[02/09/2007|18:12] C:\Program Files\Fichiers communs\Barbie

[12/02/2006|22:49] C:\Program Files\Fichiers communs\BOONTY Shared

[26/10/2005|12:41] C:\Program Files\Fichiers communs\DESIGNER

[07/11/2007|13:22] C:\Program Files\Fichiers communs\InstallShield

[29/06/2008|12:59] C:\Program Files\Fichiers communs\Knowledge Adventure

[20/10/2009|20:44] C:\Program Files\Fichiers communs\Microsoft Shared

[16/08/2004|17:06] C:\Program Files\Fichiers communs\MSSoap

[06/12/2009|08:04] C:\Program Files\Fichiers communs\Nokia

[26/10/2005|12:33] C:\Program Files\Fichiers communs\Nullsoft

[13/01/2010|23:05] C:\Program Files\Fichiers communs\ODBC

[06/12/2009|08:04] C:\Program Files\Fichiers communs\PCSuite

[26/10/2005|12:39] C:\Program Files\Fichiers communs\Real

[03/05/2007|20:39] C:\Program Files\Fichiers communs\Services

[26/10/2005|12:42] C:\Program Files\Fichiers communs\Sonic Shared

[16/08/2004|16:56] C:\Program Files\Fichiers communs\SpeechEngines

[05/01/2007|22:01] C:\Program Files\Fichiers communs\SureThing Shared

[27/06/2007|06:58] C:\Program Files\Fichiers communs\Symantec Shared

[25/11/2009|17:44] C:\Program Files\Fichiers communs\System

[20/09/2006|18:09] C:\Program Files\Fichiers communs\Vivendi Universal Games

[17/03/2009|22:55] C:\Program Files\Fichiers communs\Windows Live

[28/04/2009|19:33] C:\Program Files\Fichiers communs\Wise Installation Wizard

[26/10/2005|12:39] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 68 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs

C:\DOCUME~1\mss\Cookies\mss@advertising[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-02-18 22:43:13

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\mss\APPLIC~1\MessengerSkinner

C:\DOCUME~1\mss\APPLIC~1\MessengerSkinner\Userdata

C:\WINDOWS\System32\nvs2.inf

C:\DOCUME~1\mss\LOCALS~1\APPLIC~1\uthoewyx.dat

C:\DOCUME~1\mss\LOCALS~1\APPLIC~1\uthoewyx_nav.dat

C:\DOCUME~1\mss\LOCALS~1\APPLIC~1\uthoewyx_navps.dat

==> EGDACCESS <==

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\mss\Mes documents\clone\CloneDVD2Keygen.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\!!! A LIRE AVANT TOUT !!!.txt

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Keygen Photoshop CS2 Fr.exe

[F:13][D:4]-> C:\DOCUME~1\mss\LOCALS~1\Temp

[F:29][D:0]-> C:\DOCUME~1\mss\Cookies

[F:202][D:4]-> C:\DOCUME~1\mss\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 18/02/2010|22:45 - Option : [1]

--------------------\\ Fin du rapport a 22:45:46

et voici le second après le choix 2)

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

( : )

USER : mss ( Administrator )

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [2] ( 18/02/2010|22:53 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\mss\Cookies\mss@advertising[1].txt

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint

Supprime! - C:\DOCUME~1\mss\APPLIC~1\Viewpoint

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[11/05/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ableton

[18/11/2009|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[03/11/2007|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems

[28/04/2009|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AMV Converter Studio

[20/12/2005|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL

[17/03/2008|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[17/03/2008|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[28/04/2009|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

[09/02/2009|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon

[12/02/2006|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY

[06/01/2007|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ

[01/01/2010|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative

[03/09/2007|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[08/02/2009|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes

[23/11/2009|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[18/02/2010|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater

[06/12/2009|07:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations

[07/11/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield

[08/07/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure

[30/01/2009|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe

[25/11/2009|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[04/02/2009|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero

[20/10/2009|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia

[02/09/2006|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[23/05/2009|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite

[20/11/2005|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[16/08/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[23/11/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype

[05/03/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com

[27/06/2007|06:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[05/01/2009|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vivendi Universal Games

[25/07/2006|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[16/08/2004|17:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[08/02/2008|17:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[16/08/2004|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[26/10/2005|12:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[26/10/2005|12:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[26/10/2005|12:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[26/10/2005|12:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[29/10/2009|23:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Identities

[05/10/2007|18:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/10/2009|23:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Real

[01/01/2005|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[11/05/2008|17:12] C:\DOCUME~1\mss\APPLIC~1\Ableton

[25/05/2008|13:15] C:\DOCUME~1\mss\APPLIC~1\Adobe

[17/07/2007|18:46] C:\DOCUME~1\mss\APPLIC~1\AdobeUM

[17/03/2008|22:22] C:\DOCUME~1\mss\APPLIC~1\Apple Computer

[28/04/2009|12:00] C:\DOCUME~1\mss\APPLIC~1\AVS4YOU

[13/02/2010|14:57] C:\DOCUME~1\mss\APPLIC~1\AVSMedia

[09/02/2009|22:55] C:\DOCUME~1\mss\APPLIC~1\Babylon

[29/11/2007|19:14] C:\DOCUME~1\mss\APPLIC~1\Canon

[01/01/2010|18:07] C:\DOCUME~1\mss\APPLIC~1\Creative

[26/10/2005|13:14] C:\DOCUME~1\mss\APPLIC~1\CyberLink

[15/08/2009|13:53] C:\DOCUME~1\mss\APPLIC~1\DeepBurner

[07/07/2008|13:36] C:\DOCUME~1\mss\APPLIC~1\DivX

[13/05/2009|12:29] C:\DOCUME~1\mss\APPLIC~1\drivers

[01/11/2006|15:37] C:\DOCUME~1\mss\APPLIC~1\Google

[20/11/2005|12:35] C:\DOCUME~1\mss\APPLIC~1\Help

[29/10/2009|23:47] C:\DOCUME~1\mss\APPLIC~1\Icones

[16/08/2004|17:19] C:\DOCUME~1\mss\APPLIC~1\Identities

[11/11/2009|11:33] C:\DOCUME~1\mss\APPLIC~1\InstallShield

[08/08/2006|10:46] C:\DOCUME~1\mss\APPLIC~1\iShell

[04/01/2006|21:50] C:\DOCUME~1\mss\APPLIC~1\Leadertech

[24/05/2009|17:52] C:\DOCUME~1\mss\APPLIC~1\LG Electronics

[24/11/2007|21:46] C:\DOCUME~1\mss\APPLIC~1\Macromedia

[19/11/2007|00:06] C:\DOCUME~1\mss\APPLIC~1\MessengerSkinner

[25/06/2008|19:18] C:\DOCUME~1\mss\APPLIC~1\Microsoft

[28/08/2008|21:14] C:\DOCUME~1\mss\APPLIC~1\Mozilla

[25/06/2008|19:18] C:\DOCUME~1\mss\APPLIC~1\MP-Manager

[20/10/2009|21:04] C:\DOCUME~1\mss\APPLIC~1\Nokia

[23/05/2009|12:36] C:\DOCUME~1\mss\APPLIC~1\PC Suite

[26/10/2005|12:39] C:\DOCUME~1\mss\APPLIC~1\Real

[01/01/2010|18:17] C:\DOCUME~1\mss\APPLIC~1\Reallusion

[31/10/2007|12:50] C:\DOCUME~1\mss\APPLIC~1\Samsung

[23/11/2008|19:00] C:\DOCUME~1\mss\APPLIC~1\Skype

[04/01/2006|21:53] C:\DOCUME~1\mss\APPLIC~1\Sonic

[26/10/2005|12:27] C:\DOCUME~1\mss\APPLIC~1\Sun

[05/03/2008|11:44] C:\DOCUME~1\mss\APPLIC~1\SUPERAntiSpyware.com

[20/11/2005|12:26] C:\DOCUME~1\mss\APPLIC~1\Symantec

[02/11/2007|15:53] C:\DOCUME~1\mss\APPLIC~1\Teleca

[01/05/2008|18:46] C:\DOCUME~1\mss\APPLIC~1\Template

[04/08/2008|23:17] C:\DOCUME~1\mss\APPLIC~1\uTorrent

[26/10/2005|12:33] C:\DOCUME~1\mss\APPLIC~1\You've Got Pictures Screensaver

[16/08/2004|16:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/11/2005|12:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[20/11/2005|23:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/02/2010 08:08][--ah-----] C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

[03/11/2009 13:50][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5c843ed3862e.job

[18/02/2010 19:52][--a------] C:\WINDOWS\tasks\Google Software Updater.job

[26/10/2005 12:59][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 3.job

[26/10/2005 12:59][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job

[18/02/2010 18:54][--ah-----] C:\WINDOWS\tasks\SA.DAT

[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[18/11/2009|17:14] C:\Program Files\Adobe

[06/03/2006|21:26] C:\Program Files\Alcohol Soft

[27/06/2007|07:18] C:\Program Files\Alwil Software

[18/02/2010|21:35] C:\Program Files\Antipub

[01/01/2010|16:19] C:\Program Files\AOL 9.0

[26/10/2005|12:33] C:\Program Files\AOL Compagnon

[28/04/2009|12:05] C:\Program Files\Apowersoft

[17/03/2008|22:16] C:\Program Files\Apple Software Update

[30/01/2009|19:02] C:\Program Files\AskTBar

[15/08/2009|13:21] C:\Program Files\Astonsoft

[12/04/2007|22:43] C:\Program Files\Attansic

[14/06/2006|21:14] C:\Program Files\Audacity

[17/02/2010|22:04] C:\Program Files\AVS4YOU

[18/02/2010|21:36] C:\Program Files\Barbie

[14/07/2007|23:26] C:\Program Files\BitSpirit

[17/03/2008|22:17] C:\Program Files\Bonjour

[01/01/2010|16:19] C:\Program Files\BoontyGames

[05/01/2007|22:33] C:\Program Files\C&E

[27/06/2007|07:10] C:\Program Files\CCleaner

[13/02/2010|14:56] C:\Program Files\Conduit

[01/01/2010|16:47] C:\Program Files\Creative

[26/10/2005|12:38] C:\Program Files\CyberLink

[03/03/2007|16:03] C:\Program Files\denouvel

[12/07/2009|20:56] C:\Program Files\DIFX

[20/05/2007|16:15] C:\Program Files\Disc2Phone

[05/01/2009|00:19] C:\Program Files\Disney Interactive

[01/01/2010|16:19] C:\Program Files\DivX

[20/11/2005|14:27] C:\Program Files\Dynamic Toolbar

[08/02/2009|17:39] C:\Program Files\Elaborate Bytes

[13/02/2010|14:43] C:\Program Files\eMule

[15/06/2008|20:31] C:\Program Files\eToro

[13/01/2010|23:05] C:\Program Files\Fichiers communs

[25/03/2007|14:09] C:\Program Files\FitKids

[23/09/2007|17:44] C:\Program Files\Formosoft

[05/01/2009|00:16] C:\Program Files\Frankie

[08/02/2009|17:10] C:\Program Files\Free Easy Burner

[06/11/2009|15:56] C:\Program Files\FT_Migration

[05/09/2007|22:50] C:\Program Files\Gartriage

[05/02/2010|20:46] C:\Program Files\Google

[29/11/2006|21:12] C:\Program Files\Happyneuron

[15/04/2006|14:38] C:\Program Files\HbTools_Icons

[17/02/2010|22:07] C:\Program Files\InstallShield Installation Information

[12/04/2007|22:06] C:\Program Files\Intel

[01/01/2010|16:19] C:\Program Files\Internet Explorer

[17/03/2008|22:17] C:\Program Files\iPod

[17/03/2008|22:17] C:\Program Files\iTunes

[10/06/2009|08:38] C:\Program Files\Java

[24/01/2010|15:14] C:\Program Files\Jeune Styliste 2

[15/05/2007|22:55] C:\Program Files\Lavalys

[26/10/2005|12:33] C:\Program Files\Learn2.com

[24/05/2009|17:53] C:\Program Files\LG Electronics

[01/01/2010|16:19] C:\Program Files\LG PC Suite II

[18/02/2010|21:41] C:\Program Files\Magic Karaoke Maker

[18/02/2010|21:35] C:\Program Files\Mattel Interactive

[13/09/2008|13:53] C:\Program Files\Messenger

[07/02/2009|16:31] C:\Program Files\Micro Application

[25/11/2009|17:44] C:\Program Files\Microsoft

[19/03/2009|00:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[16/08/2004|17:11] C:\Program Files\microsoft frontpage

[26/10/2005|12:41] C:\Program Files\microsoft office

[25/11/2009|17:44] C:\Program Files\Microsoft Office Outlook Connector

[21/01/2010|18:04] C:\Program Files\Microsoft Silverlight

[25/11/2009|17:41] C:\Program Files\Microsoft SQL Server Compact Edition

[25/11/2009|17:43] C:\Program Files\Microsoft Sync Framework

[26/10/2005|12:40] C:\Program Files\Microsoft Works

[26/10/2005|12:41] C:\Program Files\Microsoft.NET

[05/01/2009|00:20] C:\Program Files\Mindscape

[20/01/2010|17:51] C:\Program Files\Movie Maker

[18/02/2010|21:47] C:\Program Files\Mozilla Firefox

[28/12/2005|11:28] C:\Program Files\MP3 Player Utilities 1.47

[25/06/2008|19:17] C:\Program Files\MPMAN

[20/10/2009|20:56] C:\Program Files\MSBuild

[14/01/2006|18:24] C:\Program Files\MSN

[16/08/2004|17:03] C:\Program Files\MSN Gaming Zone

[17/03/2009|23:00] C:\Program Files\MSN Messenger

[13/02/2010|14:56] C:\Program Files\My-Tool

[21/10/2007|13:37] C:\Program Files\Nathan

[05/03/2008|11:00] C:\Program Files\Navilog1

[13/09/2008|13:48] C:\Program Files\NetMeeting

[06/12/2009|08:04] C:\Program Files\Nokia

[16/08/2004|17:03] C:\Program Files\Online Services

[12/08/2009|12:12] C:\Program Files\Outlook Express

[06/12/2009|08:01] C:\Program Files\PC Connectivity Solution

[24/01/2010|21:00] C:\Program Files\PeerTV

[07/02/2009|16:38] C:\Program Files\Photo To Sketch

[01/01/2010|16:19] C:\Program Files\QuickTime

[26/10/2005|12:32] C:\Program Files\Real

[12/04/2007|22:30] C:\Program Files\Realtek

[20/10/2009|20:56] C:\Program Files\Reference Assemblies

[04/01/2008|23:03] C:\Program Files\SC

[03/03/2007|15:52] C:\Program Files\SDLL

[16/08/2004|17:07] C:\Program Files\Services en ligne

[26/10/2005|12:42] C:\Program Files\Sonic

[18/01/2010|19:06] C:\Program Files\Styliste2

[28/04/2009|19:33] C:\Program Files\SUPERAntiSpyware

[20/08/2008|18:00] C:\Program Files\SystemRequirementsLab

[02/12/2006|10:14] C:\Program Files\TLC

[25/04/2009|14:41] C:\Program Files\U.B. Funkeys

[16/08/2004|17:19] C:\Program Files\Uninstall Information

[04/08/2008|22:28] C:\Program Files\uTorrent

[26/09/2007|12:51] C:\Program Files\ValuSoft

[05/01/2008|19:54] C:\Program Files\VTech

[18/02/2010|21:47] C:\Program Files\Wanadoo

[21/03/2008|22:54] C:\Program Files\WinAVI Video Converter

[25/11/2009|17:43] C:\Program Files\Windows Live

[17/03/2009|22:59] C:\Program Files\Windows Live SkyDrive

[16/08/2007|18:44] C:\Program Files\Windows Media Components

[01/10/2007|20:18] C:\Program Files\Windows Media Connect 2

[01/01/2010|16:19] C:\Program Files\Windows Media Player

[13/09/2008|13:48] C:\Program Files\Windows NT

[02/01/2009|13:11] C:\Program Files\Windows Sidebar

[06/11/2007|10:54] C:\Program Files\WinRAR

[16/08/2004|17:11] C:\Program Files\xerox

[07/02/2009|16:29] C:\Program Files\Yahoo!

[04/01/2006|10:29] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[18/11/2009|17:15] C:\Program Files\Fichiers communs\Adobe

[03/11/2007|15:15] C:\Program Files\Fichiers communs\Adobe Systems Shared

[26/10/2005|12:33] C:\Program Files\Fichiers communs\AOL

[26/10/2005|12:33] C:\Program Files\Fichiers communs\aolshare

[18/02/2010|20:51] C:\Program Files\Fichiers communs\AVSMedia

[02/09/2007|18:12] C:\Program Files\Fichiers communs\Barbie

[12/02/2006|22:49] C:\Program Files\Fichiers communs\BOONTY Shared

[26/10/2005|12:41] C:\Program Files\Fichiers communs\DESIGNER

[07/11/2007|13:22] C:\Program Files\Fichiers communs\InstallShield

[29/06/2008|12:59] C:\Program Files\Fichiers communs\Knowledge Adventure

[20/10/2009|20:44] C:\Program Files\Fichiers communs\Microsoft Shared

[16/08/2004|17:06] C:\Program Files\Fichiers communs\MSSoap

[06/12/2009|08:04] C:\Program Files\Fichiers communs\Nokia

[26/10/2005|12:33] C:\Program Files\Fichiers communs\Nullsoft

[13/01/2010|23:05] C:\Program Files\Fichiers communs\ODBC

[06/12/2009|08:04] C:\Program Files\Fichiers communs\PCSuite

[26/10/2005|12:39] C:\Program Files\Fichiers communs\Real

[03/05/2007|20:39] C:\Program Files\Fichiers communs\Services

[26/10/2005|12:42] C:\Program Files\Fichiers communs\Sonic Shared

[16/08/2004|16:56] C:\Program Files\Fichiers communs\SpeechEngines

[05/01/2007|22:01] C:\Program Files\Fichiers communs\SureThing Shared

[27/06/2007|06:58] C:\Program Files\Fichiers communs\Symantec Shared

[25/11/2009|17:44] C:\Program Files\Fichiers communs\System

[20/09/2006|18:09] C:\Program Files\Fichiers communs\Vivendi Universal Games

[17/03/2009|22:55] C:\Program Files\Fichiers communs\Windows Live

[28/04/2009|19:33] C:\Program Files\Fichiers communs\Wise Installation Wizard

[26/10/2005|12:39] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 66 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-02-18 22:56:49

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\mss\APPLIC~1\MessengerSkinner

C:\DOCUME~1\mss\APPLIC~1\MessengerSkinner\Userdata

C:\WINDOWS\System32\nvs2.inf

C:\DOCUME~1\mss\LOCALS~1\APPLIC~1\uthoewyx.dat

C:\DOCUME~1\mss\LOCALS~1\APPLIC~1\uthoewyx_nav.dat

C:\DOCUME~1\mss\LOCALS~1\APPLIC~1\uthoewyx_navps.dat

==> EGDACCESS <==

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\mss\Mes documents\clone\CloneDVD2Keygen.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\!!! A LIRE AVANT TOUT !!!.txt

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Keygen Photoshop CS2 Fr.exe

[F:13][D:4]-> C:\DOCUME~1\mss\LOCALS~1\Temp

[F:28][D:0]-> C:\DOCUME~1\mss\Cookies

[F:202][D:4]-> C:\DOCUME~1\mss\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 18/02/2010|22:45 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 18/02/2010|22:59 - Option : [2]

--------------------\\ Fin du rapport a 22:59:04

Apollo · le 18 février 2010

Re,

Fais gaffe avec les cracks, tu pourrais avoir des très mauvaises surprises comme Bagle ou le terrible Virut, virus très destructeurs!

Télécharge Navilog1 (par IL-MAFIOSO) Enregistre-le sur ton bureau.

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Ensuite double clique sur navilog1.exe pour lancer l'installation.

Une fois l'installation terminée, double-clique sur le raccourci Navilog1 présent sur le bureau.

Laisse-toi guider. Appuie sur une touche quand on te le demande.

Au menu principal, choisis 1 et valide.

< Ne fais pas le choix 2 >

Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.

Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.

Patiente jusqu'au message "Scan terminé le......"

Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.

Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.

PS : le rapport est aussi sauvegardé à la racine du disque dur C:\cleannavi.txt

@++

Modifié le 18 février 2010 par Apollo

mamquentin · le 18 février 2010

Merci,

Voici le rapport suite au lancement de Navilog1 et au redemarrage :

Fix Navipromo version 4.0.6 commencé le 18/02/2010 23:10:10,84

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!

!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

( : )

USER : mss ( Administrator )

Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur

C:\Documents and Settings\mss\applic~1\MessengerSkinner supprimé !

C:\WINDOWS\system32\nvs2.inf supprimé !

c:\docume~1\mss\locals~1\applic~1\uthoewyx.dat supprimé !

c:\docume~1\mss\locals~1\applic~1\uthoewyx_nav.dat supprimé !

c:\docume~1\mss\locals~1\applic~1\uthoewyx_navps.dat supprimé !

Nettoyage contenu C:\WINDOWS\Temp effectué !

Nettoyage contenu C:\Documents and Settings\mss\locals~1\Temp effectué !

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

Certificat Egroup supprimé !

Certificat Electronic-Group supprimé !

Certificat OOO-Favorit supprimé !

*** Scan terminé 18/02/2010 23:17:50,14 ***

Apollo · le 18 février 2010

Oki on avance pas mal.

Pour éviter la réinfection par Navipromo/Egdaccess:

Ne jamais (ré)installer :

# Live-Player (live-player.com)

# Go-astro

# GoRecord

# HotTVPlayer

# MailSkinner

# Messenger Skinner

# Instant Access

# InternetGameBox

# Sudoplanet

# games-desktop.com

# Funky Emoticons

#Games-AttacK -

#Original-Solitaire.

# WebMediaplayer sauf celui du créateur Florian Delaunay -> http://www.azertysite.new.fr/

etc...

----------------------------------------

1) Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

Ou ici: http://eric71.geekstogo.com/tools/ToolBarSD.exe

Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique sur le raccourci de Toolbar-S&D.
--> Sous VISTA: clic droit Exécuter en temps qu'administrateur.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré. (C:\TB.txt)

--------------------------------------------------------------

2) Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".

--> Sous VISTA: clic droit Exécuter en temps qu'administrateur.

Ne ferme pas la fenêtre lors de la suppression !

Un rapport sera généré, poste son contenu dans ta réponse.

NB: Si ton Bureau ne réapparaissait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.

Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."

Tape explorer puis valide.

Poste les deux rapports stp.

@++

mamquentin · le 18 février 2010

Je suis désolée mais je n'ai que le second rapport

J'avais commencé ma réponse en copiant le premier mais Firefox a été fermé lorsque j'ai relancé ToolBar S&D la seconde fois ...

J'espère que ce n'est pas trop génant ...

Alors voici le SECOND RAPPORT (suite au choix 2)

-----------\\ ToolBar S&D 1.2.9 XP/Vista

( : )

USER : mss ( Administrator )

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [2] ( 18/02/2010|23:47 )

-----------\\ SUPPRESSION

Echec ! - C:\Program Files\AskTBar\bar

Supprime! - C:\Program Files\AskTBar\PopSwatr

Echec ! - C:\Program Files\AskTBar\bar\1.bin

Echec ! - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

Supprime! - C:\Program Files\dynamic toolbar\batch.bat

Supprime! - C:\Program Files\dynamic toolbar\Cache

Supprime! - C:\Program Files\dynamic toolbar\unins000.dat

Supprime! - C:\Program Files\dynamic toolbar\unins000.exe

Supprime! - C:\Program Files\HbTools_Icons\Registryrepair.ico

Echec ! - C:\Program Files\AskTBar

Supprime! - C:\Program Files\dynamic toolbar

Supprime! - C:\Program Files\HbTools_Icons

-----------\\ DEUXIEME PASSAGE

Echec ! - C:\Program Files\AskTBar\bar

Echec ! - C:\Program Files\AskTBar\bar\1.bin

Echec ! - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

Echec ! - C:\Program Files\AskTBar

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskTBar

C:\Program Files\AskTBar\bar

C:\Program Files\AskTBar\bar\1.bin

C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

C:\DOCUME~1\mss\Favoris\isoHunt - IRC and Bit Torrent search engine.url

-----------\\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(mss) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user

(mss) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(mss) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\WINDOWS\\system32\\blank.htm"

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com/ie"'>http://www.google.com/ie"

"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

"Start Page"="http://www.orange.fr"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.google.com/ie"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Start Page"="http://www.msn.com/"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\mss\Mes documents\clone\CloneDVD2Keygen.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\!!! A LIRE AVANT TOUT !!!.txt

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Keygen Photoshop CS2 Fr.exe

1 - "C:\ToolBar SD\TB_1.txt" - 18/02/2010|23:42 - Option : [1]

2 - "C:\ToolBar SD\TB_2.txt" - 18/02/2010|23:49 - Option : [2]

-----------\\ Fin du rapport a 23:49:23,96

mamquentin · le 18 février 2010

OUPS ...

J'ai retrouvé le premier rapport (suite au choix 1)

-----------\\ ToolBar S&D 1.2.9 XP/Vista

( : )

USER : mss ( Administrator )

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [1] ( 18/02/2010|23:40 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskTBar

C:\Program Files\AskTBar\bar

C:\Program Files\AskTBar\PopSwatr

C:\Program Files\AskTBar\bar\1.bin

C:\Program Files\AskTBar\bar\Cache

C:\Program Files\AskTBar\bar\History

C:\Program Files\AskTBar\bar\Settings

C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL

C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

C:\Program Files\AskTBar\bar\Cache\012D0AB6

C:\Program Files\AskTBar\bar\Cache\016120D1

C:\Program Files\AskTBar\bar\Cache\02D4585F.bin

C:\Program Files\AskTBar\bar\Cache\02D45AA1.bin

C:\Program Files\AskTBar\bar\Cache\02D45CB4.bin

C:\Program Files\AskTBar\bar\Cache\02D45E99.bin

C:\Program Files\AskTBar\bar\Cache\files.ini

C:\Program Files\AskTBar\bar\History\search2

C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm

C:\Program Files\AskTBar\PopSwatr\History

C:\Program Files\AskTBar\PopSwatr\History\allowed

C:\Program Files\AskTBar\PopSwatr\History\notallow

C:\Program Files\dynamic toolbar

C:\Program Files\dynamic toolbar\batch.bat

C:\Program Files\dynamic toolbar\Cache

C:\Program Files\dynamic toolbar\unins000.dat

C:\Program Files\dynamic toolbar\unins000.exe

C:\Program Files\dynamic toolbar\Cache\go.bmp

C:\Program Files\dynamic toolbar\Cache\home.bmp

C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp

C:\Program Files\dynamic toolbar\Cache\parent_off.bmp

C:\Program Files\dynamic toolbar\Cache\parent_on.bmp

C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg

C:\Program Files\dynamic toolbar\Cache\popup_off.bmp

C:\Program Files\dynamic toolbar\Cache\popup_on.bmp

C:\Program Files\dynamic toolbar\Cache\search.bmp

C:\Program Files\dynamic toolbar\Cache\services.bmp

C:\Program Files\dynamic toolbar\Cache\skin.bmp

C:\Program Files\dynamic toolbar\Cache\skin1.bmp

C:\Program Files\dynamic toolbar\Cache\skin2.bmp

C:\Program Files\dynamic toolbar\Cache\skin3.bmp

C:\Program Files\dynamic toolbar\Cache\skin4.bmp

C:\Program Files\dynamic toolbar\Cache\skin5.bmp

C:\Program Files\dynamic toolbar\Cache\store.bmp

C:\Program Files\dynamic toolbar\Cache\style.css

C:\Program Files\dynamic toolbar\Cache\support.bmp

C:\Program Files\dynamic toolbar\Cache\Thumbs.db

C:\Program Files\dynamic toolbar\Cache\ticker.xml

C:\Program Files\HbTools_Icons

C:\Program Files\HbTools_Icons\Registryrepair.ico

C:\DOCUME~1\mss\Favoris\isoHunt - IRC and Bit Torrent search engine.url

-----------\\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(mss) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user

(mss) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(mss) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\WINDOWS\\system32\\blank.htm"

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com/ie"'>http://www.google.com/ie"

"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

"Start Page"="http://www.orange.fr"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.google.com/ie"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\mss\Mes documents\clone\CloneDVD2Keygen.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\!!! A LIRE AVANT TOUT !!!.txt

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Keygen Photoshop CS2 Fr.exe

1 - "C:\ToolBar SD\TB_1.txt" - 18/02/2010|23:42 - Option : [1]

-----------\\ Fin du rapport a 23:42:19,62

Apollo · le 18 février 2010

Ok, le principal est d'avoir surtout le rapport de nettoyage.

Il a échoué à detruire un ou deux trucs; on va réutiliser une option de Lop S&D dont tu t'es déjà servi pour les virer.

Relance Lop S&D et choisis l'option 4.

Une page va s'ouvrir.

Copie/colle ce qui se trouve dans l'espace code ci-dessous puis ferme la page:

Il va y avoir une demande pour enregistrer les fichiers, clique sur Enregistrer.

 C:\Program Files\AskTBar
C:\DOCUME~1\mss\Favoris\isoHunt - IRC and Bit Torrent search engine.url

L'outil va travailler, supprimer les dossiers ou fichiers infectés et générer un rapport.

Ne ferme pas la fenêtre pendant la suppression!

Copie/colle le contenu de ce rapport dans ta prochaine réponse.

Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide

Fais alors un nouveau log Hijackthis stp.

mamquentin · le 18 février 2010

Voici le rapport de LOP S&D - Option 4 avec le script :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

( : )

USER : mss ( Administrator )

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [4] ( 19/02/2010| 0:23 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

C:\Program Files\AskTBar

C:\DOCUME~1\mss\Favoris\isoHunt - IRC and Bit Torrent search engine.url

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

... C:\DOCUME~1\mss\Favoris\isoHunt - IRC and Bit Torrent search engine.url -> n'existe pas !

Supprime! - C:\Program Files\AskTBar

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[11/05/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ableton

[18/11/2009|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[03/11/2007|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems

[28/04/2009|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AMV Converter Studio

[20/12/2005|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL

[17/03/2008|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[17/03/2008|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[28/04/2009|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

[09/02/2009|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon

[12/02/2006|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY

[06/01/2007|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ

[01/01/2010|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative

[03/09/2007|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[08/02/2009|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes

[23/11/2009|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[18/02/2010|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater

[06/12/2009|07:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations

[07/11/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield

[08/07/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure

[30/01/2009|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe

[25/11/2009|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[04/02/2009|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero

[20/10/2009|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia

[02/09/2006|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[23/05/2009|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite

[20/11/2005|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[16/08/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[23/11/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype

[05/03/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com

[27/06/2007|06:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[05/01/2009|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vivendi Universal Games

[25/07/2006|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[16/08/2004|17:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[08/02/2008|17:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[16/08/2004|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[26/10/2005|12:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[26/10/2005|12:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[26/10/2005|12:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[26/10/2005|12:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[29/10/2009|23:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Identities

[05/10/2007|18:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/10/2009|23:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Real

[01/01/2005|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[11/05/2008|17:12] C:\DOCUME~1\mss\APPLIC~1\Ableton

[25/05/2008|13:15] C:\DOCUME~1\mss\APPLIC~1\Adobe

[17/07/2007|18:46] C:\DOCUME~1\mss\APPLIC~1\AdobeUM

[17/03/2008|22:22] C:\DOCUME~1\mss\APPLIC~1\Apple Computer

[28/04/2009|12:00] C:\DOCUME~1\mss\APPLIC~1\AVS4YOU

[13/02/2010|14:57] C:\DOCUME~1\mss\APPLIC~1\AVSMedia

[09/02/2009|22:55] C:\DOCUME~1\mss\APPLIC~1\Babylon

[29/11/2007|19:14] C:\DOCUME~1\mss\APPLIC~1\Canon

[01/01/2010|18:07] C:\DOCUME~1\mss\APPLIC~1\Creative

[26/10/2005|13:14] C:\DOCUME~1\mss\APPLIC~1\CyberLink

[15/08/2009|13:53] C:\DOCUME~1\mss\APPLIC~1\DeepBurner

[07/07/2008|13:36] C:\DOCUME~1\mss\APPLIC~1\DivX

[13/05/2009|12:29] C:\DOCUME~1\mss\APPLIC~1\drivers

[01/11/2006|15:37] C:\DOCUME~1\mss\APPLIC~1\Google

[20/11/2005|12:35] C:\DOCUME~1\mss\APPLIC~1\Help

[29/10/2009|23:47] C:\DOCUME~1\mss\APPLIC~1\Icones

[16/08/2004|17:19] C:\DOCUME~1\mss\APPLIC~1\Identities

[11/11/2009|11:33] C:\DOCUME~1\mss\APPLIC~1\InstallShield

[08/08/2006|10:46] C:\DOCUME~1\mss\APPLIC~1\iShell

[04/01/2006|21:50] C:\DOCUME~1\mss\APPLIC~1\Leadertech

[24/05/2009|17:52] C:\DOCUME~1\mss\APPLIC~1\LG Electronics

[24/11/2007|21:46] C:\DOCUME~1\mss\APPLIC~1\Macromedia

[25/06/2008|19:18] C:\DOCUME~1\mss\APPLIC~1\Microsoft

[28/08/2008|21:14] C:\DOCUME~1\mss\APPLIC~1\Mozilla

[25/06/2008|19:18] C:\DOCUME~1\mss\APPLIC~1\MP-Manager

[20/10/2009|21:04] C:\DOCUME~1\mss\APPLIC~1\Nokia

[23/05/2009|12:36] C:\DOCUME~1\mss\APPLIC~1\PC Suite

[26/10/2005|12:39] C:\DOCUME~1\mss\APPLIC~1\Real

[01/01/2010|18:17] C:\DOCUME~1\mss\APPLIC~1\Reallusion

[31/10/2007|12:50] C:\DOCUME~1\mss\APPLIC~1\Samsung

[23/11/2008|19:00] C:\DOCUME~1\mss\APPLIC~1\Skype

[04/01/2006|21:53] C:\DOCUME~1\mss\APPLIC~1\Sonic

[26/10/2005|12:27] C:\DOCUME~1\mss\APPLIC~1\Sun

[05/03/2008|11:44] C:\DOCUME~1\mss\APPLIC~1\SUPERAntiSpyware.com

[20/11/2005|12:26] C:\DOCUME~1\mss\APPLIC~1\Symantec

[02/11/2007|15:53] C:\DOCUME~1\mss\APPLIC~1\Teleca

[01/05/2008|18:46] C:\DOCUME~1\mss\APPLIC~1\Template

[04/08/2008|23:17] C:\DOCUME~1\mss\APPLIC~1\uTorrent

[26/10/2005|12:33] C:\DOCUME~1\mss\APPLIC~1\You've Got Pictures Screensaver

[16/08/2004|16:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/11/2005|12:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[20/11/2005|23:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/02/2010 08:08][--ah-----] C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

[03/11/2009 13:50][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5c843ed3862e.job

[18/02/2010 23:17][--a------] C:\WINDOWS\tasks\Google Software Updater.job

[26/10/2005 12:59][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 3.job

[26/10/2005 12:59][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job

[18/02/2010 23:16][--ah-----] C:\WINDOWS\tasks\SA.DAT

[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[18/11/2009|17:14] C:\Program Files\Adobe

[06/03/2006|21:26] C:\Program Files\Alcohol Soft

[27/06/2007|07:18] C:\Program Files\Alwil Software

[18/02/2010|21:35] C:\Program Files\Antipub

[01/01/2010|16:19] C:\Program Files\AOL 9.0

[26/10/2005|12:33] C:\Program Files\AOL Compagnon

[28/04/2009|12:05] C:\Program Files\Apowersoft

[17/03/2008|22:16] C:\Program Files\Apple Software Update

[15/08/2009|13:21] C:\Program Files\Astonsoft

[12/04/2007|22:43] C:\Program Files\Attansic

[14/06/2006|21:14] C:\Program Files\Audacity

[17/02/2010|22:04] C:\Program Files\AVS4YOU

[18/02/2010|21:36] C:\Program Files\Barbie

[14/07/2007|23:26] C:\Program Files\BitSpirit

[17/03/2008|22:17] C:\Program Files\Bonjour

[01/01/2010|16:19] C:\Program Files\BoontyGames

[05/01/2007|22:33] C:\Program Files\C&E

[27/06/2007|07:10] C:\Program Files\CCleaner

[13/02/2010|14:56] C:\Program Files\Conduit

[01/01/2010|16:47] C:\Program Files\Creative

[26/10/2005|12:38] C:\Program Files\CyberLink

[03/03/2007|16:03] C:\Program Files\denouvel

[12/07/2009|20:56] C:\Program Files\DIFX

[20/05/2007|16:15] C:\Program Files\Disc2Phone

[05/01/2009|00:19] C:\Program Files\Disney Interactive

[01/01/2010|16:19] C:\Program Files\DivX

[08/02/2009|17:39] C:\Program Files\Elaborate Bytes

[13/02/2010|14:43] C:\Program Files\eMule

[15/06/2008|20:31] C:\Program Files\eToro

[13/01/2010|23:05] C:\Program Files\Fichiers communs

[25/03/2007|14:09] C:\Program Files\FitKids

[23/09/2007|17:44] C:\Program Files\Formosoft

[05/01/2009|00:16] C:\Program Files\Frankie

[08/02/2009|17:10] C:\Program Files\Free Easy Burner

[06/11/2009|15:56] C:\Program Files\FT_Migration

[05/09/2007|22:50] C:\Program Files\Gartriage

[05/02/2010|20:46] C:\Program Files\Google

[29/11/2006|21:12] C:\Program Files\Happyneuron

[17/02/2010|22:07] C:\Program Files\InstallShield Installation Information

[12/04/2007|22:06] C:\Program Files\Intel

[01/01/2010|16:19] C:\Program Files\Internet Explorer

[17/03/2008|22:17] C:\Program Files\iPod

[17/03/2008|22:17] C:\Program Files\iTunes

[10/06/2009|08:38] C:\Program Files\Java

[24/01/2010|15:14] C:\Program Files\Jeune Styliste 2

[15/05/2007|22:55] C:\Program Files\Lavalys

[26/10/2005|12:33] C:\Program Files\Learn2.com

[24/05/2009|17:53] C:\Program Files\LG Electronics

[01/01/2010|16:19] C:\Program Files\LG PC Suite II

[18/02/2010|21:41] C:\Program Files\Magic Karaoke Maker

[18/02/2010|21:35] C:\Program Files\Mattel Interactive

[13/09/2008|13:53] C:\Program Files\Messenger

[07/02/2009|16:31] C:\Program Files\Micro Application

[25/11/2009|17:44] C:\Program Files\Microsoft

[19/03/2009|00:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[16/08/2004|17:11] C:\Program Files\microsoft frontpage

[26/10/2005|12:41] C:\Program Files\microsoft office

[25/11/2009|17:44] C:\Program Files\Microsoft Office Outlook Connector

[21/01/2010|18:04] C:\Program Files\Microsoft Silverlight

[25/11/2009|17:41] C:\Program Files\Microsoft SQL Server Compact Edition

[25/11/2009|17:43] C:\Program Files\Microsoft Sync Framework

[26/10/2005|12:40] C:\Program Files\Microsoft Works

[26/10/2005|12:41] C:\Program Files\Microsoft.NET

[05/01/2009|00:20] C:\Program Files\Mindscape

[20/01/2010|17:51] C:\Program Files\Movie Maker

[18/02/2010|23:50] C:\Program Files\Mozilla Firefox

[28/12/2005|11:28] C:\Program Files\MP3 Player Utilities 1.47

[25/06/2008|19:17] C:\Program Files\MPMAN

[20/10/2009|20:56] C:\Program Files\MSBuild

[14/01/2006|18:24] C:\Program Files\MSN

[16/08/2004|17:03] C:\Program Files\MSN Gaming Zone

[17/03/2009|23:00] C:\Program Files\MSN Messenger

[13/02/2010|14:56] C:\Program Files\My-Tool

[21/10/2007|13:37] C:\Program Files\Nathan

[18/02/2010|23:18] C:\Program Files\Navilog1

[13/09/2008|13:48] C:\Program Files\NetMeeting

[06/12/2009|08:04] C:\Program Files\Nokia

[16/08/2004|17:03] C:\Program Files\Online Services

[12/08/2009|12:12] C:\Program Files\Outlook Express

[06/12/2009|08:01] C:\Program Files\PC Connectivity Solution

[24/01/2010|21:00] C:\Program Files\PeerTV

[07/02/2009|16:38] C:\Program Files\Photo To Sketch

[01/01/2010|16:19] C:\Program Files\QuickTime

[26/10/2005|12:32] C:\Program Files\Real

[12/04/2007|22:30] C:\Program Files\Realtek

[20/10/2009|20:56] C:\Program Files\Reference Assemblies

[04/01/2008|23:03] C:\Program Files\SC

[03/03/2007|15:52] C:\Program Files\SDLL

[16/08/2004|17:07] C:\Program Files\Services en ligne

[26/10/2005|12:42] C:\Program Files\Sonic

[18/01/2010|19:06] C:\Program Files\Styliste2

[28/04/2009|19:33] C:\Program Files\SUPERAntiSpyware

[20/08/2008|18:00] C:\Program Files\SystemRequirementsLab

[02/12/2006|10:14] C:\Program Files\TLC

[25/04/2009|14:41] C:\Program Files\U.B. Funkeys

[16/08/2004|17:19] C:\Program Files\Uninstall Information

[04/08/2008|22:28] C:\Program Files\uTorrent

[26/09/2007|12:51] C:\Program Files\ValuSoft

[05/01/2008|19:54] C:\Program Files\VTech

[18/02/2010|23:50] C:\Program Files\Wanadoo

[21/03/2008|22:54] C:\Program Files\WinAVI Video Converter

[25/11/2009|17:43] C:\Program Files\Windows Live

[17/03/2009|22:59] C:\Program Files\Windows Live SkyDrive

[16/08/2007|18:44] C:\Program Files\Windows Media Components

[01/10/2007|20:18] C:\Program Files\Windows Media Connect 2

[01/01/2010|16:19] C:\Program Files\Windows Media Player

[13/09/2008|13:48] C:\Program Files\Windows NT

[02/01/2009|13:11] C:\Program Files\Windows Sidebar

[06/11/2007|10:54] C:\Program Files\WinRAR

[16/08/2004|17:11] C:\Program Files\xerox

[07/02/2009|16:29] C:\Program Files\Yahoo!

[04/01/2006|10:29] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[18/11/2009|17:15] C:\Program Files\Fichiers communs\Adobe

[03/11/2007|15:15] C:\Program Files\Fichiers communs\Adobe Systems Shared

[26/10/2005|12:33] C:\Program Files\Fichiers communs\AOL

[26/10/2005|12:33] C:\Program Files\Fichiers communs\aolshare

[18/02/2010|20:51] C:\Program Files\Fichiers communs\AVSMedia

[02/09/2007|18:12] C:\Program Files\Fichiers communs\Barbie

[12/02/2006|22:49] C:\Program Files\Fichiers communs\BOONTY Shared

[26/10/2005|12:41] C:\Program Files\Fichiers communs\DESIGNER

[07/11/2007|13:22] C:\Program Files\Fichiers communs\InstallShield

[29/06/2008|12:59] C:\Program Files\Fichiers communs\Knowledge Adventure

[20/10/2009|20:44] C:\Program Files\Fichiers communs\Microsoft Shared

[16/08/2004|17:06] C:\Program Files\Fichiers communs\MSSoap

[06/12/2009|08:04] C:\Program Files\Fichiers communs\Nokia

[26/10/2005|12:33] C:\Program Files\Fichiers communs\Nullsoft

[13/01/2010|23:05] C:\Program Files\Fichiers communs\ODBC

[06/12/2009|08:04] C:\Program Files\Fichiers communs\PCSuite

[26/10/2005|12:39] C:\Program Files\Fichiers communs\Real

[03/05/2007|20:39] C:\Program Files\Fichiers communs\Services

[26/10/2005|12:42] C:\Program Files\Fichiers communs\Sonic Shared

[16/08/2004|16:56] C:\Program Files\Fichiers communs\SpeechEngines

[05/01/2007|22:01] C:\Program Files\Fichiers communs\SureThing Shared

[27/06/2007|06:58] C:\Program Files\Fichiers communs\Symantec Shared

[25/11/2009|17:44] C:\Program Files\Fichiers communs\System

[20/09/2006|18:09] C:\Program Files\Fichiers communs\Vivendi Universal Games

[17/03/2009|22:55] C:\Program Files\Fichiers communs\Windows Live

[28/04/2009|19:33] C:\Program Files\Fichiers communs\Wise Installation Wizard

[26/10/2005|12:39] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 62 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-02-19 00:27:43

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\mss\Mes documents\clone\CloneDVD2Keygen.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\!!! A LIRE AVANT TOUT !!!.txt

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe

C:\DOCUME~1\mss\Mes documents\Mes fichiers re‡us\photoshop\Crack et Keygen\Keygen Photoshop CS2 Fr.exe

[F:16][D:4]-> C:\DOCUME~1\mss\LOCALS~1\Temp

[F:29][D:0]-> C:\DOCUME~1\mss\Cookies

[F:9][D:4]-> C:\DOCUME~1\mss\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 18/02/2010|22:45 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 18/02/2010|22:59 - Option : [2]

3 - "C:\Lop SD\LopR_3.txt" - 19/02/2010| 0:29 - Option : [4]

--------------------\\ Fin du rapport a 0:29:28

et voici le nouveau log de HIJACKTHIS :

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:33:29, on 19/02/2010