|
|
|
Auteur
|
Message
|
1
|
|
|
|
Au secours, je suis infecté de pages publicitaires qui arrivent sans crier gare.
ces pages arrivent uniquement avec Internet explorer .
que faire
merci
|
|
Bouläy hunter
|
|
|
Salut
Des infos supplémentaires à donner ?
Contenu :
Casinos
Spyware Secure
Amaena
Antivirus débile ?
Titre :
CiD
Autre ?
Ca nous aiderai pas mal 
A+
|
|
|
|
|
med365 a écrit :
Salut
Des infos supplémentaires à donner ?
Contenu :
Casinos
Spyware Secure
Amaena
Antivirus débile ?
Titre :
CiD
Autre ?
Ca nous aiderai pas mal
A+
Le contenu est très divers :
Casino
Poker
La Redoute
01Men
Adopt euroclic
free aniator cursor
quelquefois des pages porno
etc...
Je suis allé sur votre site et suivi vtre guide en exécutant la procédure
désactiver le mode restauration
lancer navilog1
apliquer ATF Cleaner
appliquer CCleaner
mais je m'aperçois ce matin que les pubs sont toujours présents
voyez vous d'autres solutions?
merci
|
|
Bouläy hunter
|
|
|
Salut
Alors stp poste le rapport de navilog1 et ensuite suis les indications données ici :
http://med365.co.cc/guides/vundo.html
poste alors les rapports de vundofix, combofix et malwares bytes's antimaware.
Ainsi qu'un rapport hijackthis :
Télécharge Hijackthis de TrendMicro.
Décompresse le dans un dossier à la racine de ton disque dur dont le nom n'a pas de sens, par exemple gihjhip
Lance le fichier Hijackthis.exe
Clique sur Do a system scan and save a log file
Copie-colle le rapport dans un nouveau message ici
A+
-->Message édité par med365 le 10/06/2008 13:02:19<--
|
|
|
|
|
med365 a écrit :
Salut
Alors stp poste le rapport de navilog1 et ensuite suis les indications données ici :
http://med365.co.cc/guides/vundo.html
poste alors les rapports de vundofix, combofix et malwares bytes's antimaware.
Ainsi qu'un rapport hijackthis :
Télécharge Hijackthis de TrendMicro.
Décompresse le dans un dossier à la racine de ton disque dur dont le nom n'a pas de sens, par exemple gihjhip
Lance le fichier Hijackthis.exe
Clique sur Do a system scan and save a log file
Copie-colle le rapport dans un nouveau message ici
A+
Ci joints les rapports demandés :
A +
merci
 VundoFix V7.0.5
Scan started at 22:31:29 10/06/2008
Listing files found while scanning....
No infected files were found.
Beginning removal...
ComboFix 08-06-09.7 - Thuy 2008-06-10 23:02:32.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.265 [GMT 2:00]
Endroit: C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Bureau\ANTIPUB\ComboFix.exe
* Création d'un nouveau point de restauration
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\thuy\Application Data\inst.exe
----- BITS: Possible sites infectés -----
hxxp://premium.virginmega.fr
.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-10 to 2008-06-10 ))))))))))))))))))))))))))))))))))))
.
2008-06-10 22:39 . 2008-06-10 22:39 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-10 22:39 . 2008-06-10 22:39 <REP> d-------- C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\Malwarebytes
2008-06-10 22:39 . 2008-06-10 22:39 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-06-10 22:39 . 2008-06-11 15:00 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-10 22:39 . 2008-06-11 15:00 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-10 22:31 . 2008-06-10 22:31 <REP> d-------- C:\VundoFix Backups
2008-06-10 14:06 . 2008-06-10 14:06 <REP> d-------- C:\LA_NUIT_NOUS_APPARTIENT
2008-06-10 01:04 . 2008-06-10 01:04 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2008-06-10 00:56 . 2008-06-10 00:56 <REP> d-------- C:\Program Files\Yahoo!
2008-06-10 00:56 . 2008-06-10 00:56 <REP> d-------- C:\Program Files\CCleaner
2008-06-09 17:33 . 2008-06-09 17:33 7,680 --a------ C:\WINDOWS\Thuy.pcb
2008-06-09 17:23 . 2008-06-09 17:23 121,096 --a------ C:\WINDOWS\system32\MSForms.TWD
2008-06-09 07:00 . 2008-06-10 00:55 <REP> d-------- C:\Program Files\Navilog1
2008-06-09 06:32 . 2008-06-09 06:32 <REP> d-------- C:\!KillBox
2008-06-05 10:00 . 2008-06-05 10:00 <REP> d-------- C:\Program Files\obj poke bias
2008-06-01 08:56 . 2008-06-01 08:56 <REP> d-------- C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\JAM Software
2008-06-01 08:55 . 2008-06-01 08:55 <REP> d-------- C:\Program Files\JAM Software
2008-06-01 08:42 . 2008-06-01 08:42 2 --a------ C:\WINDOWS\Twain001.Mtx
2008-05-31 13:52 . 2008-06-07 11:44 <REP> d-------- C:\Program Files\Mp3 My Mp3 2.0
2008-05-31 13:52 . 2008-05-31 13:52 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MailFrontier
2008-05-31 13:51 . 2008-05-31 13:51 <REP> d-------- C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\MailFrontier
2008-05-31 13:51 . 2007-06-21 21:54 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-05-31 13:51 . 2007-06-21 21:55 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2008-05-31 13:51 . 2007-06-21 21:55 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2008-05-31 13:51 . 2007-06-21 21:55 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2008-05-31 13:51 . 2007-06-21 21:55 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-05-31 13:51 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-05-31 13:51 . 2008-05-31 13:54 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-05-31 13:41 . 2008-06-10 23:09 1,857,568 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-05-31 13:41 . 2008-05-31 13:41 75,932 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-05-31 13:41 . 2008-05-31 13:41 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-05-31 13:41 . 2008-06-10 17:40 23,588 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-05-30 21:59 . 2008-06-05 11:46 <REP> d-------- C:\Program Files\a-squared Anti-Malware
2008-05-27 14:00 . 2008-06-10 22:15 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-27 14:00 . 2008-06-08 07:11 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-27 12:04 . 2008-05-27 12:04 <REP> d-------- C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\Imagenomic
2008-05-25 19:52 . 2005-08-18 02:00 187,904 --a------ C:\WINDOWS\system32\everest_cpl.cpl
2008-05-25 19:52 . 2008-05-25 19:52 51 --a------ C:\WINDOWS\system32\everest_cpl.ini
2008-05-25 19:32 . 2008-05-26 06:31 <REP> d-------- C:\WINDOWS\system32\NtmsData
2008-05-25 10:11 . 2008-05-25 10:15 <REP> d-------- C:\Program Files\Wise Disk Cleaner
2008-05-24 10:31 . 2008-05-24 10:31 <REP> d-------- C:\Program Files\Sudoku
2008-05-24 07:30 . 2008-06-07 08:04 <REP> d-------- C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\BitDownload
2008-05-24 07:29 . 2008-06-05 11:07 <REP> d-------- C:\Program Files\BitDownload
2008-05-24 07:29 . 2008-06-05 10:02 <REP> d-------- C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\obj poke bias
2008-05-24 07:29 . 2008-06-05 10:01 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\LICENSE ADMIN OPTION BIB
2008-05-24 00:07 . 2008-05-24 00:07 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Digital Anarchy
2008-05-23 14:26 . 2008-05-23 14:26 1,152 --a------ C:\WINDOWS\Profil.Brain
2008-05-23 14:23 . 2008-05-23 14:23 <REP> d-------- C:\Program Files\Micro Application
2008-05-23 11:36 . 2008-05-23 11:36 <REP> d-------- C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\temp
2008-05-23 11:31 . 2008-05-23 11:34 <REP> d-------- C:\Program Files\Quidam2 Demo
2008-05-21 17:22 . 2008-05-21 17:22 354,560 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-05-21 17:21 . 2008-05-21 17:22 <REP> d-------- C:\Program Files\TuneUp Utilities 2008
2008-05-17 14:37 . 2008-05-18 11:44 <REP> d-------- C:\Temp\Julian
2008-05-14 13:24 . 2008-05-14 13:59 565 --a------ C:\hpfr5550.xml
2008-05-14 13:20 . 2008-05-14 13:20 34 --a------ C:\WINDOWS\hpfsched.ini
2008-05-10 18:12 . 2008-05-10 18:12 <REP> d-------- C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\TERMINAL Studio
2008-05-10 18:11 . 2008-05-10 18:16 <REP> d-------- C:\Program Files\Astro Gemini Software
2008-05-10 18:11 . 2008-05-10 18:11 <REP> d-------- C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\Astro Gemini Software
2008-05-10 18:11 . 2007-12-12 15:23 12,636,160 --a------ C:\WINDOWS\system32\Dinosaurs 3D Screensaver.scr
2008-05-10 10:41 . 2008-05-14 14:47 4,878 --ah----- C:\ffastun.ffa
2008-05-10 10:40 . 2008-05-14 14:47 10,014,720 --ah----- C:\ffastun0.ffx
2008-05-10 10:40 . 2008-05-14 14:47 1,867,776 --ah----- C:\ffastun.ffo
2008-05-10 09:40 . 2008-05-14 14:47 6,930,432 --ah----- C:\ffastun.ffl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-10 15:40 55,808 ----a-w C:\WINDOWS\Internet Logs\xDB13.tmp
2008-06-10 15:40 1,567,232 ----a-w C:\WINDOWS\Internet Logs\xDB14.tmp
2008-06-10 12:05 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\DVD Shrink
2008-06-10 07:45 216,064 ----a-w C:\WINDOWS\Internet Logs\xDB11.tmp
2008-06-10 07:45 1,557,504 ----a-w C:\WINDOWS\Internet Logs\xDB12.tmp
2008-06-10 07:45 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\Mail Box Dispatcher 2
2008-06-09 15:18 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\OpenOffice.org2
2008-06-08 08:10 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\TechSmith
2008-06-08 06:03 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-06-07 07:21 3,096,576 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp
2008-06-06 14:32 2,782,208 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
2008-06-06 14:32 1,486,848 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
2008-06-06 07:18 580,096 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
2008-06-06 07:18 1,481,216 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
2008-06-05 22:18 584,192 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
2008-06-05 22:18 1,478,656 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
2008-06-05 22:05 --------- d-----w C:\Program Files\i-Covers
2008-06-05 21:44 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-05 21:44 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-06-05 13:02 2,841,088 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
2008-06-05 13:02 1,461,760 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
2008-06-05 12:38 3,489,280 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
2008-06-05 09:42 --------- d-----w C:\Program Files\Fichiers communs\AVSMedia
2008-06-05 09:41 --------- d-----w C:\Program Files\AVS4YOU
2008-06-05 09:20 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\AVS4YOU
2008-06-05 08:33 128,512 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
2008-06-05 08:33 1,423,872 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
2008-06-04 05:02 148,992 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-06-04 05:02 1,381,376 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2008-06-03 05:19 --------- d-----w C:\Program Files\splus
2008-06-02 07:25 --------- d-----w C:\Program Files\Club-Internet
2008-06-02 07:05 188,928 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-05-31 12:00 49,664 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-05-30 12:05 --------- d-----w C:\Program Files\a-squared Anti-Dialer
2008-05-26 05:31 --------- d-----w C:\Program Files\Netcraft Toolbar
2008-05-26 05:31 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-05-26 05:31 --------- d-----w C:\Program Files\Microsoft Office_97
2008-05-26 05:31 --------- d-----w C:\Documents and Settings\thuy\Application Data\ACAMPREF
2008-05-26 05:31 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\BOC425
2008-05-25 17:31 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-25 17:28 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2008-05-25 17:26 --------- d-----w C:\Program Files\Pinnacle
2008-05-25 17:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-25 07:58 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\UseNeXT
2008-05-21 15:22 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
2008-05-16 15:11 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\Toon Boom Animation
2008-05-16 15:05 --------- d-----w C:\Program Files\Toon Boom Animation
2008-05-12 08:25 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\LimeWire
2008-05-09 17:01 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-05-08 14:17 --------- d-----w C:\Program Files\Common Files
2008-05-08 14:09 --------- d-----w C:\Program Files\Fichiers communs\Motorola Shared
2008-05-07 16:31 --------- d-----w C:\Program Files\Fichiers communs\DAZ
2008-05-07 07:28 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\TaoUSign
2008-04-21 16:57 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\PCF-VLC
2008-04-21 07:42 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\Participatory Culture Foundation
2008-04-19 07:34 --------- d-----w C:\Program Files\iTunes
2008-04-19 07:32 --------- d-----w C:\Program Files\QuickTime
2008-04-19 07:31 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-04-19 07:24 --------- d-----w C:\Program Files\Apple Software Update
2008-04-19 07:24 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-04-18 16:58 --------- d-----w C:\Program Files\Orange
2008-04-10 03:20 --------- d-----w C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Application Data\Corel
2008-04-08 07:11 3,532 ----a-w C:\drmHeader.bin
2008-04-04 12:51 28,416 ----a-w C:\WINDOWS\system32\uxtuneup.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-22 23:03 3,120 ----a-w C:\WINDOWS\system32\6ffdbcaf-f6c1-42d3-a4a9-c7957224a70b.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 16:15 3,120 ----a-w C:\WINDOWS\system32\0810be8f-b2fd-4cfc-bbc2-e45e10a7568b.dll
2008-03-12 17:36 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-11-29 08:29 47,360 ----a-w C:\Documents and Settings\thuy\Application Data\pcouffin.sys
2006-05-24 15:38 233,472 ----a-w C:\Program Files\mozilla firefox\plugins\CrazyTalk4Native.dll
2006-05-18 16:00 204,895 ----a-w C:\Program Files\mozilla firefox\plugins\ctdomemhelper.dll
2005-09-29 13:41 77,824 ----a-w C:\Program Files\mozilla firefox\plugins\ctframeplayerobject.dll
2006-05-18 15:59 426,081 ----a-w C:\Program Files\mozilla firefox\plugins\ctplayerobject.dll
2005-02-02 11:19 458,752 ----a-w C:\Program Files\mozilla firefox\plugins\imagickrt.dll
2006-04-10 17:35 139,264 ----a-w C:\Program Files\mozilla firefox\plugins\rlcontentclass.dll
2005-11-09 10:10 204,800 ----a-w C:\Program Files\mozilla firefox\plugins\RLMusicPacker.dll
2005-11-09 10:42 106,496 ----a-w C:\Program Files\mozilla firefox\plugins\RLMusicUnpacker.dll
2006-01-04 10:22 212,992 ----a-w C:\Program Files\mozilla firefox\plugins\RLVoicePacker.dll
2006-01-04 10:21 167,936 ----a-w C:\Program Files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2007-11-28 15:33 251,392 ----a-w C:\Program Files\opera\program\plugins\dapop.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
2008-03-22 10:06 1470488 --a------ C:\Program Files\speed-bit\tbspe1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"= "C:\Program Files\speed-bit\tbspe1.dll" [2008-03-22 10:06 1470488]
[HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"= C:\Program Files\speed-bit\tbspe1.dll [2008-03-22 10:06 1470488]
[HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"link noun"="C:\DOCUME~1\THUY~1.THU\APPLIC~1\OBJPOK~1\BINDBEEPBASE.exe" [2008-06-05 10:00 451584]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-09 08:09 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"Club-Internet_McciTrayApp"="C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe" [2005-11-15 18:46 543232]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-02-23 20:06 185896]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
CamTrack.lnk - C:\Program Files\CamTrack\camtrack.exe [2008-01-17 09:49:07 407408]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\vio\dvacm.acm
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^DVD Check.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\DVD Check.lnk
backup=C:\WINDOWS\pss\DVD Check.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
backup=C:\WINDOWS\pss\LE COMPAGNON CLUB.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Thuy.THUY-563A2A7CAF^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Thuy.THUY-563A2A7CAF^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
path=C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
backup=C:\WINDOWS\pss\Club Internet.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Thuy.THUY-563A2A7CAF^Menu Démarrer^Programmes^Démarrage^IMVU.lnk]
path=C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Menu Démarrer\Programmes\Démarrage\IMVU.lnk
backup=C:\WINDOWS\pss\IMVU.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Thuy.THUY-563A2A7CAF^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared]
C:\Program Files\a-squared Anti-Malware\a2guard.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
--a------ 2008-03-07 15:26 1694656 C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2005-03-22 22:05 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-06-27 20:03 152872 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitDownload]
--a------ 2007-04-04 15:18 1103360 C:\Program Files\BitDownload\BitDownload.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BOC-425]
--a------ 2007-11-26 11:38 342272 C:\PROGRA~1\Comodo\CBOClean\BOC425.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Firewall Pro]
C:\Program Files\Comodo\Firewall\cfp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]
--a------ 2005-02-17 15:01 233534 C:\Program Files\HPQ\Default Settings\cpqset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-05 14:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
--a------ 2008-02-23 23:56 3057152 C:\Program Files\DAP\DAP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
--a------ 2004-12-03 14:24 290816 C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eCarteBleue-CLEO]
--a------ 2006-02-07 11:07 200704 C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-02-17 00:11 49152 C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-05 14:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\link noun]
--a------ 2008-06-05 10:00 451584 C:\DOCUME~1\THUY~1.THU\APPLIC~1\OBJPOK~1\BINDBEEPBASE.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 16:57 153136 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Option Bib Logo Log]
--a------ 2008-06-10 22:18 3474944 C:\Documents and Settings\All Users.WINDOWS\Application Data\LICENSE ADMIN OPTION BIB\Test copy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-05 14:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-05 14:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
--a------ 2004-03-11 01:26 406016 C:\WINDOWS\system32\\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 12:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StandardInstall]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-06-14 19:32 132760 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-04-09 08:09 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2005-02-02 14:11 692316 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2005-02-02 14:12 102492 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-02-23 20:06 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
--a------ 2007-04-12 14:23 341488 C:\Program Files\Ulead Systems\Ulead VideoStudio 11bis\uvPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VEngine]
--a------ 2008-02-24 00:02 315136 C:\Program Files\Comodo\VEngine\VEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-03-24 20:03 3587120 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WatchDog]
--a------ 2005-03-09 15:54 184320 C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client]
--a------ 2007-06-21 21:54 919016 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"eCarteBleue-CLEO"="C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
"BOC-425"=C:\PROGRA~1\Comodo\CBOClean\BOC425.EXE
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
"Club-Internet_McciTrayApp"=C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\DAP\\DAP.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"C:\\Program Files\\BitDownload\\BitDownload.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 a2AntiDialer;a-squared Anti-Dialer Service;"C:\Program Files\a-squared Anti-Dialer\a2service.exe" [2008-05-30 14:04]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-05 14:00]
R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-03-22 16:39]
S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-10-10 16:41]
S3 phil2vid;Appareil photo VGA USB Philips PCVC690;C:\WINDOWS\system32\DRIVERS\philcam2.sys [2001-08-17 23:04]
S3 PhSerUsb;PHILOG USB Serial Driver;C:\WINDOWS\system32\DRIVERS\PhSerUsb.sys [2006-06-29 17:20]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-05-21 17:22]
S3 USB28xxBGA;PCTV Hybrid Pro* Stick;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-02-08 14:12]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-02-08 14:12]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-24 21:23:09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-10 21:00:02 C:\WINDOWS\Tasks\BE46B7EA91E92ACE.job"
- c:\docume~1\thuy~1.thu\applic~1\objpok~1\Kind Iso Web.exe
"2008-06-10 21:00:01 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-10 23:08:41
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-06-10 23:12:41
ComboFix-quarantined-files.txt 2008-06-10 21:12:23
Pre-Run: 18,656,944,128 octets libres
Post-Run: 18,643,619,840 octets libres
350 --- E O F --- 2008-06-03 07:24:15
Malwarebytes' Anti-Malware 1.17
Version de la base de données: 846
22:57:57 10/06/2008
mbam-log-6-10-2008 (22-57-57).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 76351
Temps écoulé: 17 minute(s), 32 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\setup.player (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:02, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Bureau\ANTIPUB\ToolsCleaner2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Bureau\ANTIPUB\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O2 - BHO: ECarteBleueBrowserHelper Class - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Comodo VerificationEngine - {A968A4B4-C492-4834-B651-17602C3885C8} - C:\Program Files\Comodo\VEngine\ESigil.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [link noun] C:\DOCUME~1\THUY~1.THU\APPLIC~1\OBJPOK~1\BINDBEEPBASE.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\CamTrack\camtrack.exe (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtac(...)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 11353 bytes
|
|
Bouläy hunter
|
|
|
OK il n'y a ni Magic.Control ni Vundo sur ta machine, c'est déjà une bonne nouvelle
Par contre il va falloir se débarasser de LOP/Swizzor :
Coche et fixe :
R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
Ensuite va dans panneau de configuration puis ajout/suppression des programmes et désinstalle si présents :
Messenger Plus (juste le sponsor)
BitDownload
BitRoll
NetPumper
Speed-bit (je me méfie des downloads accelerators dans le cas présent)
Ensuite suis le tuto Lop S&D qui se trouve ici et poste le rapport d'analyse et de désinfection : http://forum.telecharger.01net.com/microhebdo/6/tuto-securite/lopsd-eliminez-(...)
A+
|
|
|
|
|
med365 a écrit :
OK il n'y a ni Magic.Control ni Vundo sur ta machine, c'est déjà une bonne nouvelle
Par contre il va falloir se débarasser de LOP/Swizzor :
Coche et fixe :
Ensuite va dans panneau de configuration puis ajout/suppression des programmes et désinstalle si présents :
Messenger Plus (juste le sponsor)
BitDownload
BitRoll
NetPumper
Speed-bit (je me méfie des downloads accelerators dans le cas présent)
Ensuite suis le tuto Lop S&D qui se trouve ici et poste le rapport d'analyse et de désinfection : http://forum.telecharger.01net.com/microhebdo/6/tuto-securite/lopsd-eliminez-(...)
A+
Voilà 2 jours que je suis tranqille sans être dérangé par les pubs.
Merci beaucoup des conseils.
Pourvu que ça dure
|
|
|
|
|
med365 a écrit :
OK il n'y a ni Magic.Control ni Vundo sur ta machine, c'est déjà une bonne nouvelle
Par contre il va falloir se débarasser de LOP/Swizzor :
Coche et fixe :
Ensuite va dans panneau de configuration puis ajout/suppression des programmes et désinstalle si présents :
Messenger Plus (juste le sponsor)
BitDownload
BitRoll
NetPumper
Speed-bit (je me méfie des downloads accelerators dans le cas présent)
Ensuite suis le tuto Lop S&D qui se trouve ici et poste le rapport d'analyse et de désinfection : http://forum.telecharger.01net.com/microhebdo/6/tuto-securite/lopsd-eliminez-(...)
A+
Merci de tes conseils. Voilà plusieurs jours que je ne suis plus embêté par des pubs .
Pourquoi les pages pub arrivent toujours via Internet explorer et jamais par Firefox?
Par contre maintenant je n'arrive plus à naviguer avec Internet Explorer car il y a toulours le message " IE rencontre un problème et doit se fermer "
si tu as une idée d'où ça vient ?
Merci encore une fois de ton aide
A+
|
|
Bouläy hunter
|
|
|
Salut
J'aimerai le log de Lop S&D stp.
Pour internet explorer fait donc une réinitialisation de ce dernier et ensuite poste un nouveau log HijackThis.
A+
|
|
|
|
|
med365 a écrit :
Salut
J'aimerai le log de Lop S&D stp.
Pour internet explorer fait donc une réinitialisation de ce dernier et ensuite poste un nouveau log HijackThis.
A+
Salut
voici les documents de Log S&D et de Hijackthis
log de Log S&D
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Thuy ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 22/06/2008 | 8:49:23,50 ] [ PC : THUY-563A2A7CAF ]
[ MAJ : 07-06-2008 | 22:15 ]
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[28/11/2007|16:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[28/11/2007|15:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[05/12/2007|11:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[07/01/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ableton
[02/12/2007|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/12/2007|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[11/12/2007|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/02/2008|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/11/2007|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[23/02/2008|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[08/02/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[02/12/2007|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmbeddedThalliumBackup
[28/11/2007|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[02/12/2007|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[28/11/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[28/11/2007|17:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
[22/12/2007|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[29/11/2007|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[29/11/2007|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[17/12/2007|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[28/11/2007|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[04/01/2008|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[28/11/2007|17:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[28/11/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[29/11/2007|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[12/12/2007|00:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[12/12/2007|00:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[22/02/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\909 QTSBandwidthCache
[28/11/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[29/11/2007|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[28/11/2007|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[29/11/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[21/02/2008|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[18/01/2008|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Syncrosoft
[17/02/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith
[22/02/2008|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[29/11/2007|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[29/11/2007|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[04/12/2007|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/01/2008|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/03/2008|23:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[05/03/2008|08:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
[19/04/2008|09:24] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[19/04/2008|09:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[12/06/2008|08:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[28/02/2008|15:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[26/05/2008|07:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BOC425
[05/03/2008|17:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\CanonBJ
[25/02/2008|16:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\comodo
[08/04/2008|13:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Corel
[23/02/2008|15:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[24/05/2008|00:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Digital Anarchy
[23/02/2008|20:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Downloaded Installations
[13/06/2008|11:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DVD Shrink
[25/02/2008|23:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\FLEXnet
[21/06/2008|13:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\FreeDownloadManager.ORG
[25/02/2008|07:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[06/03/2008|17:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\InterVideo
[25/02/2008|07:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Macromedia
[31/05/2008|13:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MailFrontier
[10/06/2008|22:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes
[30/03/2008|11:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[09/05/2008|19:01] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[23/02/2008|17:59] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Motive
[23/02/2008|18:01] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MotiveSysIDs
[29/02/2008|11:21] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\NCH Software
[23/02/2008|19:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero
[14/06/2008|16:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pI3demoLicense
[09/03/2008|10:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Pinnacle
[09/03/2008|10:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Pinnacle Studio
[14/06/2008|16:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pISE_lic_file
[23/02/2008|18:13] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SlySoft
[05/06/2008|23:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[08/06/2008|10:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TechSmith
[16/06/2008|11:01] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[21/05/2008|17:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
[06/03/2008|06:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[23/02/2008|19:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[10/06/2008|01:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion
[23/02/2008|11:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[28/11/2007|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[23/02/2008|15:33] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini
[23/02/2008|15:17] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[28/11/2007|15:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[09/03/2008|11:45] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[03/12/2007|13:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/03/2008|11:36] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[29/11/2007|17:48] C:\DOCUME~1\thuy\APPLIC~1\.zreglib
[07/01/2008|19:54] C:\DOCUME~1\thuy\APPLIC~1\Ableton
[26/05/2008|07:31] C:\DOCUME~1\thuy\APPLIC~1\ACAMPREF
[22/02/2008|09:41] C:\DOCUME~1\thuy\APPLIC~1\Adobe
[12/12/2007|11:47] C:\DOCUME~1\thuy\APPLIC~1\Ahead
[05/02/2008|06:41] C:\DOCUME~1\thuy\APPLIC~1\Anthropics
[22/01/2008|19:21] C:\DOCUME~1\thuy\APPLIC~1\Apple Computer
[16/01/2008|17:56] C:\DOCUME~1\thuy\APPLIC~1\Applied Acoustics Systems
[03/01/2008|12:46] C:\DOCUME~1\thuy\APPLIC~1\Audacity
[17/01/2008|10:42] C:\DOCUME~1\thuy\APPLIC~1\CamTrack
[27/12/2007|09:19] C:\DOCUME~1\thuy\APPLIC~1\CD-LabelPrint
[29/11/2007|19:38] C:\DOCUME~1\thuy\APPLIC~1\Comodo
[28/11/2007|16:05] C:\DOCUME~1\thuy\APPLIC~1\desktop.ini
[29/11/2007|19:20] C:\DOCUME~1\thuy\APPLIC~1\DivX
[22/02/2008|12:26] C:\DOCUME~1\thuy\APPLIC~1\Free Download Manager
[28/11/2007|20:59] C:\DOCUME~1\thuy\APPLIC~1\GlobalSCAPE
[04/12/2007|18:12] C:\DOCUME~1\thuy\APPLIC~1\Google
[29/11/2007|10:53] C:\DOCUME~1\thuy\APPLIC~1\Help
[28/11/2007|15:54] C:\DOCUME~1\thuy\APPLIC~1\Identities
[29/11/2007|19:29] C:\DOCUME~1\thuy\APPLIC~1\Imagenomic
[05/12/2007|19:23] C:\DOCUME~1\thuy\APPLIC~1\InstallShield
[12/12/2007|00:17] C:\DOCUME~1\thuy\APPLIC~1\InterVideo
[11/01/2008|09:04] C:\DOCUME~1\thuy\APPLIC~1\LimeWire
[29/01/2008|00:56] C:\DOCUME~1\thuy\APPLIC~1\Macromedia
[21/02/2008|19:24] C:\DOCUME~1\thuy\APPLIC~1\Mail Box Dispatcher 2
[11/01/2008|08:59] C:\DOCUME~1\thuy\APPLIC~1\MailWasherPro
[24/01/2008|13:56] C:\DOCUME~1\thuy\APPLIC~1\Media Player Classic
[04/01/2008|19:46] C:\DOCUME~1\thuy\APPLIC~1\Microsoft
[29/11/2007|11:19] C:\DOCUME~1\thuy\APPLIC~1\Microsoft Web Folders
[06/12/2007|14:46] C:\DOCUME~1\thuy\APPLIC~1\MoyeaFLV2Video
[18/02/2008|19:52] C:\DOCUME~1\thuy\APPLIC~1\Mozilla
[30/11/2007|17:50] C:\DOCUME~1\thuy\APPLIC~1\Opera
[22/02/2008|07:58] C:\DOCUME~1\thuy\APPLIC~1\Orbit
[06/01/2008|15:05] C:\DOCUME~1\thuy\APPLIC~1\Participatory Culture Foundation
[07/01/2008|01:08] C:\DOCUME~1\thuy\APPLIC~1\PCF-VLC
[29/11/2007|10:29] C:\DOCUME~1\thuy\APPLIC~1\887 pcouffin.cat
[29/11/2007|10:29] C:\DOCUME~1\thuy\APPLIC~1\144 pcouffin.inf
[29/11/2007|10:29] C:\DOCUME~1\thuy\APPLIC~1\pcouffin.log
[29/11/2007|10:29] C:\DOCUME~1\thuy\APPLIC~1\360 pcouffin.sys
[12/12/2007|11:31] C:\DOCUME~1\thuy\APPLIC~1\Real
[12/12/2007|14:41] C:\DOCUME~1\thuy\APPLIC~1\Reallusion
[23/12/2007|10:27] C:\DOCUME~1\thuy\APPLIC~1\Skype
[29/11/2007|14:22] C:\DOCUME~1\thuy\APPLIC~1\SlySoft
[07/01/2008|19:47] C:\DOCUME~1\thuy\APPLIC~1\Steinberg
[09/12/2007|19:43] C:\DOCUME~1\thuy\APPLIC~1\Sun
[09/02/2008|11:28] C:\DOCUME~1\thuy\APPLIC~1\TechSmith
[07/01/2008|01:33] C:\DOCUME~1\thuy\APPLIC~1\Thunderbird
[06/12/2007|00:24] C:\DOCUME~1\thuy\APPLIC~1\TuneUp Software
[18/12/2007|09:29] C:\DOCUME~1\thuy\APPLIC~1\Ulead Systems
[19/02/2008|23:55] C:\DOCUME~1\thuy\APPLIC~1\UseNeXT
[06/12/2007|01:29] C:\DOCUME~1\thuy\APPLIC~1\vlc
[22/02/2008|20:11] C:\DOCUME~1\thuy\APPLIC~1\Vso
[17/01/2008|00:02] C:\DOCUME~1\thuy\APPLIC~1\Waves Audio
[25/02/2008|16:07] C:\DOCUME~1\THUY~1.THU\APPLIC~1\ACAMPREF
[20/03/2008|15:55] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Adobe
[06/04/2008|09:46] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Ahead
[23/02/2008|19:44] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Anthropics
[14/06/2008|00:51] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Apple Computer
[10/05/2008|18:11] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Astro Gemini Software
[05/06/2008|11:20] C:\DOCUME~1\THUY~1.THU\APPLIC~1\AVS4YOU
[11/03/2008|15:29] C:\DOCUME~1\THUY~1.THU\APPLIC~1\blaxxun interactive
[25/02/2008|22:32] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Comodo
[10/04/2008|05:20] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Corel
[23/02/2008|15:33] C:\DOCUME~1\THUY~1.THU\APPLIC~1\desktop.ini
[31/03/2008|12:23] C:\DOCUME~1\THUY~1.THU\APPLIC~1\DivX
[23/03/2008|01:03] C:\DOCUME~1\THUY~1.THU\APPLIC~1\e frontier
[22/06/2008|08:48] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Free Download Manager
[26/02/2008|14:25] C:\DOCUME~1\THUY~1.THU\APPLIC~1\GlobalSCAPE
[25/02/2008|09:19] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Google
[16/06/2008|11:03] C:\DOCUME~1\THUY~1.THU\APPLIC~1\GrabPro
[19/03/2008|18:48] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Help
[23/02/2008|15:25] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Identities
[27/05/2008|12:04] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Imagenomic
[22/03/2008|13:59] C:\DOCUME~1\THUY~1.THU\APPLIC~1\IMVU
[24/03/2008|16:06] C:\DOCUME~1\THUY~1.THU\APPLIC~1\InstallShield Installation Information
[23/02/2008|19:41] C:\DOCUME~1\THUY~1.THU\APPLIC~1\InterVideo
[10/03/2008|08:49] C:\DOCUME~1\THUY~1.THU\APPLIC~1\ivivo
[01/06/2008|08:56] C:\DOCUME~1\THUY~1.THU\APPLIC~1\JAM Software
[19/03/2008|10:21] C:\DOCUME~1\THUY~1.THU\APPLIC~1\LEGO Company
[12/05/2008|10:25] C:\DOCUME~1\THUY~1.THU\APPLIC~1\LimeWire
[20/03/2008|01:07] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Lost Marble
[26/02/2008|14:33] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Macromedia
[20/06/2008|17:44] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Mail Box Dispatcher 2
[31/05/2008|13:51] C:\DOCUME~1\THUY~1.THU\APPLIC~1\MailFrontier
[10/06/2008|22:39] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Malwarebytes
[26/02/2008|14:54] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Media Player Classic
[22/04/2008|16:38] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Microsoft
[21/04/2008|09:42] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Mozilla
[09/06/2008|17:18] C:\DOCUME~1\THUY~1.THU\APPLIC~1\OpenOffice.org2
[14/06/2008|00:32] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Opera
[21/06/2008|13:57] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Orbit
[21/04/2008|09:42] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Participatory Culture Foundation
[21/04/2008|18:57] C:\DOCUME~1\THUY~1.THU\APPLIC~1\PCF-VLC
[31/03/2008|12:03] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Pegasys Inc
[09/03/2008|12:42] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Pinnacle Systems
[23/02/2008|20:09] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Real
[28/02/2008|19:55] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Reallusion
[05/03/2008|16:53] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Smart Panel
[29/02/2008|23:52] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Sun
[23/02/2008|18:27] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Talkback
[07/05/2008|09:28] C:\DOCUME~1\THUY~1.THU\APPLIC~1\TaoUSign
[23/05/2008|11:36] C:\DOCUME~1\THUY~1.THU\APPLIC~1\temp
[10/05/2008|18:12] C:\DOCUME~1\THUY~1.THU\APPLIC~1\TERMINAL Studio
[16/05/2008|17:11] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Toon Boom Animation
[23/02/2008|19:13] C:\DOCUME~1\THUY~1.THU\APPLIC~1\TuneUp Software
[06/03/2008|06:47] C:\DOCUME~1\THUY~1.THU\APPLIC~1\Ulead Systems
[25/05/2008|09:58] C:\DOCUME~1\THUY~1.THU\APPLIC~1\UseNeXT
[26/02/2008|11:22] C:\DOCUME~1\THUY~1.THU\APPLIC~1\vlc
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[24/05/2008 23:23][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[22/06/2008 08:49][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[22/06/2008 08:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[16/01/2008|17:56] C:\Program Files\AAS
[05/03/2008|16:22] C:\Program Files\ABBYY FineReader 5.0 Sprint
[25/02/2008|16:03] C:\Program Files\Abrosoft
[20/03/2008|23:17] C:\Program Files\Adobe
[16/01/2008|17:51] C:\Program Files\Algorithmix
[21/06/2008|09:41] C:\Program Files\Alien Skin
[28/11/2007|17:19] C:\Program Files\Alwil Software
[28/11/2007|15:59] C:\Program Files\AMD
[04/12/2007|09:57] C:\Program Files\aMSN
[11/03/2008|16:46] C:\Program Files\ANDROME NV
[16/01/2008|17:54] C:\Program Files\Antares
[16/01/2008|17:54] C:\Program Files\Antares Audio Technologies
[16/01/2008|17:53] C:\Program Files\Antares Auto-Tune DX
[19/04/2008|09:24] C:\Program Files\Apple Software Update
[16/01/2008|17:58] C:\Program Files\Arturia
[16/01/2008|19:08] C:\Program Files\ASIO4ALL v2
[30/05/2008|14:05] C:\Program Files\a-squared Anti-Dialer
[05/06/2008|11:46] C:\Program Files\a-squared Anti-Malware
[22/02/2008|11:31] C:\Program Files\a-squared Free
[02/12/2007|09:03] C:\Program Files\Astase
[10/05/2008|18:16] C:\Program Files\Astro Gemini Software
[28/11/2007|16:03] C:\Program Files\ATI Technologies
[08/04/2008|08:17] C:\Program Files\Audacity
[03/01/2008|12:45] C:\Program Files\Audacity 1.3 Beta (Unicode)
[11/06/2008|17:12] C:\Program Files\Avira GmbH
[05/06/2008|11:41] C:\Program Files\AVS4YOU
[11/03/2008|15:41] C:\Program Files\blaxxun Contact
[26/02/2008|12:55] C:\Program Files\BMExtreme
[14/06/2008|00:47] C:\Program Files\Bonjour
[16/03/2008|08:09] C:\Program Files\BroadJump
[17/02/2008|12:07] C:\Program Files\CamTrack
[11/01/2008|12:25] C:\Program Files\CANAL Numedia
[17/01/2008|00:22] C:\Program Files\CANAL+
[29/11/2007|14:52] C:\Program Files\Canon
[29/11/2007|14:36] C:\Program Files\CanonBJ
[12/03/2008|19:39] C:\Program Files\Casc'ADSL
[10/06/2008|00:56] C:\Program Files\CCleaner
[21/12/2007|10:36] C:\Program Files\ChouProd
[02/06/2008|09:25] C:\Program Files\Club-Internet
[08/05/2008|16:17] C:\Program Files\Common Files
[25/02/2008|22:32] C:\Program Files\Comodo
[28/11/2007|15:37] C:\Program Files\ComPlus Applications
[28/11/2007|16:02] C:\Program Files\CONEXANT
[08/04/2008|13:30] C:\Program Files\Corel
[11/03/2008|20:02] C:\Program Files\Cosmigo
[23/02/2008|17:33] C:\Program Files\CPQ
[20/03/2008|09:20] C:\Program Files\Curious Labs
[22/03/2008|11:02] C:\Program Files\DAZ
[08/12/2007|17:25] C:\Program Files\DECROCK
[16/01/2008|17:58] C:\Program Files\Digidesign
[28/02/2008|15:28] C:\Program Files\Digital Video Converter
[31/03/2008|12:23] C:\Program Files\DivX
[23/02/2008|18:31] C:\Program Files\DVD Shrink
[27/01/2008|09:39] C:\Program Files\DVDVideoSoft
[21/06/2008|11:57] C:\Program Files\e frontier
[06/12/2007|14:52] C:\Program Files\Easiestutils
[27/12/2007|09:37] C:\Program Files\Easy Music Composer Free
[29/11/2007|10:49] C:\Program Files\e-Carte Bleue
[16/01/2008|19:03] C:\Program Files\EDIROL
[29/11/2007|15:27] C:\Program Files\epson
[29/11/2007|10:48] C:\Program Files\EVEREST Home Edition
[08/04/2008|09:44] C:\Program Files\FaceGen Modeller 3.2 Free
[17/01/2008|08:47] C:\Program Files\FaceShop
[08/05/2008|16:09] C:\Program Files\Fichiers communs
[05/04/2008|19:14] C:\Program Files\Flash Slideshow Maker Professional
[29/11/2007|19:07] C:\Program Files\FLV Hosting
[08/04/2008|10:41] C:\Program Files\Free Audio Converter
[21/06/2008|13:56] C:\Program Files\Free Download Manager
[08/04/2008|07:37] C:\Program Files\Fujifilm
[23/03/2008|10:50] C:\Program Files\Futuroscope Experience ADF
[08/12/2007|13:28] C:\Program Files\GenoPro
[28/11/2007|20:58] C:\Program Files\GlobalSCAPE
[25/02/2008|09:06] C:\Program Files\Google
[08/04/2008|09:44] C:\Program Files\Harmony Assistant
[28/11/2007|16:11] C:\Program Files\Hewlett-Packard
[28/11/2007|16:11] C:\Program Files\Hp
[23/02/2008|17:32] C:\Program Files\HPQ
[06/06/2008|00:05] C:\Program Files\i-Covers
[29/11/2007|11:01] C:\Program Files\Imagenomic
[22/03/2008|10:02] C:\Program Files\IMVU
[21/06/2008|09:45] C:\Program Files\InstallShield Installation Information
[21/06/2008|14:39] C:\Program Files\Internet Explorer
[23/02/2008|15:35] C:\Program Files\InterVideo
[17/03/2008|10:57] C:\Program Files\intocartoonpro
[11/12/2007|10:47] C:\Program Files\iPod
[19/04/2008|09:34] C:\Program Files\iTunes
[10/03/2008|08:29] C:\Program Files\iViVo
[16/01/2008|23:47] C:\Program Files\iZotope
[17/03/2008|10:58] C:\Program Files\JAlbumWin
[01/06/2008|08:55] C:\Program Files\JAM Software
[08/03/2008|08:26] C:\Program Files\Java
[06/12/2007|20:28] C:\Program Files\Kate's Video Joiner
[24/01/2008|10:43] C:\Program Files\K-Lite Codec Pack
[16/01/2008|23:48] C:\Program Files\KORG
[19/03/2008|10:20] C:\Program Files\LEGO Company
[08/04/2008|09:44] C:\Program Files\LimeWire
[29/11/2007|10:59] C:\Program Files\Macromedia
[30/12/2007|11:54] C:\Program Files\MAGIX
[07/04/2008|16:55] C:\Program Files\Magix music
[23/02/2008|18:03] C:\Program Files\Mail Box Dispatcher 2
[10/06/2008|22:39] C:\Program Files\Malwarebytes' Anti-Malware
[07/01/2008|19:42] C:\Program Files\M-Audio MA_CMIDI
[21/06/2008|14:46] C:\Program Files\Messenger
[23/05/2008|14:23] C:\Program Files\Micro Application
[05/01/2008|17:57] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[06/03/2008|06:32] C:\Program Files\microsoft frontpage
[09/05/2008|19:16] C:\Program Files\Microsoft Office
[26/05/2008|07:31] C:\Program Files\Microsoft Office_97
[09/03/2008|11:32] C:\Program Files\Microsoft SQL Server
[29/11/2007|11:23] C:\Program Files\Microsoft Visual Studio
[21/06/2008|14:39] C:\Program Files\Movie Maker
[21/06/2008|16:18] C:\Program Files\Mozilla Firefox
[18/02/2008|20:10] C:\Program Files\Mozilla Firefox 3 Beta 1
[18/02/2008|20:10] C:\Program Files\Mozilla Firefox 3 Beta 3
[26/05/2008|07:31] C:\Program Files\Mozilla Thunderbird
[21/06/2008|16:18] C:\Program Files\Mp3 My Mp3 2.0
[08/04/2008|13:43] C:\Program Files\MSECache
[28/11/2007|15:35] C:\Program Files\MSN
[28/11/2007|15:36] C:\Program Files\MSN Gaming Zone
[03/12/2007|13:40] C:\Program Files\MSXML 4.0
[05/12/2007|09:09] C:\Program Files\MSXML 6.0
[16/01/2008|23:55] C:\Program Files\Muon Software Ltd
[16/01/2008|23:56] C:\Program Files\Native Instruments
[29/02/2008|11:20] C:\Program Files\NCH Software
[29/11/2007|19:06] C:\Program Files\Nero
[26/05/2008|07:31] C:\Program Files\Netcraft Toolbar
[21/06/2008|14:39] C:\Program Files\NetMeeting
[29/11/2007|15:32] C:\Program Files\NewSoft
[28/11/2007|15:36] C:\Program Files\Online Services
[21/06/2008|09:45] C:\Program Files\onOne Software
[08/03/2008|08:26] C:\Program Files\OpenOffice.org 2.3
[14/06/2008|00:57] C:\Program Files\Opera
[18/04/2008|18:58] C:\Program Files\Orange
[21/06/2008|14:39] C:\Program Files\Outlook Express
[17/03/2008|11:00] C:\Program Files\Pantomat
[21/03/2008|08:59] C:\Program Files\Papagayo
[06/01/2008|15:03] C:\Program Files\Participatory Culture Foundation
[14/06/2008|16:31] C:\Program Files\particleIllusion 3.0 demo
[14/06/2008|16:26] C:\Program Files\particleIllusion SE
[24/01/2008|10:21] C:\Program Files\Photosynth
[25/05/2008|19:26] C:\Program Files\Pinnacle
[02/04/2008|13:28] C:\Program Files\Portrait Professional Max 6
[20/03/2008|17:11] C:\Program Files\QuickMediaConverter
[15/06/2008|11:34] C:\Program Files\QuickTime
[23/05/2008|11:34] C:\Program Files\Quidam2 Demo
[08/12/2007|19:24] C:\Program Files\Real
[05/02/2008|12:09] C:\Program Files\Reallusion
[30/11/2007|18:38] C:\Program Files\Riva
[14/01/2008|23:01] C:\Program Files\RocketNetwork
[14/06/2008|00:48] C:\Program Files\Safari
[26/02/2008|23:42] C:\Program Files\Serif
[28/11/2007|15:39] C:\Program Files\Services en ligne
[29/11/2007|19:40] C:\Program Files\Skype
[30/11/2007|11:50] C:\Program Files\SlySoft
[05/03/2008|16:22] C:\Program Files\Smart Panel
[29/11/2007|17:09] C:\Program Files\SmartSound Software
[12/06/2008|07:35] C:\Program Files\speed-bit
[03/06/2008|07:19] C:\Program Files\splus
[05/06/2008|23:44] C:\Program Files\Spybot - Search & Destroy
[18/01/2008|19:09] C:\Program Files\Steinberg
[24/01/2008|09:00] C:\Program Files\STOIK
[24/05/2008|10:31] C:\Program Files\Sudoku
[01/03/2008|00:55] C:\Program Files\SWiSH Max2
[28/11/2007|16:14] C:\Program Files\Synaptics
[18/01/2008|10:52] C:\Program Files\Syncrosoft
[08/01/2008|07:02] C:\Program Files\Tamar Solutions
[17/02/2008|12:09] C:\Program Files\TechSmith
[12/06/2008|18:26] C:\Program Files\Toon Boom Animation
[15/12/2007|21:20] C:\Program Files\TubeMaster
[25/05/2008|19:28] C:\Program Files\TuneUp Utilities 2007
[21/05/2008|17:22] C:\Program Files\TuneUp Utilities 2008
[06/03/2008|05:27] C:\Program Files\TZ Connection Booster
[06/03/2008|06:43] C:\Program Files\Ulead Systems
[28/11/2007|15:54] C:\Program Files\Uninstall Information
[16/03/2008|09:36] C:\Program Files\UseNeXT
[18/03/2008|19:00] C:\Program Files\videogogh
[06/12/2007|01:25] C:\Program Files\VideoLAN
[09/12/2007|11:04] C:\Program Files\VirtualDub-1.7.6
[26/02/2008|23:51] C:\Program Files\Visage Technologies
[29/11/2007|10:29] C:\Program Files\VSO
[17/01/2008|00:04] C:\Program Files\Waves
[30/11/2007|18:47] C:\Program Files\Webthumb
[23/12/2007|11:43] C:\Program Files\Western Digital Technologies
[16/01/2008|17:52] C:\Program Files\WIBUKEY
[16/01/2008|17:51] C:\Program Files\WIBU-SYSTEMS
[04/01/2008|19:45] C:\Program Files\Windows Live
[29/11/2007|11:09] C:\Program Files\Windows Media Components
[05/12/2007|11:18] C:\Program Files\Windows Media Connect 2
[21/06/2008|14:39] C:\Program Files\Windows Media Player
[21/06/2008|14:39] C:\Program Files\Windows NT
[28/11/2007|15:39] C:\Program Files\WindowsUpdate
[26/05/2008|07:31] C:\Program Files\WinRAR
[25/05/2008|10:15] C:\Program Files\Wise Disk Cleaner
[28/11/2007|15:41] C:\Program Files\xerox
[10/06/2008|00:56] C:\Program Files\Yahoo!
[18/03/2008|10:07] C:\Program Files\ZNsoft Corporation
[28/11/2007|17:19] C:\Program Files\Zone Labs
[30/11/2007|18:39] C:\Program Files\ZZZ Technologies
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[02/12/2007|16:13] C:\Program Files\Fichiers communs\Adobe
[29/11/2007|10:41] C:\Program Files\Fichiers communs\Adobe Systems Shared
[29/11/2007|19:08] C:\Program Files\Fichiers communs\Ahead
[11/12/2007|10:43] C:\Program Files\Fichiers communs\Apple
[05/06/2008|11:42] C:\Program Files\Fichiers communs\AVSMedia
[07/05/2008|18:31] C:\Program Files\Fichiers communs\DAZ
[29/11/2007|11:23] C:\Program Files\Fichiers communs\Designer
[17/01/2008|00:01] C:\Program Files\Fichiers communs\Digidesign
[08/04/2008|10:42] C:\Program Files\Fichiers communs\DVDVideoSoft
[28/11/2007|16:25] C:\Program Files\Fichiers communs\InstallShield
[29/11/2007|11:10] C:\Program Files\Fichiers communs\InterVideo
[16/01/2008|23:46] C:\Program Files\Fichiers communs\iZotope
[28/11/2007|16:25] C:\Program Files\Fichiers communs\Java
[06/03/2008|06:14] C:\Program Files\Fichiers communs\LightScribe
[29/11/2007|10:54] C:\Program Files\Fichiers communs\Macromedia
[28/11/2007|17:46] C:\Program Files\Fichiers communs\Macrovision Shared
[17/12/2007|11:42] C:\Program Files\Fichiers communs\MAGIX Shared
[09/05/2008|19:20] C:\Program Files\Fichiers communs\Microsoft Shared
[28/11/2007|17:07] C:\Program Files\Fichiers communs\Motive
[08/05/2008|16:09] C:\Program Files\Fichiers communs\Motorola Shared
[28/11/2007|15:38] C:\Program Files\Fichiers communs\MSSoap
[17/01/2008|14:39] C:\Program Files\Fichiers communs\Native Instruments
[28/11/2007|16:07] C:\Program Files\Fichiers communs\ODBC
[16/02/2008|19:02] C:\Program Files\Fichiers communs\Real
[12/12/2007|13:44] C:\Program Files\Fichiers communs\Reallusion
[28/11/2007|15:38] C:\Program Files\Fichiers communs\Services
[29/11/2007|19:40] C:\Program Files\Fichiers communs\Skype
[28/11/2007|16:22] C:\Program Files\Fichiers communs\Sonic Shared
[28/11/2007|16:07] C:\Program Files\Fichiers communs\SpeechEngines
[28/11/2007|16:23] C:\Program Files\Fichiers communs\SureThing Shared
[30/11/2007|18:39] C:\Program Files\Fichiers communs\SWF Studio
[21/06/2008|14:39] C:\Program Files\Fichiers communs\System
[17/02/2008|12:10] C:\Program Files\Fichiers communs\TechSmith Shared
[28/11/2007|16:23] C:\Program Files\Fichiers communs\TiVo Shared
[29/11/2007|11:09] C:\Program Files\Fichiers communs\Ulead Systems
[04/01/2008|19:44] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[25/05/2008|19:31] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16/02/2008|19:02] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 41
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-22 08:52:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Bureau\Particle Illusion 3\WONDERTOUCH_PARTICLEILLUSION_V3.02_REPACK-XFORCE\WONDERTOUCH_PARTICLEILLUSION_V3.02_REPACK-XFORCE\Crack
=> C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Bureau\Particle Illusion 3\WONDERTOUCH_PARTICLEILLUSION_V3.02_REPACK-XFORCE\WONDERTOUCH_PARTICLEILLUSION_V3.02_REPACK-XFORCE\Crack\install.txt
=> C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Bureau\Particle Illusion 3\WONDERTOUCH_PARTICLEILLUSION_V3.02_REPACK-XFORCE\WONDERTOUCH_PARTICLEILLUSION_V3.02_REPACK-XFORCE\Crack\particleIllusion.exe
=> C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Bureau\Particle Illusion 3\WONDERTOUCH_PARTICLEILLUSION_V3.02_REPACK-XFORCE\WONDERTOUCH_PARTICLEILLUSION_V3.02_REPACK-XFORCE\Crack\pillusionrender.exe
[F:31][D:102]-> C:\DOCUME~1\THUY~1.THU\LOCALS~1\Temp
[F:25][D:0]-> C:\DOCUME~1\THUY~1.THU\Cookies
[F:1993][D:4]-> C:\DOCUME~1\THUY~1.THU\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 8:54:01,93 ]----------------------
voici le log de Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:56, on 22/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Thuy.THUY-563A2A7CAF\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://boursorama.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Comodo VerificationEngine - {A968A4B4-C492-4834-B651-17602C3885C8} - C:\Program Files\Comodo\VEngine\ESigil.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\CamTrack\camtrack.exe (User 'Default | | |
![[:Ordinateur-Individuel:1]](/data/globaldata/usmilies/ordinateurindividuel-1.gif "[:Ordinateur-Individuel:1]")
![[:Ordinateur-Individuel:2]](/data/globaldata/usmilies/ordinateurindividuel-2.gif "[:Ordinateur-Individuel:2]")
![[:Ordinateur-Individuel:3]](/data/globaldata/usmilies/ordinateurindividuel-3.gif "[:Ordinateur-Individuel:3]")
![[: Ordinateur-Individuel:4]](/data/globaldata/usmilies/ordinateurindividuel-4.gif "[: Ordinateur-Individuel:4]")