|
|
Auteur
|
Message
|
1
|
|
|
|
  j ai un gros probleme de pub CID qui ne font qu apparaitre quand je me connecte a internet pouvez vous m aider svp
|
|
helper
|
|
|
|
|
Logfile of HijackThis v1.99.1
Scan saved at 16:35:40, on 04/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\eHome\ehmsas.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c(...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ALCMTR] ALCMTR.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [close surf mail dupe] C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Hide htm.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Mixlogo] C:\DOCUME~1\HP_ADM~1\APPLIC~1\STOREH~1\pure fast enc.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuw(...)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=19588
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.(...)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: SPBBCSvc - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
|
|
|
|
|
MERCI  D AVANCE
|
|
helper
|
|
|
 désactives tes protections (antivirus ,antispy et désactives le tea timer de spybot si présent) et fais ceci à la lettre
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm
-> mets le rapport généré de l'option 1.merci bon courage.
|
|
|
|
|
-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP_Administrateur ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 04/06/2008 | 16:54:44,45 ] [ PC : NOM-FB9B15D2723 ]
[ MAJ : 01-06-2008 | 15:51 ]
-------------[ Listing des dossiers dans Application Data ]------------
[10/10/2005|15:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[15/11/2005|04:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[12/09/2006|06:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[12/09/2006|05:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[28/03/2007|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[01/04/2007|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[10/10/2005|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[07/12/2007|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[12/09/2006|06:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[22/01/2007|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[27/02/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[12/09/2006|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[21/02/2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[19/11/2007|07:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[07/02/2007|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[17/01/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[16/12/2007|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[03/09/2007|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/10/2007|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[04/03/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[04/03/2007|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
[21/07/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[30/04/2008|10:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[12/09/2006|05:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[08/06/2007|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[12/09/2006|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[09/04/2008|06:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/05/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[03/04/2007|07:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[27/05/2008|04:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
[30/05/2008|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[20/12/2007|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[18/06/2007|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[13/04/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007
[24/03/2007|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[30/05/2007|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[10/10/2005|15:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[15/11/2005|04:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/09/2006|06:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/09/2006|05:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[20/05/2008|18:46] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe
[08/04/2007|11:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM
[22/08/2007|20:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ahead
[26/04/2007|09:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Alp-Software
[02/09/2007|19:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Anuman Interactive
[18/03/2007|17:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ArcSoft
[26/08/2007|11:57] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ConvertTemp
[31/03/2007|17:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CyberLink
[10/10/2005|15:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\desktop.ini
[12/01/2008|15:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\filterclsid.dat
[03/04/2007|15:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\F-Secure
[05/04/2007|14:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
[25/03/2007|19:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google
[24/11/2007|13:16] C:\DOCUME~1\HP_ADM~1\APPLIC~1\gtk-2.0
[06/03/2007|11:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Help
[24/01/2007|07:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP
[08/03/2007|18:28] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ
[30/04/2008|10:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities
[25/04/2007|11:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Image Zone Express
[10/03/2008|17:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InterTrust
[03/04/2007|07:59] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ispnews
[23/01/2007|19:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech
[10/03/2008|15:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Likno
[25/02/2008|16:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\LimeWire
[05/03/2008|12:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia
[14/03/2007|10:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Micro Application
[04/07/2007|17:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft
[08/06/2007|17:37] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft Web Folders
[25/03/2007|19:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla
[28/04/2008|19:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\MSN6
[23/01/2008|11:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\muvee Technologies
[04/03/2007|13:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Otto
[03/04/2007|08:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PEX
[21/07/2007|19:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PlayFirst
[27/02/2008|10:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real
[18/08/2007|14:37] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung
[25/04/2007|15:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Screenshot Sender
[23/01/2007|19:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic
[09/04/2008|06:26] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SPAMfighter
[27/05/2008|04:34] C:\DOCUME~1\HP_ADM~1\APPLIC~1\StoreHope
[04/03/2007|09:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun
[31/01/2007|08:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Template
[24/06/2007|10:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TuneUp Software
[18/06/2007|18:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ulead Systems
[15/04/2007|07:15] C:\DOCUME~1\HP_ADM~1\APPLIC~1\vlc
[03/06/2008|19:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\wklnhst.dat
[30/04/2008|10:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Zylom
[07/03/2008|22:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[12/09/2006|05:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[07/03/2008|22:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\StoreHope
[12/09/2006|05:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[04/06/2008 16:00][--ah-----] C:\WINDOWS\tasks\B43C26B9906BD391.job
[01/06/2008 21:17][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[30/05/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[07/07/2007 13:54][--ah-----] C:\WINDOWS\tasks\DMATask 4 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[10/04/2008 08:49][--ah-----] C:\WINDOWS\tasks\DMATask 3 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[10/04/2008 08:49][--ah-----] C:\WINDOWS\tasks\DMATask 2 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[10/04/2008 08:49][--ah-----] C:\WINDOWS\tasks\DMATask 1 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[10/04/2008 08:49][--ah-----] C:\WINDOWS\tasks\DMATask 0 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[04/06/2008 08:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
B43C26B9906BD391.job <--> c:\docume~1\hp_adm~1\applic~1\storeh~1\parthtmhide.exe
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[10/03/2008|17:44] C:\Program Files\Adobe
[26/04/2007|09:04] C:\Program Files\Alp-Software
[22/03/2008|15:09] C:\Program Files\Alwil Software
[27/02/2008|10:55] C:\Program Files\Antipub
[10/04/2008|08:03] C:\Program Files\AntivirusFirewall
[15/05/2008|19:41] C:\Program Files\AP Tuner
[18/03/2007|17:16] C:\Program Files\ArcSoft
[10/04/2008|08:18] C:\Program Files\Axis Communications
[25/03/2007|21:00] C:\Program Files\CCleaner
[28/03/2007|08:34] C:\Program Files\Ciel
[27/02/2008|10:29] C:\Program Files\Common Files
[12/11/2005|02:09] C:\Program Files\ComPlus Applications
[09/04/2008|06:48] C:\Program Files\dbar
[02/09/2007|19:36] C:\Program Files\DesignSoft
[12/09/2006|05:47] C:\Program Files\DivX
[12/09/2006|06:01] C:\Program Files\EasyBits
[10/06/2007|07:40] C:\Program Files\eMule
[31/05/2008|10:51] C:\Program Files\Everest Poker
[23/02/2008|17:59] C:\Program Files\FBrowserAdvisor
[10/04/2008|08:58] C:\Program Files\Fichiers communs
[20/04/2007|14:08] C:\Program Files\FunWebProducts
[10/04/2008|08:57] C:\Program Files\GemMasterFrench
[07/12/2007|19:07] C:\Program Files\Google
[12/09/2006|06:01] C:\Program Files\Hewlett-Packard
[10/05/2007|05:37] C:\Program Files\Hotbar
[01/04/2007|11:04] C:\Program Files\HP
[01/09/2007|18:44] C:\Program Files\Incomplete
[29/04/2008|19:42] C:\Program Files\IncrediMail
[27/02/2008|21:49] C:\Program Files\InstallShield Installation Information
[13/06/2007|09:17] C:\Program Files\Internet Explorer
[03/04/2008|07:28] C:\Program Files\Java
[14/05/2008|14:32] C:\Program Files\Jld SoftWare
[23/02/2008|17:53] C:\Program Files\LimeWire
[10/11/2007|16:46] C:\Program Files\LiveCAD
[19/11/2007|07:09] C:\Program Files\Logitech
[21/12/2007|17:21] C:\Program Files\MailSkinner
[12/09/2006|05:21] C:\Program Files\Messenger
[01/04/2008|09:20] C:\Program Files\Messenger Plus! Live
[07/02/2007|17:27] C:\Program Files\Micro Application
[08/06/2007|17:46] C:\Program Files\microsoft frontpage
[08/06/2007|17:38] C:\Program Files\Microsoft Office
[12/09/2006|05:44] C:\Program Files\Microsoft Works
[15/11/2005|04:24] C:\Program Files\Movie Maker
[26/04/2008|14:26] C:\Program Files\Mozilla Firefox
[07/10/2007|15:21] C:\Program Files\MSN
[15/11/2005|04:25] C:\Program Files\MSN Gaming Zone
[01/04/2008|09:20] C:\Program Files\MSN Messenger
[07/04/2008|15:03] C:\Program Files\MSNFix
[06/04/2007|09:04] C:\Program Files\Multi_Media_France
[27/02/2008|10:50] C:\Program Files\muvee Technologies
[20/04/2007|16:45] C:\Program Files\MyWebSearch
[15/08/2007|17:02] C:\Program Files\Nero
[15/11/2005|04:25] C:\Program Files\NetMeeting
[27/02/2008|10:39] C:\Program Files\Norton Internet Security
[01/06/2008|18:00] C:\Program Files\Norton Security Scan
[15/11/2005|04:25] C:\Program Files\Online Services
[11/03/2007|13:21] C:\Program Files\Orange
[14/05/2008|14:29] C:\Program Files\Outils de Guitare-Online
[11/04/2007|19:31] C:\Program Files\Outlook Express
[22/03/2008|15:33] C:\Program Files\PlayMP3z
[12/09/2006|05:40] C:\Program Files\Real
[16/03/2008|17:15] C:\Program Files\Registry Mechanic
[23/01/2008|11:37] C:\Program Files\R-RAM
[24/03/2007|15:14] C:\Program Files\SAGEM
[18/08/2007|14:16] C:\Program Files\Samsung
[24/03/2007|15:11] C:\Program Files\Securitoo
[12/09/2006|06:03] C:\Program Files\Services en ligne
[26/03/2007|16:08] C:\Program Files\SLD Codec Pack
[08/06/2007|17:38] C:\Program Files\Snapshot Viewer
[27/02/2008|10:33] C:\Program Files\Sonic
[04/06/2008|08:51] C:\Program Files\SPAMfighter
[09/04/2008|06:34] C:\Program Files\Spybot - Search & Destroy
[27/05/2008|04:31] C:\Program Files\StoreHope
[03/04/2007|07:37] C:\Program Files\Symantec
[26/05/2008|16:21] C:\Program Files\TmNationsForever
[28/05/2008|19:52] C:\Program Files\TrackMania Nations ESWC
[18/06/2007|18:04] C:\Program Files\Ulead Systems
[12/11/2005|02:09] C:\Program Files\Uninstall Information
[21/10/2007|16:33] C:\Program Files\VCW VicMan's Photo Editor
[12/06/2007|06:47] C:\Program Files\VideoLAN
[15/05/2008|20:09] C:\Program Files\VirtualDJ
[25/03/2007|19:32] C:\Program Files\Wanadoo
[01/04/2008|09:20] C:\Program Files\Windows Live
[20/04/2007|13:42] C:\Program Files\Windows Live Favorites
[21/04/2007|10:59] C:\Program Files\Windows Live Toolbar
[11/04/2007|19:31] C:\Program Files\Windows Media Player
[15/11/2005|04:25] C:\Program Files\Windows NT
[15/11/2005|04:25] C:\Program Files\Windows Plus
[12/11/2005|02:09] C:\Program Files\WindowsUpdate
[16/04/2008|20:31] C:\Program Files\winvi
[04/03/2007|13:03] C:\Program Files\wt3d.ini
[15/11/2005|04:26] C:\Program Files\xerox
[27/02/2008|10:29] C:\Program Files\Yahoo!
[30/04/2008|10:38] C:\Program Files\Zylom Games
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[10/03/2008|17:44] C:\Program Files\Fichiers communs\Adobe
[15/08/2007|17:02] C:\Program Files\Fichiers communs\Ahead
[09/04/2008|06:25] C:\Program Files\Fichiers communs\Ankiro
[13/03/2007|07:48] C:\Program Files\Fichiers communs\AOL
[09/04/2008|06:24] C:\Program Files\Fichiers communs\Application
[13/04/2007|11:46] C:\Program Files\Fichiers communs\Companion Wizard
[08/06/2007|17:40] C:\Program Files\Fichiers communs\Designer
[22/01/2007|19:14] C:\Program Files\Fichiers communs\Hewlett-Packard
[27/02/2008|10:25] C:\Program Files\Fichiers communs\HP
[27/02/2008|10:31] C:\Program Files\Fichiers communs\InstallShield
[03/04/2008|07:26] C:\Program Files\Fichiers communs\Java
[12/09/2006|05:42] C:\Program Files\Fichiers communs\LightScribe
[27/02/2008|12:17] C:\Program Files\Fichiers communs\LogiShrd
[19/11/2007|07:11] C:\Program Files\Fichiers communs\Logitech
[12/09/2006|05:42] C:\Program Files\Fichiers communs\LS Getting Started
[07/02/2007|20:15] C:\Program Files\Fichiers communs\Micro Application Shared
[29/03/2008|08:15] C:\Program Files\Fichiers communs\Microsoft Shared
[15/11/2005|04:24] C:\Program Files\Fichiers communs\MSSoap
[27/02/2008|10:51] C:\Program Files\Fichiers communs\muvee Technologies
[15/11/2005|04:24] C:\Program Files\Fichiers communs\ODBC
[27/02/2008|10:35] C:\Program Files\Fichiers communs\Real
[15/11/2005|04:24] C:\Program Files\Fichiers communs\Services
[15/11/2005|04:24] C:\Program Files\Fichiers communs\SpeechEngines
[04/06/2008|08:51] C:\Program Files\Fichiers communs\Symantec Shared
[08/06/2007|17:48] C:\Program Files\Fichiers communs\System
[18/06/2007|18:04] C:\Program Files\Fichiers communs\Ulead Systems
---------------------------[ Process ]--------------------------
... 57
iexplore.exe ~ [1844]
iexplore.exe ~ [880]
iexplore.exe ~ [2388]
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\Hide htm.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1
C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\aimheckdupeeq.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\fhvnqfal.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\myvjfzxg.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\part htm hide.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\pure fast enc.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\vxgtafsx.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\wolmoqsj.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\yigdlbwc.exe
C:\DOCUME~1\LOCALS~1\APPLIC~1\storeh~1
C:\DOCUME~1\LOCALS~1\APPLIC~1\storeh~1\pure fast enc.exe
C:\Program Files\storeh~1
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\WINDOWS\Prefetch\HIDE HTM.EXE-2415D8B3.pf
C:\WINDOWS\Prefetch\PART HTM HIDE.EXE-09AC6088.pf
C:\WINDOWS\Prefetch\PURE FAST ENC.EXE-1576803A.pf
C:\WINDOWS\Prefetch\WOLMOQSJ.EXE-2E44F0DD.pf
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.adserver5[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adin.bigpoint[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@bigpoint[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.bigpoint[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.casinoking[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@casinoking[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.cotedazurpalace[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cotedazurpalace[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adopt.euroclick[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@pacificpoker[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@partygaming.122.2o7[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@partypoker[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@32vegas[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.32vegas[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cachewww.32vegas[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@vegasred[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.vegasred[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@2xmoinscher[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cc.2xmoinscher[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.2xmoinscher[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@888[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@888[2].txt
C:\WINDOWS\Tasks\B43C26B9906BD391.job
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mixlogo"="C:\\DOCUME~1\\HP_ADM~1\\APPLIC~1\\STOREH~1\\pure fast enc.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"close surf mail dupe"="C:\\Documents and Settings\\All Users\\Application Data\\Tick Find Close Surf\\Hide htm.exe"
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 72 ( 70 ## added by CiD )
/!\ 1 Not 127.0.0.1 !!
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 16:55:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\mszxqp_navps.dat
C:\WINDOWS\system32\pljirfhef_navps.dat
C:\WINDOWS\system32\mszxqp_nav.dat
C:\WINDOWS\system32\mszxqp.dat
C:\WINDOWS\system32\pljirfhef_nav.dat
C:\WINDOWS\system32\pljirfhef.dat
! EGDACCESS !
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjack1.a67bc53dc3f76ad51f07ff7b93734168.inf
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjack1.b49d2ddd320948ad790aa39df760c775.inf
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjack1.f97d5f24e7d2d1a2b7f52b4dc211ed43.inf
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjackcommon.30e8e1c899235111d3b1b84c91bce0ae.inf
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjackcommon.b4fc0002a0c341b1251a31ea5012f803.inf
[F:343][D:12]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
[F:818][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies
[F:16043][D:20]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 16:57:09,48 ]----------------------
|
|
|
|
|
|
est ce que jai fait une mauvaise manipulation?
|
|
helper
|
|
|
non  mais par contre t'es bien infecté
relances lopsd choisis l'option 2 et mets le rapport.
|
|
|
|
|
[ Lop S&D 4.2.1-2 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP_Administrateur ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 04/06/2008 | 18:00:37,54 ] [ PC : NOM-FB9B15D2723 ]
[ MAJ : 01-06-2008 | 15:51 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\Hide htm.exe
Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\aimheckdupeeq.exe
Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\fhvnqfal.exe
Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\myvjfzxg.exe
Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\part htm hide.exe
Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\pure fast enc.exe
Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\vxgtafsx.exe
Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\wolmoqsj.exe
Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1\yigdlbwc.exe
Supprimé! - C:\DOCUME~1\LOCALS~1\APPLIC~1\storeh~1\pure fast enc.exe
Supprimé! - C:\Program Files\Multi_Media_France\INSTALL.LOG
Supprimé! - C:\WINDOWS\Prefetch\HIDE HTM.EXE-2415D8B3.pf
Supprimé! - C:\WINDOWS\Prefetch\PART HTM HIDE.EXE-09AC6088.pf
Supprimé! - C:\WINDOWS\Prefetch\PURE FAST ENC.EXE-1576803A.pf
Supprimé! - C:\WINDOWS\Prefetch\WOLMOQSJ.EXE-2E44F0DD.pf
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.adserver5[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adin.bigpoint[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.bigpoint[1].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.casinoking[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@casinoking[1].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.cotedazurpalace[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cotedazurpalace[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adopt.euroclick[1].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@pacificpoker[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@partygaming.122.2o7[1].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@partypoker[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@32vegas[1].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.32vegas[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cachewww.32vegas[1].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@vegasred[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.vegasred[1].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@2xmoinscher[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cc.2xmoinscher[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.2xmoinscher[2].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@888[1].txt
Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@888[2].txt
Supprimé! - C:\WINDOWS\Tasks\B43C26B9906BD391.job
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\storeh~1
Supprimé! - C:\DOCUME~1\LOCALS~1\APPLIC~1\storeh~1
Supprimé! - C:\Program Files\storeh~1
Supprimé! - C:\Program Files\Multi_Media_France
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprimé! - C:\Program Files\MyWebSearch
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[10/10/2005|15:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[15/11/2005|04:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[12/09/2006|06:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[12/09/2006|05:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[28/03/2007|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[01/04/2007|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[10/10/2005|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[07/12/2007|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[12/09/2006|06:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[22/01/2007|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[27/02/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[12/09/2006|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[21/02/2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[19/11/2007|07:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[07/02/2007|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[17/01/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[16/12/2007|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[03/09/2007|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/10/2007|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[04/03/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[04/03/2007|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
[21/07/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[30/04/2008|10:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[12/09/2006|05:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[08/06/2007|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[12/09/2006|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[09/04/2008|06:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/05/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[03/04/2007|07:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[30/05/2008|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[20/12/2007|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[18/06/2007|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[13/04/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007
[24/03/2007|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[30/05/2007|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[10/10/2005|15:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[15/11/2005|04:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/09/2006|06:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/09/2006|05:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[20/05/2008|18:46] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe
[08/04/2007|11:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM
[22/08/2007|20:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ahead
[26/04/2007|09:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Alp-Software
[02/09/2007|19:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Anuman Interactive
[18/03/2007|17:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ArcSoft
[26/08/2007|11:57] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ConvertTemp
[31/03/2007|17:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CyberLink
[10/10/2005|15:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\desktop.ini
[12/01/2008|15:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\filterclsid.dat
[03/04/2007|15:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\F-Secure
[05/04/2007|14:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
[25/03/2007|19:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google
[24/11/2007|13:16] C:\DOCUME~1\HP_ADM~1\APPLIC~1\gtk-2.0
[06/03/2007|11:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Help
[24/01/2007|07:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP
[08/03/2007|18:28] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ
[30/04/2008|10:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities
[25/04/2007|11:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Image Zone Express
[10/03/2008|17:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InterTrust
[03/04/2007|07:59] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ispnews
[23/01/2007|19:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech
[10/03/2008|15:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Likno
[25/02/2008|16:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\LimeWire
[05/03/2008|12:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia
[14/03/2007|10:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Micro Application
[04/07/2007|17:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft
[08/06/2007|17:37] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft Web Folders
[25/03/2007|19:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla
[28/04/2008|19:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\MSN6
[23/01/2008|11:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\muvee Technologies
[04/03/2007|13:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Otto
[03/04/2007|08:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PEX
[21/07/2007|19:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PlayFirst
[27/02/2008|10:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real
[18/08/2007|14:37] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung
[25/04/2007|15:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Screenshot Sender
[23/01/2007|19:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic
[09/04/2008|06:26] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SPAMfighter
[04/03/2007|09:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun
[31/01/2007|08:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Template
[24/06/2007|10:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TuneUp Software
[18/06/2007|18:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ulead Systems
[15/04/2007|07:15] C:\DOCUME~1\HP_ADM~1\APPLIC~1\vlc
[03/06/2008|19:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\wklnhst.dat
[30/04/2008|10:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Zylom
[07/03/2008|22:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[12/09/2006|05:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[12/09/2006|05:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[04/06/2008 18:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[30/05/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[07/07/2007 13:54][--ah-----] C:\WINDOWS\tasks\DMATask 4 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[10/04/2008 08:49][--ah-----] C:\WINDOWS\tasks\DMATask 3 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[10/04/2008 08:49][--ah-----] C:\WINDOWS\tasks\DMATask 2 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[10/04/2008 08:49][--ah-----] C:\WINDOWS\tasks\DMATask 1 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[10/04/2008 08:49][--ah-----] C:\WINDOWS\tasks\DMATask 0 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job
[04/06/2008 08:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[10/03/2008|17:44] C:\Program Files\Adobe
[26/04/2007|09:04] C:\Program Files\Alp-Software
[22/03/2008|15:09] C:\Program Files\Alwil Software
[27/02/2008|10:55] C:\Program Files\Antipub
[10/04/2008|08:03] C:\Program Files\AntivirusFirewall
[15/05/2008|19:41] C:\Program Files\AP Tuner
[18/03/2007|17:16] C:\Program Files\ArcSoft
[10/04/2008|08:18] C:\Program Files\Axis Communications
[25/03/2007|21:00] C:\Program Files\CCleaner
[28/03/2007|08:34] C:\Program Files\Ciel
[27/02/2008|10:29] C:\Program Files\Common Files
[12/11/2005|02:09] C:\Program Files\ComPlus Applications
[09/04/2008|06:48] C:\Program Files\dbar
[02/09/2007|19:36] C:\Program Files\DesignSoft
[12/09/2006|05:47] C:\Program Files\DivX
[12/09/2006|06:01] C:\Program Files\EasyBits
[10/06/2007|07:40] C:\Program Files\eMule
[31/05/2008|10:51] C:\Program Files\Everest Poker
[23/02/2008|17:59] C:\Program Files\FBrowserAdvisor
[10/04/2008|08:58] C:\Program Files\Fichiers communs
[20/04/2007|14:08] C:\Program Files\FunWebProducts
[10/04/2008|08:57] C:\Program Files\GemMasterFrench
[07/12/2007|19:07] C:\Program Files\Google
[12/09/2006|06:01] C:\Program Files\Hewlett-Packard
[10/05/2007|05:37] C:\Program Files\Hotbar
[01/04/2007|11:04] C:\Program Files\HP
[01/09/2007|18:44] C:\Program Files\Incomplete
[29/04/2008|19:42] C:\Program Files\IncrediMail
[27/02/2008|21:49] C:\Program Files\InstallShield Installation Information
[13/06/2007|09:17] C:\Program Files\Internet Explorer
[03/04/2008|07:28] C:\Program Files\Java
[14/05/2008|14:32] C:\Program Files\Jld SoftWare
[23/02/2008|17:53] C:\Program Files\LimeWire
[10/11/2007|16:46] C:\Program Files\LiveCAD
[19/11/2007|07:09] C:\Program Files\Logitech
[21/12/2007|17:21] C:\Program Files\MailSkinner
[12/09/2006|05:21] C:\Program Files\Messenger
[01/04/2008|09:20] C:\Program Files\Messenger Plus! Live
[07/02/2007|17:27] C:\Program Files\Micro Application
[08/06/2007|17:46] C:\Program Files\microsoft frontpage
[08/06/2007|17:38] C:\Program Files\Microsoft Office
[12/09/2006|05:44] C:\Program Files\Microsoft Works
[15/11/2005|04:24] C:\Program Files\Movie Maker
[26/04/2008|14:26] C:\Program Files\Mozilla Firefox
[07/10/2007|15:21] C:\Program Files\MSN
[15/11/2005|04:25] C:\Program Files\MSN Gaming Zone
[01/04/2008|09:20] C:\Program Files\MSN Messenger
[07/04/2008|15:03] C:\Program Files\MSNFix
[27/02/2008|10:50] C:\Program Files\muvee Technologies
[15/08/2007|17:02] C:\Program Files\Nero
[15/11/2005|04:25] C:\Program Files\NetMeeting
[27/02/2008|10:39] C:\Program Files\Norton Internet Security
[04/06/2008|18:00] C:\Program Files\Norton Security Scan
[15/11/2005|04:25] C:\Program Files\Online Services
[11/03/2007|13:21] C:\Program Files\Orange
[14/05/2008|14:29] C:\Program Files\Outils de Guitare-Online
[11/04/2007|19:31] C:\Program Files\Outlook Express
[22/03/2008|15:33] C:\Program Files\PlayMP3z
[12/09/2006|05:40] C:\Program Files\Real
[16/03/2008|17:15] C:\Program Files\Registry Mechanic
[23/01/2008|11:37] C:\Program Files\R-RAM
[24/03/2007|15:14] C:\Program Files\SAGEM
[18/08/2007|14:16] C:\Program Files\Samsung
[24/03/2007|15:11] C:\Program Files\Securitoo
[12/09/2006|06:03] C:\Program Files\Services en ligne
[26/03/2007|16:08] C:\Program Files\SLD Codec Pack
[08/06/2007|17:38] C:\Program Files\Snapshot Viewer
[27/02/2008|10:33] C:\Program Files\Sonic
[04/06/2008|08:51] C:\Program Files\SPAMfighter
[09/04/2008|06:34] C:\Program Files\Spybot - Search & Destroy
[03/04/2007|07:37] C:\Program Files\Symantec
[26/05/2008|16:21] C:\Program Files\TmNationsForever
[28/05/2008|19:52] C:\Program Files\TrackMania Nations ESWC
[18/06/2007|18:04] C:\Program Files\Ulead Systems
[12/11/2005|02:09] C:\Program Files\Uninstall Information
[21/10/2007|16:33] C:\Program Files\VCW VicMan's Photo Editor
[12/06/2007|06:47] C:\Program Files\VideoLAN
[15/05/2008|20:09] C:\Program Files\VirtualDJ
[25/03/2007|19:32] C:\Program Files\Wanadoo
[01/04/2008|09:20] C:\Program Files\Windows Live
[20/04/2007|13:42] C:\Program Files\Windows Live Favorites
[21/04/2007|10:59] C:\Program Files\Windows Live Toolbar
[11/04/2007|19:31] C:\Program Files\Windows Media Player
[15/11/2005|04:25] C:\Program Files\Windows NT
[15/11/2005|04:25] C:\Program Files\Windows Plus
[12/11/2005|02:09] C:\Program Files\WindowsUpdate
[16/04/2008|20:31] C:\Program Files\winvi
[04/03/2007|13:03] C:\Program Files\wt3d.ini
[15/11/2005|04:26] C:\Program Files\xerox
[27/02/2008|10:29] C:\Program Files\Yahoo!
[30/04/2008|10:38] C:\Program Files\Zylom Games
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[10/03/2008|17:44] C:\Program Files\Fichiers communs\Adobe
[15/08/2007|17:02] C:\Program Files\Fichiers communs\Ahead
[09/04/2008|06:25] C:\Program Files\Fichiers communs\Ankiro
[13/03/2007|07:48] C:\Program Files\Fichiers communs\AOL
[09/04/2008|06:24] C:\Program Files\Fichiers communs\Application
[13/04/2007|11:46] C:\Program Files\Fichiers communs\Companion Wizard
[08/06/2007|17:40] C:\Program Files\Fichiers communs\Designer
[22/01/2007|19:14] C:\Program Files\Fichiers communs\Hewlett-Packard
[27/02/2008|10:25] C:\Program Files\Fichiers communs\HP
[27/02/2008|10:31] C:\Program Files\Fichiers communs\InstallShield
[03/04/2008|07:26] C:\Program Files\Fichiers communs\Java
[12/09/2006|05:42] C:\Program Files\Fichiers communs\LightScribe
[27/02/2008|12:17] C:\Program Files\Fichiers communs\LogiShrd
[19/11/2007|07:11] C:\Program Files\Fichiers communs\Logitech
[12/09/2006|05:42] C:\Program Files\Fichiers communs\LS Getting Started
[07/02/2007|20:15] C:\Program Files\Fichiers communs\Micro Application Shared
[29/03/2008|08:15] C:\Program Files\Fichiers communs\Microsoft Shared
[15/11/2005|04:24] C:\Program Files\Fichiers communs\MSSoap
[27/02/2008|10:51] C:\Program Files\Fichiers communs\muvee Technologies
[15/11/2005|04:24] C:\Program Files\Fichiers communs\ODBC
[27/02/2008|10:35] C:\Program Files\Fichiers communs\Real
[15/11/2005|04:24] C:\Program Files\Fichiers communs\Services
[15/11/2005|04:24] C:\Program Files\Fichiers communs\SpeechEngines
[04/06/2008|08:51] C:\Program Files\Fichiers communs\Symantec Shared
[08/06/2007|17:48] C:\Program Files\Fichiers communs\System
[18/06/2007|18:04] C:\Program Files\Fichiers communs\Ulead Systems
---------------------------[ Process ]--------------------------
... 55
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@bigpoint[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.seafight.bigpoint[1].txt
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 18:01:49
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\mszxqp_navps.dat
C:\WINDOWS\system32\pljirfhef_navps.dat
C:\WINDOWS\system32\mszxqp_nav.dat
C:\WINDOWS\system32\mszxqp.dat
C:\WINDOWS\system32\pljirfhef_nav.dat
C:\WINDOWS\system32\pljirfhef.dat
! EGDACCESS !
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjack1.a67bc53dc3f76ad51f07ff7b93734168.inf
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjack1.b49d2ddd320948ad790aa39df760c775.inf
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjack1.f97d5f24e7d2d1a2b7f52b4dc211ed43.inf
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjackcommon.30e8e1c899235111d3b1b84c91bce0ae.inf
=> C:\Documents and Settings\All Users\Application Data\MGS\cache\c\crackerjackcommon.b4fc0002a0c341b1251a31ea5012f803.inf
[F:343][D:12]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
[F:806][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies
[F:16111][D:20]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 18:02:39,59 ]----------------------
|
|
|
|
|
c vraiment sympa de m'aider cer jen peu plus de toutes ces pub!merci
|
|
helper
|
|
|
tout d'abord désinstalle hijackthis via ajout/suppression des programmes
réinstalle -le ici:
http://bibou0007.com/outils-specifiques-f78/tutorial-de-hijackthis-v202-t108.(...)
poste le rapport.
->ensuite
télécharge navilog(voir tuto ci-joint)
http://bibou0007.com/outils-specifiques-f78/tutorial-fixnavilog1-t122.htm
désactives tes protections(antivirus ,antispy et tea timer de spybot si présent)mets le rapport de l'option 1.
bon courage.
|
|
|
|
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:28:22, on 05/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\eHome\ehmsas.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c(...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ALCMTR] ALCMTR.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [close surf mail dupe] C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Hide htm.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Mixlogo] C:\DOCUME~1\HP_ADM~1\APPLIC~1\STOREH~1\pure fast enc.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuw(...)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=19588
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.(...)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: SPBBCSvc - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 12102 bytes
|
|
|
|
|
Search Navipromo version 3.5.7 commencé le 05/06/2008 à 6:36:08,34
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "HP_Administrateur"
Mise à jour le 11.05.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
C:\Program Files\MailSkinner trouvé !
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\menudÉ~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\HP_Administrateur\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\HP_Administrateur\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
Fichiers trouvés :
uzczdpv.exe trouvé !
nzrklfliyx.exe trouvé !
xoimazam.exe trouvé !
* Recherche dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
*** Recherche fichiers ***
C:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
gmpatn.exe trouvé !
mszxqp.dat trouvé !
mszxqp_nav.dat trouvé !
mszxqp_navps.dat trouvé !
pljirfhef.dat trouvé !
pljirfhef_nav.dat trouvé !
pljirfhef_navps.dat trouvé !
uzpjqe.exe trouvé !
zembeh.exe trouvé !
* Dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 05/06/2008 à 6:42:13,14 ***
|
|
|
|
|
|
bonjour,je te remercie encore une fois de me consacrer de ton temps pour nous aider.c vraiment sympa de ta part
|
|
helper
|
|
|
|
relance navilog et fais l'option 2.mets le rapport généré.merci.
|
|
|
|
|
re je vais sur navilog je fais ce que tu ma dit sa me marque:
!! nettoyage en mode e | | |
