Pb IEXPLORE.EXE
Dernière réponse : dans Sécurité
Bonjour,
A mon tour, j'ai de sérieux problèmes avec mon PC qui rame.
J'ai notamment le processus IEXPLORE.EXE qui se lance au démarrage et se relance même si le processus est tué.
Ci-après le rapport HijackThis que je viens d'éditer.
Merci d'avance de votre aide.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:09:26, on 12/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RunDll32.exe
D:\Program Files\NavNT\vptray.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\WINDOWS\system32\ElkCtrl.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
D:\Program Files\NavNT\defwatch.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\NavNT\rtvscan.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\taskmgr.exe
D:\WINDOWS\system32\MsgSys.EXE
D:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
D:\PROGRA~1\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Documents and Settings\tcsao\Desktop\Ménache
PC\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no
file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no
file)
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program
files\google\googletoolbar3.dll
O2 - BHO: (no name) - {ECA7CCE3-1432-75EF-74B0-567E373A6BA1} - (no
file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} -
(no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
d:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program
Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [regs mfcd]
D:\DOCUME~1\tcsao\APPLIC~1\STOPBI~1\Surf chin cast.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Add animation to IncrediMail Style
Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to AMV Convert Tool... -
D:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file
- D:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O8 - Extra context menu item: Open PDF in Word - res://D:\Program
Files\ScanSoft\PDF Converter\IEShellExt.dll /100
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O12 - Plugin for .csm: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClie...
ab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPACl...
.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire
Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Filter hijack: text/html -
{2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - D:\Program
Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - D:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt
Software - D:\Program Files\Sunbelt Software\Personal
Firewall\kpf4ss.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. -
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) -
Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation
- D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9498 bytes
A mon tour, j'ai de sérieux problèmes avec mon PC qui rame.
J'ai notamment le processus IEXPLORE.EXE qui se lance au démarrage et se relance même si le processus est tué.
Ci-après le rapport HijackThis que je viens d'éditer.
Merci d'avance de votre aide.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:09:26, on 12/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RunDll32.exe
D:\Program Files\NavNT\vptray.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\WINDOWS\system32\ElkCtrl.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
D:\Program Files\NavNT\defwatch.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\NavNT\rtvscan.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\taskmgr.exe
D:\WINDOWS\system32\MsgSys.EXE
D:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
D:\PROGRA~1\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Documents and Settings\tcsao\Desktop\Ménache
PC\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no
file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no
file)
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program
files\google\googletoolbar3.dll
O2 - BHO: (no name) - {ECA7CCE3-1432-75EF-74B0-567E373A6BA1} - (no
file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} -
(no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
d:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program
Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [regs mfcd]
D:\DOCUME~1\tcsao\APPLIC~1\STOPBI~1\Surf chin cast.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Add animation to IncrediMail Style
Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to AMV Convert Tool... -
D:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file
- D:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O8 - Extra context menu item: Open PDF in Word - res://D:\Program
Files\ScanSoft\PDF Converter\IEShellExt.dll /100
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O12 - Plugin for .csm: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClie...
ab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPACl...
.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire
Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Filter hijack: text/html -
{2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - D:\Program
Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - D:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt
Software - D:\Program Files\Sunbelt Software\Personal
Firewall\kpf4ss.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. -
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) -
Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation
- D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9498 bytes
Autres pages sur : iexplore exe
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Lop S&D.exe sur ton Bureau.
Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
Patiente jusqu'à la fin du scan
Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Télécharge Lop S&D.exe sur ton Bureau.
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Voici le rapport :
-----------------------------[ Lop S&D 2.0.2.b ]---------------------------
Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
"D:\Program Files\Lop SD"
[ 13/01/2008 | 19:47:59,84 ] [ TCSAO-54EF74060 ]
-------------[ Listing des dossiers dans Application Data ]------------
D:\Documents and Settings\All Users\APPLIC~1\Grisoft
D:\Documents and Settings\All Users\APPLIC~1\burn spam ping upload
D:\Documents and Settings\All Users\APPLIC~1\ISx12.tmp
D:\Documents and Settings\All Users\APPLIC~1\Microsoft Games
D:\Documents and Settings\All Users\APPLIC~1\ISx16A.tmp
D:\Documents and Settings\All Users\APPLIC~1\HotSync
D:\Documents and Settings\All Users\APPLIC~1\WLInstaller
D:\Documents and Settings\All Users\APPLIC~1\xnwfyhdk.mld
D:\Documents and Settings\All Users\APPLIC~1\Adobe
D:\Documents and Settings\All Users\APPLIC~1\TEMP
D:\Documents and Settings\All Users\APPLIC~1\Google
D:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
D:\Documents and Settings\All Users\APPLIC~1\AceBIT
D:\Documents and Settings\All Users\APPLIC~1\Skype
D:\Documents and Settings\All Users\APPLIC~1\Sony Corporation
D:\Documents and Settings\All Users\APPLIC~1\Microsoft
D:\Documents and Settings\All Users\APPLIC~1\Kodak
D:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
D:\Documents and Settings\All Users\APPLIC~1\QuickTime
D:\Documents and Settings\All Users\APPLIC~1\Apple Computer
D:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
D:\Documents and Settings\All Users\APPLIC~1\Symantec
D:\Documents and Settings\All Users\APPLIC~1\desktop.ini
D:\Documents and Settings\Default User\APPLIC~1\desktop.ini
D:\Documents and Settings\Default User\APPLIC~1\Microsoft
D:\Documents and Settings\LocalService\APPLIC~1\Help
D:\Documents and Settings\LocalService\APPLIC~1\Microsoft
D:\Documents and Settings\LocalService\APPLIC~1\Mozilla
D:\Documents and Settings\LocalService\APPLIC~1\Talkback
D:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
D:\Documents and Settings\tcsao\APPLIC~1\Grisoft
D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB
D:\Documents and Settings\tcsao\APPLIC~1\Microsoft Games
D:\Documents and Settings\tcsao\APPLIC~1\HotSync
D:\Documents and Settings\tcsao\APPLIC~1\Microsoft
D:\Documents and Settings\tcsao\APPLIC~1\OpenOffice.org2
D:\Documents and Settings\tcsao\APPLIC~1\Adobe
D:\Documents and Settings\tcsao\APPLIC~1\Wormux
D:\Documents and Settings\tcsao\APPLIC~1\DivX
D:\Documents and Settings\tcsao\APPLIC~1\tunebite
D:\Documents and Settings\tcsao\APPLIC~1\Help
D:\Documents and Settings\tcsao\APPLIC~1\Skype
D:\Documents and Settings\tcsao\APPLIC~1\AdobeUM
D:\Documents and Settings\tcsao\APPLIC~1\Simple Sudoku
D:\Documents and Settings\tcsao\APPLIC~1\Google
D:\Documents and Settings\tcsao\APPLIC~1\U3
D:\Documents and Settings\tcsao\APPLIC~1\Opera
D:\Documents and Settings\tcsao\APPLIC~1\AceBIT
D:\Documents and Settings\tcsao\APPLIC~1\Nvu
D:\Documents and Settings\tcsao\APPLIC~1\vlc
D:\Documents and Settings\tcsao\APPLIC~1\Sony Corporation
D:\Documents and Settings\tcsao\APPLIC~1\Creative
D:\Documents and Settings\tcsao\APPLIC~1\AdobeAUM
D:\Documents and Settings\tcsao\APPLIC~1\Mozilla
D:\Documents and Settings\tcsao\APPLIC~1\Macromedia
D:\Documents and Settings\tcsao\APPLIC~1\Azureus
D:\Documents and Settings\tcsao\APPLIC~1\Mini
D:\Documents and Settings\tcsao\APPLIC~1\NASA
D:\Documents and Settings\tcsao\APPLIC~1\Apple Computer
D:\Documents and Settings\tcsao\APPLIC~1\1st Free Solitaire
D:\Documents and Settings\tcsao\APPLIC~1\123 Free Solitaire
D:\Documents and Settings\tcsao\APPLIC~1\MSNInstaller
D:\Documents and Settings\tcsao\APPLIC~1\Leadertech
D:\Documents and Settings\tcsao\APPLIC~1\Real
D:\Documents and Settings\tcsao\APPLIC~1\Sun
D:\Documents and Settings\tcsao\APPLIC~1\Lavasoft
D:\Documents and Settings\tcsao\APPLIC~1\Thunderbird
D:\Documents and Settings\tcsao\APPLIC~1\Talkback
D:\Documents and Settings\tcsao\APPLIC~1\desktop.ini
D:\Documents and Settings\tcsao\APPLIC~1\Identities
----------------[ Tâches planifiées dans D:\WINDOWS\tasks ]---------------
[13/01/2008 19:00][--ah-----]D:\WINDOWS\tasks\A71673389189E74C.job
[13/01/2008 12:32][--ah-----]D:\WINDOWS\tasks\SA.DAT
[23/08/2001 13:00][-r-h-----]D:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans D:\Program Files ]--------------
D:\Program Files\123 Free Solitaire
D:\Program Files\1st Free Solitaire
D:\Program Files\ABBYY PDF Transformer 2.0
D:\Program Files\Access_Control
D:\Program Files\Adobe
D:\Program Files\AF Cam
D:\Program Files\AtomixMP3
D:\Program Files\AV Music Morpher
D:\Program Files\Azureus
D:\Program Files\CDBurnerXP Pro 3
D:\Program Files\CDDC-Sudoku
D:\Program Files\CDex_150
D:\Program Files\Celestia
D:\Program Files\Circle Developement
D:\Program Files\Common Files
D:\Program Files\ComPlus Applications
D:\Program Files\Creative
D:\Program Files\DivX
D:\Program Files\eMule
D:\Program Files\Finale NotePad 2004
D:\Program Files\Free Audio Pack
D:\Program Files\Frozen-Bubble
D:\Program Files\GEONExT
D:\Program Files\Google
D:\Program Files\Heart Of Darkness
D:\Program Files\Illustrate
D:\Program Files\IncrediMail
D:\Program Files\Internet Explorer
D:\Program Files\iPod
D:\Program Files\iTunes
D:\Program Files\IZArc
D:\Program Files\Java
D:\Program Files\Kazaa
D:\Program Files\Kerio
D:\Program Files\Kodak
D:\Program Files\Lavasoft
D:\Program Files\Logitech
D:\Program Files\Lop SD
D:\Program Files\Messenger
D:\Program Files\Messenger Plus! Live
D:\Program Files\MessengerPlus! 3
D:\Program Files\Microsoft CAPICOM 2.1.0.2
D:\Program Files\microsoft frontpage
D:\Program Files\Microsoft FrontPage Express
D:\Program Files\Microsoft Office
D:\Program Files\Microsoft Visual Studio
D:\Program Files\Microsoft Works
D:\Program Files\Microsoft.NET
D:\Program Files\MixSense
D:\Program Files\MixVibes5
D:\Program Files\MixVibesFREE5
D:\Program Files\MixVibesPro5
D:\Program Files\MobeeSoft
D:\Program Files\Motherboard Monitor 5
D:\Program Files\Movie Maker
D:\Program Files\Mozart2005
D:\Program Files\Mozilla Firefox
D:\Program Files\Mozilla Thunderbird
D:\Program Files\mozilla.org
D:\Program Files\MP3 Player Utilities
D:\Program Files\MP3 Player Utilities 3.13
D:\Program Files\MP3 Player Utilities 3.75
D:\Program Files\mp3DirectCut
D:\Program Files\MSN
D:\Program Files\MSN Gaming Zone
D:\Program Files\MSN Messenger
D:\Program Files\MSXML 4.0
D:\Program Files\NASA
D:\Program Files\Native Instruments
D:\Program Files\Navilog1
D:\Program Files\NavNT
D:\Program Files\NCH Software
D:\Program Files\NetMeeting
D:\Program Files\netpass
D:\Program Files\Nvu
D:\Program Files\Objective Tarot
D:\Program Files\Online Services
D:\Program Files\OpenEuclide
D:\Program Files\OpenOffice.org 1.9.113
D:\Program Files\Opera
D:\Program Files\Orange
D:\Program Files\Outlook Express
D:\Program Files\Palm
D:\Program Files\Pappocom
D:\Program Files\Paragon Software
D:\Program Files\Parallel Tasking
D:\Program Files\PowerArchiver
D:\Program Files\PowerQuest
D:\Program Files\PTDD Group
D:\Program Files\QuickTime
D:\Program Files\RadioTracker
D:\Program Files\Ratajik Software
D:\Program Files\Real
D:\Program Files\Ruud
D:\Program Files\ScanSoft
D:\Program Files\SCHNEIDER ELECTRIC
D:\Program Files\Simple Sudoku
D:\Program Files\SiSLan
D:\Program Files\Skype
D:\Program Files\Smart Projects
D:\Program Files\Sony
D:\Program Files\SpeedFan
D:\Program Files\SplashData
D:\Program Files\StationRipper
D:\Program Files\STOP BIB
D:\Program Files\subduction
D:\Program Files\Sudoku
D:\Program Files\Sunbelt Software
D:\Program Files\Surface Facile version d'‚valuation
D:\Program Files\Symantec
D:\Program Files\Technodev
D:\Program Files\tunebite
D:\Program Files\uree
D:\Program Files\VideoLAN
D:\Program Files\VIH1
D:\Program Files\VirtualDJ
D:\Program Files\Visicom Media
D:\Program Files\Win TV Pro Free
D:\Program Files\Windows Live
D:\Program Files\Windows Media Player
D:\Program Files\Windows NT
D:\Program Files\WinHTTrack (aspi)
D:\Program Files\WinRAR
D:\Program Files\WinZip
D:\Program Files\Wormux 0.7
D:\Program Files\xerox
D:\Program Files\Xolox
D:\Program Files\Yahoo!
------[ Listing des dossiers dans D:\Program Files\Common Files ]------
D:\Program Files\Common Files\Adobe
D:\Program Files\Common Files\DESIGNER
D:\Program Files\Common Files\InstallShield
D:\Program Files\Common Files\Java
D:\Program Files\Common Files\Logitech
D:\Program Files\Common Files\Microsoft Shared
D:\Program Files\Common Files\MimarSinan
D:\Program Files\Common Files\MSSoap
D:\Program Files\Common Files\ODBC
D:\Program Files\Common Files\Real
D:\Program Files\Common Files\Services
D:\Program Files\Common Files\Sony Shared
D:\Program Files\Common Files\SpeechEngines
D:\Program Files\Common Files\SWF Studio
D:\Program Files\Common Files\Symantec Shared
D:\Program Files\Common Files\System
D:\Program Files\Common Files\WhenU
D:\Program Files\Common Files\xing shared
D:\Program Files\Common Files\zoqw
----------------------[ Recherche avec S_Lop ]---------------------
D:\Documents and Settings\All Users\APPLIC~1\Kodak\EasyShareSetup\$SETUP_9_2cd52\Setup.exe
D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB\ieytsjfl.exe
D:\Documents and Settings\All Users\APPLIC~1\Kodak
D:\Program Files\Kodak
D:\Documents and Settings\tcsao\APPLIC~1\STOPBI~1
D:\Program Files\STOPBI~1
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
D:\WINDOWS\Tasks\A71673389189E74C.job
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"regs mfcd"="D:\\DOCUME~1\\tcsao\\APPLIC~1\\STOPBI~1\\Surf chin cast.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-13 19:52:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
--------------------[ Fin du rapport a 19:52:25,14 ]----------------------
-----------------------------[ Lop S&D 2.0.2.b ]---------------------------
Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
"D:\Program Files\Lop SD"
[ 13/01/2008 | 19:47:59,84 ] [ TCSAO-54EF74060 ]
-------------[ Listing des dossiers dans Application Data ]------------
D:\Documents and Settings\All Users\APPLIC~1\Grisoft
D:\Documents and Settings\All Users\APPLIC~1\burn spam ping upload
D:\Documents and Settings\All Users\APPLIC~1\ISx12.tmp
D:\Documents and Settings\All Users\APPLIC~1\Microsoft Games
D:\Documents and Settings\All Users\APPLIC~1\ISx16A.tmp
D:\Documents and Settings\All Users\APPLIC~1\HotSync
D:\Documents and Settings\All Users\APPLIC~1\WLInstaller
D:\Documents and Settings\All Users\APPLIC~1\xnwfyhdk.mld
D:\Documents and Settings\All Users\APPLIC~1\Adobe
D:\Documents and Settings\All Users\APPLIC~1\TEMP
D:\Documents and Settings\All Users\APPLIC~1\Google
D:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
D:\Documents and Settings\All Users\APPLIC~1\AceBIT
D:\Documents and Settings\All Users\APPLIC~1\Skype
D:\Documents and Settings\All Users\APPLIC~1\Sony Corporation
D:\Documents and Settings\All Users\APPLIC~1\Microsoft
D:\Documents and Settings\All Users\APPLIC~1\Kodak
D:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
D:\Documents and Settings\All Users\APPLIC~1\QuickTime
D:\Documents and Settings\All Users\APPLIC~1\Apple Computer
D:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
D:\Documents and Settings\All Users\APPLIC~1\Symantec
D:\Documents and Settings\All Users\APPLIC~1\desktop.ini
D:\Documents and Settings\Default User\APPLIC~1\desktop.ini
D:\Documents and Settings\Default User\APPLIC~1\Microsoft
D:\Documents and Settings\LocalService\APPLIC~1\Help
D:\Documents and Settings\LocalService\APPLIC~1\Microsoft
D:\Documents and Settings\LocalService\APPLIC~1\Mozilla
D:\Documents and Settings\LocalService\APPLIC~1\Talkback
D:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
D:\Documents and Settings\tcsao\APPLIC~1\Grisoft
D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB
D:\Documents and Settings\tcsao\APPLIC~1\Microsoft Games
D:\Documents and Settings\tcsao\APPLIC~1\HotSync
D:\Documents and Settings\tcsao\APPLIC~1\Microsoft
D:\Documents and Settings\tcsao\APPLIC~1\OpenOffice.org2
D:\Documents and Settings\tcsao\APPLIC~1\Adobe
D:\Documents and Settings\tcsao\APPLIC~1\Wormux
D:\Documents and Settings\tcsao\APPLIC~1\DivX
D:\Documents and Settings\tcsao\APPLIC~1\tunebite
D:\Documents and Settings\tcsao\APPLIC~1\Help
D:\Documents and Settings\tcsao\APPLIC~1\Skype
D:\Documents and Settings\tcsao\APPLIC~1\AdobeUM
D:\Documents and Settings\tcsao\APPLIC~1\Simple Sudoku
D:\Documents and Settings\tcsao\APPLIC~1\Google
D:\Documents and Settings\tcsao\APPLIC~1\U3
D:\Documents and Settings\tcsao\APPLIC~1\Opera
D:\Documents and Settings\tcsao\APPLIC~1\AceBIT
D:\Documents and Settings\tcsao\APPLIC~1\Nvu
D:\Documents and Settings\tcsao\APPLIC~1\vlc
D:\Documents and Settings\tcsao\APPLIC~1\Sony Corporation
D:\Documents and Settings\tcsao\APPLIC~1\Creative
D:\Documents and Settings\tcsao\APPLIC~1\AdobeAUM
D:\Documents and Settings\tcsao\APPLIC~1\Mozilla
D:\Documents and Settings\tcsao\APPLIC~1\Macromedia
D:\Documents and Settings\tcsao\APPLIC~1\Azureus
D:\Documents and Settings\tcsao\APPLIC~1\Mini
D:\Documents and Settings\tcsao\APPLIC~1\NASA
D:\Documents and Settings\tcsao\APPLIC~1\Apple Computer
D:\Documents and Settings\tcsao\APPLIC~1\1st Free Solitaire
D:\Documents and Settings\tcsao\APPLIC~1\123 Free Solitaire
D:\Documents and Settings\tcsao\APPLIC~1\MSNInstaller
D:\Documents and Settings\tcsao\APPLIC~1\Leadertech
D:\Documents and Settings\tcsao\APPLIC~1\Real
D:\Documents and Settings\tcsao\APPLIC~1\Sun
D:\Documents and Settings\tcsao\APPLIC~1\Lavasoft
D:\Documents and Settings\tcsao\APPLIC~1\Thunderbird
D:\Documents and Settings\tcsao\APPLIC~1\Talkback
D:\Documents and Settings\tcsao\APPLIC~1\desktop.ini
D:\Documents and Settings\tcsao\APPLIC~1\Identities
----------------[ Tâches planifiées dans D:\WINDOWS\tasks ]---------------
[13/01/2008 19:00][--ah-----]D:\WINDOWS\tasks\A71673389189E74C.job
[13/01/2008 12:32][--ah-----]D:\WINDOWS\tasks\SA.DAT
[23/08/2001 13:00][-r-h-----]D:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans D:\Program Files ]--------------
D:\Program Files\123 Free Solitaire
D:\Program Files\1st Free Solitaire
D:\Program Files\ABBYY PDF Transformer 2.0
D:\Program Files\Access_Control
D:\Program Files\Adobe
D:\Program Files\AF Cam
D:\Program Files\AtomixMP3
D:\Program Files\AV Music Morpher
D:\Program Files\Azureus
D:\Program Files\CDBurnerXP Pro 3
D:\Program Files\CDDC-Sudoku
D:\Program Files\CDex_150
D:\Program Files\Celestia
D:\Program Files\Circle Developement
D:\Program Files\Common Files
D:\Program Files\ComPlus Applications
D:\Program Files\Creative
D:\Program Files\DivX
D:\Program Files\eMule
D:\Program Files\Finale NotePad 2004
D:\Program Files\Free Audio Pack
D:\Program Files\Frozen-Bubble
D:\Program Files\GEONExT
D:\Program Files\Google
D:\Program Files\Heart Of Darkness
D:\Program Files\Illustrate
D:\Program Files\IncrediMail
D:\Program Files\Internet Explorer
D:\Program Files\iPod
D:\Program Files\iTunes
D:\Program Files\IZArc
D:\Program Files\Java
D:\Program Files\Kazaa
D:\Program Files\Kerio
D:\Program Files\Kodak
D:\Program Files\Lavasoft
D:\Program Files\Logitech
D:\Program Files\Lop SD
D:\Program Files\Messenger
D:\Program Files\Messenger Plus! Live
D:\Program Files\MessengerPlus! 3
D:\Program Files\Microsoft CAPICOM 2.1.0.2
D:\Program Files\microsoft frontpage
D:\Program Files\Microsoft FrontPage Express
D:\Program Files\Microsoft Office
D:\Program Files\Microsoft Visual Studio
D:\Program Files\Microsoft Works
D:\Program Files\Microsoft.NET
D:\Program Files\MixSense
D:\Program Files\MixVibes5
D:\Program Files\MixVibesFREE5
D:\Program Files\MixVibesPro5
D:\Program Files\MobeeSoft
D:\Program Files\Motherboard Monitor 5
D:\Program Files\Movie Maker
D:\Program Files\Mozart2005
D:\Program Files\Mozilla Firefox
D:\Program Files\Mozilla Thunderbird
D:\Program Files\mozilla.org
D:\Program Files\MP3 Player Utilities
D:\Program Files\MP3 Player Utilities 3.13
D:\Program Files\MP3 Player Utilities 3.75
D:\Program Files\mp3DirectCut
D:\Program Files\MSN
D:\Program Files\MSN Gaming Zone
D:\Program Files\MSN Messenger
D:\Program Files\MSXML 4.0
D:\Program Files\NASA
D:\Program Files\Native Instruments
D:\Program Files\Navilog1
D:\Program Files\NavNT
D:\Program Files\NCH Software
D:\Program Files\NetMeeting
D:\Program Files\netpass
D:\Program Files\Nvu
D:\Program Files\Objective Tarot
D:\Program Files\Online Services
D:\Program Files\OpenEuclide
D:\Program Files\OpenOffice.org 1.9.113
D:\Program Files\Opera
D:\Program Files\Orange
D:\Program Files\Outlook Express
D:\Program Files\Palm
D:\Program Files\Pappocom
D:\Program Files\Paragon Software
D:\Program Files\Parallel Tasking
D:\Program Files\PowerArchiver
D:\Program Files\PowerQuest
D:\Program Files\PTDD Group
D:\Program Files\QuickTime
D:\Program Files\RadioTracker
D:\Program Files\Ratajik Software
D:\Program Files\Real
D:\Program Files\Ruud
D:\Program Files\ScanSoft
D:\Program Files\SCHNEIDER ELECTRIC
D:\Program Files\Simple Sudoku
D:\Program Files\SiSLan
D:\Program Files\Skype
D:\Program Files\Smart Projects
D:\Program Files\Sony
D:\Program Files\SpeedFan
D:\Program Files\SplashData
D:\Program Files\StationRipper
D:\Program Files\STOP BIB
D:\Program Files\subduction
D:\Program Files\Sudoku
D:\Program Files\Sunbelt Software
D:\Program Files\Surface Facile version d'‚valuation
D:\Program Files\Symantec
D:\Program Files\Technodev
D:\Program Files\tunebite
D:\Program Files\uree
D:\Program Files\VideoLAN
D:\Program Files\VIH1
D:\Program Files\VirtualDJ
D:\Program Files\Visicom Media
D:\Program Files\Win TV Pro Free
D:\Program Files\Windows Live
D:\Program Files\Windows Media Player
D:\Program Files\Windows NT
D:\Program Files\WinHTTrack (aspi)
D:\Program Files\WinRAR
D:\Program Files\WinZip
D:\Program Files\Wormux 0.7
D:\Program Files\xerox
D:\Program Files\Xolox
D:\Program Files\Yahoo!
------[ Listing des dossiers dans D:\Program Files\Common Files ]------
D:\Program Files\Common Files\Adobe
D:\Program Files\Common Files\DESIGNER
D:\Program Files\Common Files\InstallShield
D:\Program Files\Common Files\Java
D:\Program Files\Common Files\Logitech
D:\Program Files\Common Files\Microsoft Shared
D:\Program Files\Common Files\MimarSinan
D:\Program Files\Common Files\MSSoap
D:\Program Files\Common Files\ODBC
D:\Program Files\Common Files\Real
D:\Program Files\Common Files\Services
D:\Program Files\Common Files\Sony Shared
D:\Program Files\Common Files\SpeechEngines
D:\Program Files\Common Files\SWF Studio
D:\Program Files\Common Files\Symantec Shared
D:\Program Files\Common Files\System
D:\Program Files\Common Files\WhenU
D:\Program Files\Common Files\xing shared
D:\Program Files\Common Files\zoqw
----------------------[ Recherche avec S_Lop ]---------------------
D:\Documents and Settings\All Users\APPLIC~1\Kodak\EasyShareSetup\$SETUP_9_2cd52\Setup.exe
D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB\ieytsjfl.exe
D:\Documents and Settings\All Users\APPLIC~1\Kodak
D:\Program Files\Kodak
D:\Documents and Settings\tcsao\APPLIC~1\STOPBI~1
D:\Program Files\STOPBI~1
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
D:\WINDOWS\Tasks\A71673389189E74C.job
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"regs mfcd"="D:\\DOCUME~1\\tcsao\\APPLIC~1\\STOPBI~1\\Surf chin cast.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-13 19:52:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
--------------------[ Fin du rapport a 19:52:25,14 ]----------------------
Re,
Que contient le dossier Kodak dans Program Files ?
Télécharge R-Hosts.exe (de S!ri)
Lance R-Hosts puis clique sur "Restaurer".
Valide la modification en appuyant sur OK.
&
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Que contient le dossier Kodak dans Program Files ?
Télécharge R-Hosts.exe (de S!ri)
Lance R-Hosts puis clique sur "Restaurer".
Valide la modification en appuyant sur OK.
&
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {ECA7CCE3-1432-75EF-74B0-567E373A6BA1} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O4 - HKCU\..\Run: [regs mfcd] D:\DOCUME~1\tcsao\APPLIC~1\STOPBI~1\Surf chin cast.exe
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {ECA7CCE3-1432-75EF-74B0-567E373A6BA1} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O4 - HKCU\..\Run: [regs mfcd] D:\DOCUME~1\tcsao\APPLIC~1\STOPBI~1\Surf chin cast.exe
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
D:\Documents and Settings\All Users\APPLIC~1\Kodak\EasyShareSetup\$SETUP_9_2cd52\Setup.exe
D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB\
D:\Documents and Settings\tcsao\APPLIC~1\STOPBI~1
D:\Program Files\STOPBI~1
D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB\
D:\Documents and Settings\tcsao\APPLIC~1\STOPBI~1
D:\Program Files\STOPBI~1
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Bonjour,
Le dossier D:\Program Files\Kodak est vide.
Ci-après, le rapport de OTMoveIt :
D:\Documents and Settings\All Users\APPLIC~1\Kodak\EasyShareSetup\$SETUP_9_2cd52\Setup.exe moved successfully.
D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB moved successfully.
File/Folder D:\Documents and Settings\tcsao\APPLIC~1\STOPBI~1 not found.
D:\Program Files\STOPBI~1 moved successfully.
Created on 01/15/2008 20:56:45
Le dossier D:\Program Files\Kodak est vide.
Ci-après, le rapport de OTMoveIt :
D:\Documents and Settings\All Users\APPLIC~1\Kodak\EasyShareSetup\$SETUP_9_2cd52\Setup.exe moved successfully.
D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB moved successfully.
File/Folder D:\Documents and Settings\tcsao\APPLIC~1\STOPBI~1 not found.
D:\Program Files\STOPBI~1 moved successfully.
Created on 01/15/2008 20:56:45
Le voici :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:46, on 15/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RunDll32.exe
D:\Program Files\NavNT\vptray.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
D:\Program Files\NavNT\defwatch.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\NavNT\rtvscan.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\MsgSys.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Documents and Settings\tcsao\Desktop\Ménache
PC\HiJackThis\HijackThis.exe
D:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program
files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
d:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program
Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Add animation to IncrediMail Style
Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to AMV Convert Tool... -
D:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file
- D:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O8 - Extra context menu item: Open PDF in Word - res://D:\Program
Files\ScanSoft\PDF Converter\IEShellExt.dll /100
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O12 - Plugin for .csm: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClie...
ab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPACl...
.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire
Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Filter hijack: text/html -
{2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - D:\Program
Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - D:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt
Software - D:\Program Files\Sunbelt Software\Personal
Firewall\kpf4ss.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. -
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) -
Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation
- D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9018 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:46, on 15/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RunDll32.exe
D:\Program Files\NavNT\vptray.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
D:\Program Files\NavNT\defwatch.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\NavNT\rtvscan.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\MsgSys.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Documents and Settings\tcsao\Desktop\Ménache
PC\HiJackThis\HijackThis.exe
D:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program
files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
d:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program
Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Add animation to IncrediMail Style
Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to AMV Convert Tool... -
D:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file
- D:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O8 - Extra context menu item: Open PDF in Word - res://D:\Program
Files\ScanSoft\PDF Converter\IEShellExt.dll /100
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O12 - Plugin for .csm: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClie...
ab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPACl...
.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire
Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Filter hijack: text/html -
{2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - D:\Program
Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - D:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt
Software - D:\Program Files\Sunbelt Software\Personal
Firewall\kpf4ss.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. -
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) -
Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation
- D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9018 bytes
Bonjour,
Voici. J'espère que c'est mieux.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:41:48, on 16/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
D:\Program Files\NavNT\defwatch.exe
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\NavNT\rtvscan.exe
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\MsgSys.EXE
D:\WINDOWS\Explorer.EXE
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\WINDOWS\system32\RunDll32.exe
D:\Program Files\NavNT\vptray.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Documents and Settings\tcsao\Desktop\Ménache
PC\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program
files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
d:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program
Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Add animation to IncrediMail Style
Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to AMV Convert Tool... -
D:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file
- D:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O8 - Extra context menu item: Open PDF in Word - res://D:\Program
Files\ScanSoft\PDF Converter\IEShellExt.dll /100
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O12 - Plugin for .csm: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClie...
ab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPACl...
.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire
Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Filter hijack: text/html -
{2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - D:\Program
Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - D:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt
Software - D:\Program Files\Sunbelt Software\Personal
Firewall\kpf4ss.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. -
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) -
Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation
- D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9266 bytes
Voici. J'espère que c'est mieux.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:41:48, on 16/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
D:\Program Files\NavNT\defwatch.exe
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\NavNT\rtvscan.exe
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\MsgSys.EXE
D:\WINDOWS\Explorer.EXE
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\WINDOWS\system32\RunDll32.exe
D:\Program Files\NavNT\vptray.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Documents and Settings\tcsao\Desktop\Ménache
PC\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program
files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
d:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program
Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Add animation to IncrediMail Style
Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to AMV Convert Tool... -
D:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file
- D:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O8 - Extra context menu item: Open PDF in Word - res://D:\Program
Files\ScanSoft\PDF Converter\IEShellExt.dll /100
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack -
{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
(aspi)\WinHTTrackIEBar.dll
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O12 - Plugin for .csm: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: D:\Program Files\Internet
Explorer\Plugins\npchime.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClie...
ab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPACl...
.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire
Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Filter hijack: text/html -
{2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - D:\Program
Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - D:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt
Software - D:\Program Files\Sunbelt Software\Personal
Firewall\kpf4ss.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. -
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) -
Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - D:\Program
Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation
- D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9266 bytes
Regarde ici par exemple pour voir comment sont affichés les rapports :
http://www.infos-du-net.com/forum/forum2.php?config=inf...
http://www.infos-du-net.com/forum/forum2.php?config=inf...
Bonsoir,
Non, ça va beaucoup mieux !
Merci bien Angeldark.
Mais tant que j'y suis à faire du ménage, tu penses que j'en suis où ?
Et pour ma culture personnelle :
- c'est quoi mon problème pour poster des rapports corrects ?
- quelle contamination ai-je subit ?
- et quelle est la cause potentielle aux problèmes que j'ai eu ?
Merci beaucoup de tes réponses.
Non, ça va beaucoup mieux !
Merci bien Angeldark.
Mais tant que j'y suis à faire du ménage, tu penses que j'en suis où ?
Et pour ma culture personnelle :
- c'est quoi mon problème pour poster des rapports corrects ?
- quelle contamination ai-je subit ?
- et quelle est la cause potentielle aux problèmes que j'ai eu ?
Merci beaucoup de tes réponses.
Citation :
Mais tant que j'y suis à faire du ménage, tu penses que j'en suis où ? A la fin je pense.
Citation :
- c'est quoi mon problème pour poster des rapports corrects ? Ça doit benir d'une option dans le Bloc-Notes.
Citation :
- et quelle est la cause potentielle aux problèmes que j'ai eu ? Cracks, p2p ?
Lassé par la pub ? Créez un compte
