problème de virus et autre T_T
Dernière réponse : dans Sécurité
Bon je vais rapidement expliquer les différent problèmes de mon ordinateur :
1: Quand j'ai formater mon ordinateur n'a pas effacer l'ancien système d'exploitation et en a créé un autre dans l'autre disque dur.Le problème s'est que je peut plus supprimer le premier système d'exploitation qui se trouve sur le disque (C)Car je pense que le nouveau système se sert peut être de l'ancien.C'est assez chiant et je pense que ça peut créé de nombreuse opportunités aux virus de rentrer dans mon ordinateur.
RESOLU ==>2: Des Pop-up qui souvrent sur internet exploreur mozilla et des fois avec rien y a juste marquer C.I.D sur la fenêtre (elle peuvent étre de différente taille)
3:mise a jour de Microsoft ne se fait plus automatiquement ni rien d'ailleur T_T.Donc encore plus de virus .
Se que j'ai fait pour:
1° je l'ai passer sous Spybot => rien
2° je l'ai passer sous Ad-Aware 2007=> rien
3° je l'ai passer sous CCleaner => rien
4° Avast familial (je crois )Scan max => rien
5° Nettoyage du disque => rien
6° Recherche des erreurs disque => rien
voilà donc j'espère que vous saurer quoi faire pour ne plus venir sur cette partie du forum T_T![:pfff:]( ":pfff:")
1: Quand j'ai formater mon ordinateur n'a pas effacer l'ancien système d'exploitation et en a créé un autre dans l'autre disque dur.Le problème s'est que je peut plus supprimer le premier système d'exploitation qui se trouve sur le disque (C)Car je pense que le nouveau système se sert peut être de l'ancien.C'est assez chiant et je pense que ça peut créé de nombreuse opportunités aux virus de rentrer dans mon ordinateur.
RESOLU ==>2: Des Pop-up qui souvrent sur internet exploreur mozilla et des fois avec rien y a juste marquer C.I.D sur la fenêtre (elle peuvent étre de différente taille)
3:mise a jour de Microsoft ne se fait plus automatiquement ni rien d'ailleur T_T.Donc encore plus de virus .
Se que j'ai fait pour:
1° je l'ai passer sous Spybot => rien
2° je l'ai passer sous Ad-Aware 2007=> rien
3° je l'ai passer sous CCleaner => rien
4° Avast familial (je crois )Scan max => rien
5° Nettoyage du disque => rien
6° Recherche des erreurs disque => rien
voilà donc j'espère que vous saurer quoi faire pour ne plus venir sur cette partie du forum T_T
Autres pages sur : probleme virus
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20:41, on 21/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RunDLL32.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
D:\Program Files\Creative\Shared Files\CamTray.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PDVDDXSrv] "D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdVantage Setup] D:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "D:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Two Knob] D:\DOCUME~1\Quentin\APPLIC~1\SAVEBA~1\purewmainter.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = D:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
--
End of file - 10118 bytes
Scan saved at 20:20:41, on 21/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RunDLL32.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
D:\Program Files\Creative\Shared Files\CamTray.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PDVDDXSrv] "D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdVantage Setup] D:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "D:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Two Knob] D:\DOCUME~1\Quentin\APPLIC~1\SAVEBA~1\purewmainter.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = D:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
--
End of file - 10118 bytes
Re,
Télécharge Lop S&D.exe sur ton Bureau.
Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
Patiente jusqu'à la fin du scan
Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Télécharge Lop S&D.exe sur ton Bureau.
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
-----------------------------[ Lop S&D 2.3.7 ]---------------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Quentin ] [ "D:\Program Files\Lop SD" ]
[ 22/02/2008 | 21:41:03,23 ] [ PC : 1E95982CE37 ]
[ MAJ : 21-02-2008 | 22:45 ]
-------------[ Listing des dossiers dans Application Data ]------------
[21/02/2008|21:26] D:\DOCUME~1\ADMINI~1\APPLIC~1\.
[21/02/2008|21:26] D:\DOCUME~1\ADMINI~1\APPLIC~1\..
[21/02/2008|21:27] D:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[05/11/2007|12:51] D:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[21/02/2008|21:27] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[05/01/2008|13:11] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[21/02/2008|21:26] D:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[21/02/2008|21:26] D:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[05/01/2008|17:23] D:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[05/01/2008|17:36] D:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR
[21/02/2008|20:22] D:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[21/02/2008|20:22] D:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[05/11/2007|21:05] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/12/2007|16:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[17/11/2007|15:05] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[17/11/2007|22:01] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/11/2007|18:07] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[05/11/2007|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Dell
[05/11/2007|12:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[10/11/2007|15:08] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[22/11/2007|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[10/12/2007|21:26] D:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[22/02/2008|20:40] D:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[26/01/2008|15:22] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[01/12/2007|19:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[05/11/2007|19:13] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/12/2007|19:13] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[14/11/2007|12:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[16/02/2008|23:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop
[05/11/2007|16:27] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[24/11/2007|13:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[05/11/2007|16:44] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[21/02/2008|21:09] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/11/2007|20:35] D:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[20/11/2007|20:35] D:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[20/11/2007|20:35] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[05/11/2007|12:51] D:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[05/11/2007|12:00] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/11/2007|12:02] D:\DOCUME~1\LOCALS~1\APPLIC~1\.
[05/11/2007|12:02] D:\DOCUME~1\LOCALS~1\APPLIC~1\..
[05/11/2007|12:00] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[05/11/2007|12:02] D:\DOCUME~1\NETWOR~1\APPLIC~1\.
[05/11/2007|12:02] D:\DOCUME~1\NETWOR~1\APPLIC~1\..
[05/11/2007|12:00] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[17/02/2008|23:27] D:\DOCUME~1\Quentin\APPLIC~1\.
[17/02/2008|23:27] D:\DOCUME~1\Quentin\APPLIC~1\..
[21/02/2008|23:42] D:\DOCUME~1\Quentin\APPLIC~1\Adobe
[17/11/2007|22:12] D:\DOCUME~1\Quentin\APPLIC~1\Apple Computer
[06/12/2007|19:08] D:\DOCUME~1\Quentin\APPLIC~1\Creative
[05/11/2007|18:07] D:\DOCUME~1\Quentin\APPLIC~1\CyberLink
[26/01/2008|13:42] D:\DOCUME~1\Quentin\APPLIC~1\DAEMON Tools
[05/11/2007|12:51] D:\DOCUME~1\Quentin\APPLIC~1\desktop.ini
[17/11/2007|20:44] D:\DOCUME~1\Quentin\APPLIC~1\Google
[22/11/2007|17:52] D:\DOCUME~1\Quentin\APPLIC~1\Grisoft
[05/11/2007|12:03] D:\DOCUME~1\Quentin\APPLIC~1\Identities
[05/11/2007|12:10] D:\DOCUME~1\Quentin\APPLIC~1\InstallShield
[07/11/2007|14:49] D:\DOCUME~1\Quentin\APPLIC~1\LimeWire
[05/11/2007|17:47] D:\DOCUME~1\Quentin\APPLIC~1\Macromedia
[05/11/2007|18:09] D:\DOCUME~1\Quentin\APPLIC~1\Media Player Classic
[09/12/2007|14:16] D:\DOCUME~1\Quentin\APPLIC~1\Microsoft
[05/11/2007|17:56] D:\DOCUME~1\Quentin\APPLIC~1\Mozilla
[14/11/2007|12:47] D:\DOCUME~1\Quentin\APPLIC~1\Nero
[26/12/2007|19:36] D:\DOCUME~1\Quentin\APPLIC~1\Samsung
[17/02/2008|13:08] D:\DOCUME~1\Quentin\APPLIC~1\Save bat bags
[10/11/2007|22:28] D:\DOCUME~1\Quentin\APPLIC~1\Sun
[05/11/2007|16:44] D:\DOCUME~1\Quentin\APPLIC~1\vlc
[05/11/2007|15:04] D:\DOCUME~1\Quentin\APPLIC~1\WinRAR
----------------[ Tâches planifiées dans D:\WINDOWS\tasks ]---------------
[22/02/2008 21:00][--ah-----] D:\WINDOWS\tasks\AE829F22918512CE.job [--274--]
[09/02/2008 21:41][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[22/02/2008 16:24][--ah-----] D:\WINDOWS\tasks\SA.DAT [--6--]
[05/08/2004 11:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini [--65--]
---------------[ Listing des dossiers dans D:\Program Files ]--------------
[22/02/2008|21:40] D:\Program Files\.
[22/02/2008|21:40] D:\Program Files\..
[24/12/2007|17:21] D:\Program Files\Adobe
[26/01/2008|15:11] D:\Program Files\AdVantage
[22/11/2007|17:36] D:\Program Files\Alwil Software
[17/11/2007|15:05] D:\Program Files\Apple Software Update
[06/01/2008|20:28] D:\Program Files\CCleaner
[17/12/2007|20:19] D:\Program Files\Circle Developement
[05/11/2007|11:57] D:\Program Files\ComPlus Applications
[06/12/2007|19:09] D:\Program Files\Creative
[07/02/2008|19:43] D:\Program Files\CyberLink
[26/01/2008|13:44] D:\Program Files\DAEMON Tools Lite
[05/11/2007|12:07] D:\Program Files\Dell
[05/11/2007|12:11] D:\Program Files\Digital Line Detect
[05/01/2008|12:54] D:\Program Files\DivX
[13/02/2008|13:35] D:\Program Files\EA GAMES
[07/11/2007|15:08] D:\Program Files\eMule
[21/02/2008|20:22] D:\Program Files\Fichiers communs
[10/11/2007|15:08] D:\Program Files\Google
[22/11/2007|17:52] D:\Program Files\Grisoft
[10/12/2007|21:26] D:\Program Files\Hewlett-Packard
[07/02/2008|19:43] D:\Program Files\InstallShield Installation Information
[05/11/2007|13:38] D:\Program Files\Intel
[11/12/2007|20:48] D:\Program Files\Internet Explorer
[19/01/2008|23:56] D:\Program Files\iPod
[19/01/2008|23:56] D:\Program Files\iTunes
[03/02/2008|21:04] D:\Program Files\Java
[05/11/2007|17:26] D:\Program Files\K-Lite Codec Pack
[05/11/2007|16:26] D:\Program Files\Lavasoft
[22/02/2008|21:41] D:\Program Files\Lop SD
[05/11/2007|17:08] D:\Program Files\Messenger
[17/12/2007|20:19] D:\Program Files\Messenger Plus! Live
[06/11/2007|03:01] D:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/11/2007|12:00] D:\Program Files\microsoft frontpage
[05/11/2007|19:14] D:\Program Files\Microsoft Office
[05/11/2007|19:14] D:\Program Files\Microsoft Visual Studio
[05/11/2007|19:14] D:\Program Files\Microsoft Works
[05/11/2007|11:58] D:\Program Files\Movie Maker
[22/02/2008|21:39] D:\Program Files\Mozilla Firefox
[05/11/2007|19:14] D:\Program Files\MSBuild
[21/02/2008|21:26] D:\Program Files\MSN
[05/11/2007|11:57] D:\Program Files\MSN Gaming Zone
[17/12/2007|20:19] D:\Program Files\MSN Messenger
[06/11/2007|03:01] D:\Program Files\MSXML 4.0
[22/12/2007|12:19] D:\Program Files\Navilog1
[14/11/2007|12:45] D:\Program Files\Nero
[05/11/2007|11:58] D:\Program Files\NetMeeting
[05/11/2007|12:12] D:\Program Files\NetWaiting
[28/12/2007|14:39] D:\Program Files\NovaLogic
[05/11/2007|11:57] D:\Program Files\Online Services
[05/11/2007|12:12] D:\Program Files\Outil de diagnostic de modem
[05/11/2007|17:07] D:\Program Files\Outlook Express
[19/01/2008|23:55] D:\Program Files\QuickTime
[02/12/2007|16:37] D:\Program Files\Realtek
[25/12/2007|20:50] D:\Program Files\Samsung
[16/02/2008|23:39] D:\Program Files\Save bat bags
[05/11/2007|11:59] D:\Program Files\Services en ligne
[20/02/2008|14:36] D:\Program Files\Shareaza Applications
[06/12/2007|19:08] D:\Program Files\SightSpeed
[05/11/2007|16:24] D:\Program Files\Spybot - Search & Destroy
[21/02/2008|20:20] D:\Program Files\Trend Micro
[05/11/2007|12:03] D:\Program Files\Uninstall Information
[05/11/2007|16:41] D:\Program Files\VideoLAN
[21/02/2008|20:22] D:\Program Files\Windows Live
[05/11/2007|16:45] D:\Program Files\Windows Media Connect 2
[05/11/2007|17:07] D:\Program Files\Windows Media Player
[05/11/2007|11:57] D:\Program Files\Windows NT
[05/11/2007|11:59] D:\Program Files\WindowsUpdate
[05/11/2007|15:04] D:\Program Files\WinRAR
[05/11/2007|12:00] D:\Program Files\xerox
[07/01/2008|21:39] D:\Program Files\Yahoo!
------[ Listing des dossiers dans D:\Program Files\Fichiers communs ]------
[21/02/2008|20:22] D:\Program Files\Fichiers communs\.
[21/02/2008|20:22] D:\Program Files\Fichiers communs\..
[24/12/2007|17:21] D:\Program Files\Fichiers communs\Adobe
[05/11/2007|21:05] D:\Program Files\Fichiers communs\Adobe Systems Shared
[17/11/2007|21:59] D:\Program Files\Fichiers communs\Apple
[05/11/2007|19:14] D:\Program Files\Fichiers communs\DESIGNER
[10/12/2007|21:22] D:\Program Files\Fichiers communs\Hewlett-Packard
[05/11/2007|14:07] D:\Program Files\Fichiers communs\InstallShield
[03/02/2008|20:56] D:\Program Files\Fichiers communs\Java
[05/11/2007|19:14] D:\Program Files\Fichiers communs\Microsoft Shared
[05/11/2007|11:58] D:\Program Files\Fichiers communs\MSSoap
[14/11/2007|12:47] D:\Program Files\Fichiers communs\Nero
[05/11/2007|12:52] D:\Program Files\Fichiers communs\ODBC
[05/11/2007|11:58] D:\Program Files\Fichiers communs\Services
[05/11/2007|12:52] D:\Program Files\Fichiers communs\SpeechEngines
[24/11/2007|16:30] D:\Program Files\Fichiers communs\Symantec Shared
[05/11/2007|19:11] D:\Program Files\Fichiers communs\System
[21/02/2008|20:25] D:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/11/2007|16:25] D:\Program Files\Fichiers communs\Wise Installation Wizard
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
D:\Program Files\Circle Developement
D:\Program Files\Circle Developement\Uninstall.exe
D:\WINDOWS\Tasks\AE829F22918512CE.job
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 7855 ( 70 ## added by CiD )
/!\ 1 Not 127.0.0.1 !!
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-22 21:41:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:192][Doss:9] D:\DOCUME~1\Quentin\LOCALS~1\Temp
/!\ [Fich:76][Doss:0] D:\DOCUME~1\Quentin\Cookies
/!\ [Fich:3120][Doss:4] D:\DOCUME~1\Quentin\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 21:41:39,40 ]----------------------
PS: il vient (Avast) de me trouver un nouveau trojen mais je me demende s'il les supprime vraiment -_-")
Re,
Relance Lop S&D
Choisis cette fois ci l'Option 2 (Suppression)
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
&
Reposte un rapport Hijackthis.
Relance Lop S&D
(Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
&
Reposte un rapport Hijackthis.
-----------------------------[ Lop S&D 2.3.7 ]---------------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Quentin ] [ "D:\Program Files\Lop SD" ]
[ 23/02/2008 | 12:32:52,31 ] [ PC : 1E95982CE37 ]
[ MAJ : 21-02-2008 | 22:45 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - D:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - D:\WINDOWS\Tasks\AE829F22918512CE.job
Supprimé! - D:\Program Files\Circle Developement
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[21/02/2008|21:26] D:\DOCUME~1\ADMINI~1\APPLIC~1\.
[21/02/2008|21:26] D:\DOCUME~1\ADMINI~1\APPLIC~1\..
[21/02/2008|21:27] D:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[05/11/2007|12:51] D:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[21/02/2008|21:27] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[05/01/2008|13:11] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[21/02/2008|21:26] D:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[21/02/2008|21:26] D:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[05/01/2008|17:23] D:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[05/01/2008|17:36] D:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR
[21/02/2008|20:22] D:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[21/02/2008|20:22] D:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[05/11/2007|21:05] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/12/2007|16:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[17/11/2007|15:05] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[17/11/2007|22:01] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/11/2007|18:07] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[05/11/2007|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Dell
[05/11/2007|12:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[10/11/2007|15:08] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[22/11/2007|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[10/12/2007|21:26] D:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[22/02/2008|20:40] D:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[26/01/2008|15:22] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[01/12/2007|19:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[05/11/2007|19:13] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/12/2007|19:13] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[14/11/2007|12:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[16/02/2008|23:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop
[05/11/2007|16:27] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[24/11/2007|13:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[05/11/2007|16:44] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[21/02/2008|21:09] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/11/2007|20:35] D:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[20/11/2007|20:35] D:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[20/11/2007|20:35] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[05/11/2007|12:51] D:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[05/11/2007|12:00] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/11/2007|12:02] D:\DOCUME~1\LOCALS~1\APPLIC~1\.
[05/11/2007|12:02] D:\DOCUME~1\LOCALS~1\APPLIC~1\..
[05/11/2007|12:00] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[05/11/2007|12:02] D:\DOCUME~1\NETWOR~1\APPLIC~1\.
[05/11/2007|12:02] D:\DOCUME~1\NETWOR~1\APPLIC~1\..
[05/11/2007|12:00] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[17/02/2008|23:27] D:\DOCUME~1\Quentin\APPLIC~1\.
[17/02/2008|23:27] D:\DOCUME~1\Quentin\APPLIC~1\..
[21/02/2008|23:42] D:\DOCUME~1\Quentin\APPLIC~1\Adobe
[17/11/2007|22:12] D:\DOCUME~1\Quentin\APPLIC~1\Apple Computer
[06/12/2007|19:08] D:\DOCUME~1\Quentin\APPLIC~1\Creative
[05/11/2007|18:07] D:\DOCUME~1\Quentin\APPLIC~1\CyberLink
[26/01/2008|13:42] D:\DOCUME~1\Quentin\APPLIC~1\DAEMON Tools
[05/11/2007|12:51] D:\DOCUME~1\Quentin\APPLIC~1\desktop.ini
[17/11/2007|20:44] D:\DOCUME~1\Quentin\APPLIC~1\Google
[22/11/2007|17:52] D:\DOCUME~1\Quentin\APPLIC~1\Grisoft
[05/11/2007|12:03] D:\DOCUME~1\Quentin\APPLIC~1\Identities
[05/11/2007|12:10] D:\DOCUME~1\Quentin\APPLIC~1\InstallShield
[07/11/2007|14:49] D:\DOCUME~1\Quentin\APPLIC~1\LimeWire
[05/11/2007|17:47] D:\DOCUME~1\Quentin\APPLIC~1\Macromedia
[05/11/2007|18:09] D:\DOCUME~1\Quentin\APPLIC~1\Media Player Classic
[09/12/2007|14:16] D:\DOCUME~1\Quentin\APPLIC~1\Microsoft
[05/11/2007|17:56] D:\DOCUME~1\Quentin\APPLIC~1\Mozilla
[14/11/2007|12:47] D:\DOCUME~1\Quentin\APPLIC~1\Nero
[26/12/2007|19:36] D:\DOCUME~1\Quentin\APPLIC~1\Samsung
[17/02/2008|13:08] D:\DOCUME~1\Quentin\APPLIC~1\Save bat bags
[10/11/2007|22:28] D:\DOCUME~1\Quentin\APPLIC~1\Sun
[05/11/2007|16:44] D:\DOCUME~1\Quentin\APPLIC~1\vlc
[05/11/2007|15:04] D:\DOCUME~1\Quentin\APPLIC~1\WinRAR
----------------[ Tâches planifiées dans D:\WINDOWS\tasks ]---------------
[09/02/2008 21:41][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[22/02/2008 16:24][--ah-----] D:\WINDOWS\tasks\SA.DAT [--6--]
[05/08/2004 11:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini [--65--]
---------------[ Listing des dossiers dans D:\Program Files ]--------------
[23/02/2008|12:33] D:\Program Files\.
[23/02/2008|12:33] D:\Program Files\..
[24/12/2007|17:21] D:\Program Files\Adobe
[26/01/2008|15:11] D:\Program Files\AdVantage
[22/11/2007|17:36] D:\Program Files\Alwil Software
[17/11/2007|15:05] D:\Program Files\Apple Software Update
[06/01/2008|20:28] D:\Program Files\CCleaner
[05/11/2007|11:57] D:\Program Files\ComPlus Applications
[06/12/2007|19:09] D:\Program Files\Creative
[07/02/2008|19:43] D:\Program Files\CyberLink
[26/01/2008|13:44] D:\Program Files\DAEMON Tools Lite
[05/11/2007|12:07] D:\Program Files\Dell
[05/11/2007|12:11] D:\Program Files\Digital Line Detect
[05/01/2008|12:54] D:\Program Files\DivX
[13/02/2008|13:35] D:\Program Files\EA GAMES
[07/11/2007|15:08] D:\Program Files\eMule
[21/02/2008|20:22] D:\Program Files\Fichiers communs
[10/11/2007|15:08] D:\Program Files\Google
[22/11/2007|17:52] D:\Program Files\Grisoft
[10/12/2007|21:26] D:\Program Files\Hewlett-Packard
[07/02/2008|19:43] D:\Program Files\InstallShield Installation Information
[05/11/2007|13:38] D:\Program Files\Intel
[11/12/2007|20:48] D:\Program Files\Internet Explorer
[19/01/2008|23:56] D:\Program Files\iPod
[19/01/2008|23:56] D:\Program Files\iTunes
[03/02/2008|21:04] D:\Program Files\Java
[05/11/2007|17:26] D:\Program Files\K-Lite Codec Pack
[05/11/2007|16:26] D:\Program Files\Lavasoft
[23/02/2008|12:33] D:\Program Files\Lop SD
[05/11/2007|17:08] D:\Program Files\Messenger
[17/12/2007|20:19] D:\Program Files\Messenger Plus! Live
[06/11/2007|03:01] D:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/11/2007|12:00] D:\Program Files\microsoft frontpage
[05/11/2007|19:14] D:\Program Files\Microsoft Office
[05/11/2007|19:14] D:\Program Files\Microsoft Visual Studio
[05/11/2007|19:14] D:\Program Files\Microsoft Works
[05/11/2007|11:58] D:\Program Files\Movie Maker
[23/02/2008|11:50] D:\Program Files\Mozilla Firefox
[05/11/2007|19:14] D:\Program Files\MSBuild
[21/02/2008|21:26] D:\Program Files\MSN
[05/11/2007|11:57] D:\Program Files\MSN Gaming Zone
[17/12/2007|20:19] D:\Program Files\MSN Messenger
[06/11/2007|03:01] D:\Program Files\MSXML 4.0
[22/12/2007|12:19] D:\Program Files\Navilog1
[14/11/2007|12:45] D:\Program Files\Nero
[05/11/2007|11:58] D:\Program Files\NetMeeting
[05/11/2007|12:12] D:\Program Files\NetWaiting
[28/12/2007|14:39] D:\Program Files\NovaLogic
[05/11/2007|11:57] D:\Program Files\Online Services
[05/11/2007|12:12] D:\Program Files\Outil de diagnostic de modem
[05/11/2007|17:07] D:\Program Files\Outlook Express
[19/01/2008|23:55] D:\Program Files\QuickTime
[02/12/2007|16:37] D:\Program Files\Realtek
[25/12/2007|20:50] D:\Program Files\Samsung
[16/02/2008|23:39] D:\Program Files\Save bat bags
[05/11/2007|11:59] D:\Program Files\Services en ligne
[20/02/2008|14:36] D:\Program Files\Shareaza Applications
[06/12/2007|19:08] D:\Program Files\SightSpeed
[05/11/2007|16:24] D:\Program Files\Spybot - Search & Destroy
[21/02/2008|20:20] D:\Program Files\Trend Micro
[05/11/2007|12:03] D:\Program Files\Uninstall Information
[05/11/2007|16:41] D:\Program Files\VideoLAN
[21/02/2008|20:22] D:\Program Files\Windows Live
[05/11/2007|16:45] D:\Program Files\Windows Media Connect 2
[05/11/2007|17:07] D:\Program Files\Windows Media Player
[05/11/2007|11:57] D:\Program Files\Windows NT
[05/11/2007|11:59] D:\Program Files\WindowsUpdate
[05/11/2007|15:04] D:\Program Files\WinRAR
[05/11/2007|12:00] D:\Program Files\xerox
[07/01/2008|21:39] D:\Program Files\Yahoo!
------[ Listing des dossiers dans D:\Program Files\Fichiers communs ]------
[21/02/2008|20:22] D:\Program Files\Fichiers communs\.
[21/02/2008|20:22] D:\Program Files\Fichiers communs\..
[24/12/2007|17:21] D:\Program Files\Fichiers communs\Adobe
[05/11/2007|21:05] D:\Program Files\Fichiers communs\Adobe Systems Shared
[17/11/2007|21:59] D:\Program Files\Fichiers communs\Apple
[05/11/2007|19:14] D:\Program Files\Fichiers communs\DESIGNER
[10/12/2007|21:22] D:\Program Files\Fichiers communs\Hewlett-Packard
[05/11/2007|14:07] D:\Program Files\Fichiers communs\InstallShield
[03/02/2008|20:56] D:\Program Files\Fichiers communs\Java
[05/11/2007|19:14] D:\Program Files\Fichiers communs\Microsoft Shared
[05/11/2007|11:58] D:\Program Files\Fichiers communs\MSSoap
[14/11/2007|12:47] D:\Program Files\Fichiers communs\Nero
[05/11/2007|12:52] D:\Program Files\Fichiers communs\ODBC
[05/11/2007|11:58] D:\Program Files\Fichiers communs\Services
[05/11/2007|12:52] D:\Program Files\Fichiers communs\SpeechEngines
[24/11/2007|16:30] D:\Program Files\Fichiers communs\Symantec Shared
[05/11/2007|19:11] D:\Program Files\Fichiers communs\System
[21/02/2008|20:25] D:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/11/2007|16:25] D:\Program Files\Fichiers communs\Wise Installation Wizard
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-23 12:33:36
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:191][Doss:10] D:\DOCUME~1\Quentin\LOCALS~1\Temp
/!\ [Fich:76][Doss:0] D:\DOCUME~1\Quentin\Cookies
/!\ [Fich:3127][Doss:4] D:\DOCUME~1\Quentin\LOCALS~1\TEMPOR~1\content.IE5
PS: il m'a encore trouvrer un trojen T_T il doit pas les supprimer
--------------------[ Fin du rapport a 12:33:44,37 ]----------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:37:30, on 23/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RunDLL32.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
D:\Program Files\Creative\Shared Files\CamTray.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\osk.exe
D:\WINDOWS\system32\MSSWCHX.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PDVDDXSrv] "D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdVantage Setup] D:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "D:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Two Knob] D:\DOCUME~1\Quentin\APPLIC~1\SAVEBA~1\purewmainter.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = D:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
--
End of file - 10059 bytes
Scan saved at 12:37:30, on 23/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RunDLL32.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
D:\Program Files\Creative\Shared Files\CamTray.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\osk.exe
D:\WINDOWS\system32\MSSWCHX.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PDVDDXSrv] "D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdVantage Setup] D:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "D:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Two Knob] D:\DOCUME~1\Quentin\APPLIC~1\SAVEBA~1\purewmainter.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = D:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
--
End of file - 10059 bytes
Re,
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [Two Knob] D:\DOCUME~1\Quentin\APPLIC~1\SAVEBA~1\purewmainter.exe
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [Two Knob] D:\DOCUME~1\Quentin\APPLIC~1\SAVEBA~1\purewmainter.exe
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop
D:\DOCUME~1\Quentin\APPLIC~1\Save bat bags
D:\Program Files\Save bat bags
D:\DOCUME~1\Quentin\APPLIC~1\Save bat bags
D:\Program Files\Save bat bags
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:06:33, on 02/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RunDLL32.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\WINDOWS\system32\WISPTIS.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Windows Media Player\wmplayer.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PDVDDXSrv] "D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [AdVantage Setup] D:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "D:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = D:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
--
End of file - 9520 bytes
Scan saved at 18:06:33, on 02/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RunDLL32.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\WINDOWS\system32\WISPTIS.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Windows Media Player\wmplayer.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PDVDDXSrv] "D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [AdVantage Setup] D:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "D:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = D:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
--
End of file - 9520 bytes
Apparemment ok ![:)]( ":)")
Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir
Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic
Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir
Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic
AntiVir PersonalEdition Classic
Report file date: samedi 8 mars 2008 22:04
Scanning for 1137479 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: 1E95982CE37
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 20:57:45
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 20:57:45
ANTIVIR3.VDF : 7.0.3.5 6144 Bytes 07/03/2008 20:57:45
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 08/03/2008 20:57:46
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 08/03/2008 20:57:46
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: samedi 8 mars 2008 22:04
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'wmplayer.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'hposts08.exe' - '1' Module(s) have been scanned
Scan process 'hpoevm08.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'hpotdd01.exe' - '1' Module(s) have been scanned
Scan process 'hpobnz08.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'PDVDDXSrv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
46 processes with 46 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '27' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\System Volume Information\_restore{2A8741B7-7350-412B-B896-A6C265A22C94}\RP35\A0003574.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was deleted!
C:\WINDOWS\ouou\Macromed\uyuyiyi\jghjghjhjhjh.exe
[WARNING] The file could not be opened!
Begin scan in 'D:\'
D:\pagefile.sys
[WARNING] The file could not be opened!
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MeMediaAdVantage8.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[INFO] The file was moved to '4820073b.qua'!
D:\Program Files\Lop SD\Backup-Lop\F\Uninstall.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5368
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP104\A0034089.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP104\A0034090.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP104\A0034091.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP109\A0037383.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5406
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP109\A0037385.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5358
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP111\A0040522.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP111\A0040549.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP111\A0040572.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP112\A0040581.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP112\A0040592.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP113\A0040789.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP113\A0040804.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP114\A0040811.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP114\A0040820.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP114\A0040968.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP115\A0040994.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP115\A0041009.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP115\A0042011.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP117\A0042069.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP117\A0042082.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP118\A0042094.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP118\A0042105.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP118\A0042113.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP118\A0042118.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP118\A0042127.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP119\A0042164.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP119\A0042185.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP120\A0042190.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP120\A0042203.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP121\A0042213.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP121\A0042657.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP122\A0042663.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP122\A0042686.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP123\A0042696.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP123\A0042705.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP123\A0042766.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP124\A0042782.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP124\A0042795.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP125\A0042808.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP125\A0042821.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP126\A0042836.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP126\A0042847.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP128\A0043164.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP128\A0043179.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP129\A0043196.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP129\A0043207.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP130\A0043213.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP130\A0043227.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP130\A0043250.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP131\A0043254.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP131\A0043284.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP132\A0043295.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP132\A0043314.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP133\A0043345.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP133\A0043356.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP135\A0043397.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP135\A0043408.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP135\A0043419.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP135\A0043432.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP135\A0043447.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP136\A0043460.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP136\A0043471.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP136\A0043493.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP137\A0043712.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP137\A0043751.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP137\A0043768.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP138\A0043823.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP138\A0043919.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP139\A0044921.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP139\A0045921.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP139\A0045952.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP140\A0045973.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP140\A0045984.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP140\A0046015.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP141\A0046027.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP141\A0046038.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP141\A0046061.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP142\A0046074.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP142\A0046097.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP142\A0046113.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP142\A0046121.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP142\A0046125.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP142\A0046126.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP151\A0046751.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5368
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP153\A0047165.com
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
D:\System Volume Information\_restore{2C057774-1265-4D71-8E52-A7280A41734A}\RP163\A0048819.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5368
[INFO] The file was deleted!
D:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
D:\_OTMoveIt\MovedFiles\02232008_182149\DOCUME~1\Quentin\APPLIC~1\Save bat bags\ectoknvh.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\_OTMoveIt\MovedFiles\02232008_182149\DOCUME~1\Quentin\APPLIC~1\Save bat bags\purewmainter.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
D:\_OTMoveIt\MovedFiles\02232008_182149\DOCUME~1\Quentin\APPLIC~1\Save bat bags\vgmpclgk.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5356
[INFO] The file was deleted!
D:\_OTMoveIt\MovedFiles\02232008_182149\DOCUME~1\Quentin\APPLIC~1\Save bat bags\zimatmqs.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
End of the scan: samedi 8 mars 2008 23:04
Used time: 59:29 min
The scan has been done completely.
7330 Scanning directories
234773 Files were scanned
92 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
92 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
234681 Files not concerned
1809 Archives were scanned
3 Warnings
0 Notes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:15:27, on 08/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RunDLL32.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Windows Media Player\wmplayer.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PDVDDXSrv] "D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [AdVantage Setup] D:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "D:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = D:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
--
End of file - 9722 bytes
Scan saved at 23:15:27, on 08/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RunDLL32.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Windows Media Player\wmplayer.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PDVDDXSrv] "D:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [AdVantage Setup] D:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "D:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = D:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
--
End of file - 9722 bytes
Il n'y a pas un moyen de le supprimer quand même?
Ouai ça marche pas ^^" mais je crois que j'ai trouver d'où vient le problème en fait mais avant pour pas t'embrouiller ,je voudrais te montrer le problème ! ^^ Tu pourrais pas me passer un lien d'un site qui héberge gratuitement des image pour que tu puisse voir le fond du problème tu comprendra mieux après ^^ oK?! ![:)]( ":)")
Lassé par la pub ? Créez un compte
- Contenus similaires :
- solutionsCompte invite empeche-t-il les virus
- ForumFormater son pc enleve-t-il les virus
- ForumVirus impossible a enlever win32 alureon-v t
- ForumY-a-t-il un risque de virus avec ares
- ForumDd externe a t-il un virus
- ForumHabbo zeldha a t-il des virus
- ForumPeu t on mettre deux anti virus
- solutionsExiste t-il des virus chez mac
- Voir plus
