pub intempsetives
Dernière réponse : dans Sécurité
Bonjour à tous!
Je suis nouveau sur le forum mais j'ai un soucis je vous demande de bien vouloir m'aider.
Depuis plusieurs jours j'ai des pub intempestives qui s'affichent des que je me connecte a internet, et peuvent appraitre toutes les minutes
j'ai deja lu d'autre demande de ce genre et je vous met mon rapport hijackthis
merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 13:56:37, on 07/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\JavaCore\JavaCore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MapEDC\MapEDC.exe
C:\Program Files\NoDNS\NoDNS.exe
C:\Program Files\nvcoi\nvcoi.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Documents and Settings\HP\Bureau\test.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\HP\LOCALS~1\Temp\winlogon.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Streams Drivers] C:\DOCUME~1\HP\LOCALS~1\Temp\winlogon.exe
O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [JavaCore] C:\Program Files\JavaCore\JavaCore.exe
O4 - HKCU\..\Run: [MapEDC] C:\Program Files\MapEDC\MapEDC.exe
O4 - HKCU\..\Run: [NoDNS] C:\Program Files\\NoDNS\\NoDNS.exe
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Je suis nouveau sur le forum mais j'ai un soucis je vous demande de bien vouloir m'aider.
Depuis plusieurs jours j'ai des pub intempestives qui s'affichent des que je me connecte a internet, et peuvent appraitre toutes les minutes
j'ai deja lu d'autre demande de ce genre et je vous met mon rapport hijackthis
merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 13:56:37, on 07/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\JavaCore\JavaCore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MapEDC\MapEDC.exe
C:\Program Files\NoDNS\NoDNS.exe
C:\Program Files\nvcoi\nvcoi.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Documents and Settings\HP\Bureau\test.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\HP\LOCALS~1\Temp\winlogon.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Streams Drivers] C:\DOCUME~1\HP\LOCALS~1\Temp\winlogon.exe
O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [JavaCore] C:\Program Files\JavaCore\JavaCore.exe
O4 - HKCU\..\Run: [MapEDC] C:\Program Files\MapEDC\MapEDC.exe
O4 - HKCU\..\Run: [NoDNS] C:\Program Files\\NoDNS\\NoDNS.exe
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Autres pages sur : pub intempsetives
Lassé par la pub ? Créez un compte
Bonjour,
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]
Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double clique sur combofix.exe afin de le lancer.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]
merci angeldark
mais desactiver mon antivirus n'est-il pas dangereux? dois je le reactiver?
voila le rapport combofix
ComboFix 08-04-06.1 - HP 2008-04-07 15:50:50.1 - NTFSx86
Endroit: C:\Documents and Settings\HP\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\HP\Application Data\WinTouch
C:\Documents and Settings\HP\Application Data\WinTouch\wintouch.cfg
C:\Program Files\JavaCore
C:\Program Files\JavaCore\JavaCore.exe
C:\Program Files\JavaCore\UnInstall.exe
C:\Program Files\MapEDC
C:\Program Files\MapEDC\IDE.stt
C:\Program Files\MapEDC\MapEDC.exe
C:\Program Files\NoDNS
C:\Program Files\NoDNS\NoDNS.exe
C:\Program Files\NoDNS\UnInstall.exe
C:\Program Files\Temporary
C:\WINDOWS\mrofinu1423.MSNFix
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-07 to 2008-04-07 ))))))))))))))))))))))))))))))))))))
.
2008-04-07 13:57 . 2008-04-07 13:57 <REP> d-------- C:\Program Files\Navilog1
2008-04-01 21:37 . 2008-04-01 21:37 <REP> d-------- C:\Program Files\NounLinkMove
2008-04-01 21:37 . 2008-04-01 21:38 <REP> d-------- C:\Documents and Settings\HP\Application Data\NounLinkMove
2008-04-01 21:37 . 2008-04-01 21:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Win knob owns four
2008-04-01 21:36 . 2008-04-01 21:36 <REP> d-------- C:\Program Files\Circle Developement
2008-03-14 10:26 . 2008-03-14 10:26 <REP> d-------- C:\Program Files\Lavasoft
2008-03-13 20:19 . 2008-04-07 15:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-11 14:35 . 2008-03-12 20:40 <REP> d-------- C:\Program Files\nvcoi
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-07 08:28 --------- d-----w C:\Program Files\Personal Media Manager
2008-04-02 20:24 --------- d-----w C:\Program Files\Lx_cats
2008-04-01 19:36 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-29 20:55 --------- d-----w C:\Program Files\eMule
2008-03-14 21:56 --------- d-----w C:\Documents and Settings\HP\Application Data\U3
2008-02-26 22:28 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-26 21:54 --------- d-----w C:\Program Files\BitComet
2008-02-26 19:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-02-26 17:35 --------- d-----w C:\Program Files\Windows Live
2008-02-26 17:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-25 21:53 9,296 ----a-w C:\WINDOWS\system32\wmbjxu.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-30 18:30 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [ ]
"nvcoi"="C:\Program Files\nvcoi\nvcoi.exe" [2008-03-11 14:35 57344]
"Bird online"="C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe" [2008-04-01 21:37 467456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 14:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-07-15 21:09 110592]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-07-15 21:08 618496]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-03-12 23:57 3067904]
"nwiz"="nwiz.exe" [2004-03-12 23:57 753664 C:\WINDOWS\system32\nwiz.exe]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-03-18 09:18 204862]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2003-11-18 08:31 241664]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03 75128]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 07:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 15:42 267064]
"LXCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 15:44 73728]
"lxccmon.exe"="C:\Program Files\Lexmark 3300 Series\lxccmon.exe" [2005-07-21 02:16 192512]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 11:36 299008]
"Owns Four Jugs Htm"="C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe" [2008-04-07 15:48 2093568]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Personal Media Manager\\PMMedia.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\DivX\\VeohClient.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27350:TCP"= 27350:TCP:BitComet 27350 TCP
"27350:UDP"= 27350:UDP:BitComet 27350 UDP
R3 EMCR;EMCR;C:\WINDOWS\system32\DRIVERS\EMCR7SK.sys [2003-08-15 17:10]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1493d3e6-818e-11dc-ac82-00904b922625}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ee4d8ee-e480-11dc-acf0-00c09f479d79}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33632c5a-dc64-11dc-acec-00c09f479d79}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-07 13:00:03 C:\WINDOWS\Tasks\AA98862F91D7024B.job"
- c:\docume~1\hp\applic~1\nounli~1\Title drive anti.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-07 15:54:04
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????3?8?8?-??????? ?|?B???????????????B? ??????
LXCCCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-07 15:55:39
ComboFix-quarantined-files.txt 2008-04-07 13:55:30
Pre-Run: 39,931,736,064 octets libres
Post-Run: 39,925,121,024 octets libres
.
2008-03-19 22:34:50 --- E O F ---
mais desactiver mon antivirus n'est-il pas dangereux? dois je le reactiver?
voila le rapport combofix
ComboFix 08-04-06.1 - HP 2008-04-07 15:50:50.1 - NTFSx86
Endroit: C:\Documents and Settings\HP\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\HP\Application Data\WinTouch
C:\Documents and Settings\HP\Application Data\WinTouch\wintouch.cfg
C:\Program Files\JavaCore
C:\Program Files\JavaCore\JavaCore.exe
C:\Program Files\JavaCore\UnInstall.exe
C:\Program Files\MapEDC
C:\Program Files\MapEDC\IDE.stt
C:\Program Files\MapEDC\MapEDC.exe
C:\Program Files\NoDNS
C:\Program Files\NoDNS\NoDNS.exe
C:\Program Files\NoDNS\UnInstall.exe
C:\Program Files\Temporary
C:\WINDOWS\mrofinu1423.MSNFix
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-07 to 2008-04-07 ))))))))))))))))))))))))))))))))))))
.
2008-04-07 13:57 . 2008-04-07 13:57 <REP> d-------- C:\Program Files\Navilog1
2008-04-01 21:37 . 2008-04-01 21:37 <REP> d-------- C:\Program Files\NounLinkMove
2008-04-01 21:37 . 2008-04-01 21:38 <REP> d-------- C:\Documents and Settings\HP\Application Data\NounLinkMove
2008-04-01 21:37 . 2008-04-01 21:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Win knob owns four
2008-04-01 21:36 . 2008-04-01 21:36 <REP> d-------- C:\Program Files\Circle Developement
2008-03-14 10:26 . 2008-03-14 10:26 <REP> d-------- C:\Program Files\Lavasoft
2008-03-13 20:19 . 2008-04-07 15:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-11 14:35 . 2008-03-12 20:40 <REP> d-------- C:\Program Files\nvcoi
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-07 08:28 --------- d-----w C:\Program Files\Personal Media Manager
2008-04-02 20:24 --------- d-----w C:\Program Files\Lx_cats
2008-04-01 19:36 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-29 20:55 --------- d-----w C:\Program Files\eMule
2008-03-14 21:56 --------- d-----w C:\Documents and Settings\HP\Application Data\U3
2008-02-26 22:28 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-26 21:54 --------- d-----w C:\Program Files\BitComet
2008-02-26 19:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-02-26 17:35 --------- d-----w C:\Program Files\Windows Live
2008-02-26 17:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-25 21:53 9,296 ----a-w C:\WINDOWS\system32\wmbjxu.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-30 18:30 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [ ]
"nvcoi"="C:\Program Files\nvcoi\nvcoi.exe" [2008-03-11 14:35 57344]
"Bird online"="C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe" [2008-04-01 21:37 467456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 14:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-07-15 21:09 110592]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-07-15 21:08 618496]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-03-12 23:57 3067904]
"nwiz"="nwiz.exe" [2004-03-12 23:57 753664 C:\WINDOWS\system32\nwiz.exe]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-03-18 09:18 204862]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2003-11-18 08:31 241664]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03 75128]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 07:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 15:42 267064]
"LXCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 15:44 73728]
"lxccmon.exe"="C:\Program Files\Lexmark 3300 Series\lxccmon.exe" [2005-07-21 02:16 192512]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 11:36 299008]
"Owns Four Jugs Htm"="C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe" [2008-04-07 15:48 2093568]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Personal Media Manager\\PMMedia.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\DivX\\VeohClient.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27350:TCP"= 27350:TCP:BitComet 27350 TCP
"27350:UDP"= 27350:UDP:BitComet 27350 UDP
R3 EMCR;EMCR;C:\WINDOWS\system32\DRIVERS\EMCR7SK.sys [2003-08-15 17:10]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1493d3e6-818e-11dc-ac82-00904b922625}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ee4d8ee-e480-11dc-acf0-00c09f479d79}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33632c5a-dc64-11dc-acec-00c09f479d79}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-07 13:00:03 C:\WINDOWS\Tasks\AA98862F91D7024B.job"
- c:\docume~1\hp\applic~1\nounli~1\Title drive anti.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-07 15:54:04
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????3?8?8?-??????? ?|?B???????????????B? ??????
LXCCCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-07 15:55:39
ComboFix-quarantined-files.txt 2008-04-07 13:55:30
Pre-Run: 39,931,736,064 octets libres
Post-Run: 39,925,121,024 octets libres
.
2008-03-19 22:34:50 --- E O F ---
Re,
Télécharge Lop S&D.exe sur ton Bureau.
Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
Patiente jusqu'à la fin du scan
Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Télécharge Lop S&D.exe sur ton Bureau.
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
-----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP ] [ "C:\Lop SD" ]
[ 07/04/2008 | 18:58:26,92 ] [ PC : HP-066A0A8D1E56 ]
[ MAJ : 06-04-2008 | 11:07 ]
-------------[ Listing des dossiers dans Application Data ]------------
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[28/08/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[03/10/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[29/10/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[29/10/2007|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[20/08/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[08/11/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
[27/08/2007|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/04/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/02/2008|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[09/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/10/2007|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
[04/10/2007|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26/02/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/02/2008|00:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\.
[07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\..
[28/08/2007|20:42] C:\DOCUME~1\HP\APPLIC~1\Adobe
[03/10/2007|19:32] C:\DOCUME~1\HP\APPLIC~1\Ahead
[03/11/2007|19:27] C:\DOCUME~1\HP\APPLIC~1\Apple Computer
[18/09/2007|22:29] C:\DOCUME~1\HP\APPLIC~1\BSplayer
[18/09/2007|22:24] C:\DOCUME~1\HP\APPLIC~1\BSplayer Pro
[20/08/2007|10:47] C:\DOCUME~1\HP\APPLIC~1\desktop.ini
[09/11/2007|06:26] C:\DOCUME~1\HP\APPLIC~1\FaxCtr
[27/08/2007|09:45] C:\DOCUME~1\HP\APPLIC~1\Google
[20/08/2007|08:07] C:\DOCUME~1\HP\APPLIC~1\Identities
[25/08/2007|18:10] C:\DOCUME~1\HP\APPLIC~1\Macromedia
[27/02/2008|00:29] C:\DOCUME~1\HP\APPLIC~1\Microsoft
[04/10/2007|10:01] C:\DOCUME~1\HP\APPLIC~1\Nero
[01/04/2008|21:38] C:\DOCUME~1\HP\APPLIC~1\NounLinkMove
[20/08/2007|08:30] C:\DOCUME~1\HP\APPLIC~1\Sonic
[14/03/2008|23:56] C:\DOCUME~1\HP\APPLIC~1\U3
[30/08/2007|08:54] C:\DOCUME~1\HP\APPLIC~1\vlc
[18/09/2007|22:21] C:\DOCUME~1\HP\APPLIC~1\WinRAR
[20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[04/10/2007|22:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[20/03/2008|00:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[07/04/2008 18:00][--ah-----] C:\WINDOWS\tasks\AA98862F91D7024B.job
[07/04/2008 15:59][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[07/04/2008|15:51] C:\Program Files\.
[07/04/2008|15:51] C:\Program Files\..
[21/01/2008|21:39] C:\Program Files\Abbyy FineReader 6.0 Sprint
[28/08/2007|20:15] C:\Program Files\Adobe
[01/09/2007|13:19] C:\Program Files\Alwil Software
[29/10/2007|22:24] C:\Program Files\Apple Software Update
[26/02/2008|23:54] C:\Program Files\BitComet
[01/04/2008|21:36] C:\Program Files\Circle Developement
[20/08/2007|07:59] C:\Program Files\ComPlus Applications
[20/08/2007|08:15] C:\Program Files\CONEXANT
[20/01/2008|15:42] C:\Program Files\DivX
[29/03/2008|22:55] C:\Program Files\eMule
[07/04/2008|15:45] C:\Program Files\Fichiers communs
[27/08/2007|09:44] C:\Program Files\Google
[20/08/2007|08:29] C:\Program Files\HPQ
[17/11/2007|10:54] C:\Program Files\InstallShield Installation Information
[20/08/2007|08:11] C:\Program Files\Intel
[27/02/2008|00:32] C:\Program Files\Internet Explorer
[29/10/2007|22:26] C:\Program Files\iPod
[29/10/2007|22:26] C:\Program Files\iTunes
[19/01/2008|20:37] C:\Program Files\iVideoMAX
[14/03/2008|10:26] C:\Program Files\Lavasoft
[09/11/2007|06:25] C:\Program Files\Lexmark 3300 Series
[08/11/2007|20:03] C:\Program Files\Lexmark Fax Solutions
[02/04/2008|22:24] C:\Program Files\Lx_cats
[26/08/2007|10:50] C:\Program Files\Messenger
[01/04/2008|21:36] C:\Program Files\Messenger Plus! Live
[20/08/2007|08:02] C:\Program Files\microsoft frontpage
[28/08/2007|21:02] C:\Program Files\Microsoft Office
[28/08/2007|21:00] C:\Program Files\Microsoft.NET
[20/08/2007|08:00] C:\Program Files\Movie Maker
[20/08/2007|07:57] C:\Program Files\MSN
[20/08/2007|07:58] C:\Program Files\MSN Gaming Zone
[27/02/2008|00:28] C:\Program Files\MSXML 4.0
[07/04/2008|13:57] C:\Program Files\Navilog1
[04/10/2007|09:57] C:\Program Files\nero
[20/08/2007|08:00] C:\Program Files\NetMeeting
[01/04/2008|21:37] C:\Program Files\NounLinkMove
[12/03/2008|20:40] C:\Program Files\nvcoi
[20/08/2007|07:58] C:\Program Files\Online Services
[26/08/2007|10:49] C:\Program Files\Outlook Express
[07/04/2008|10:28] C:\Program Files\Personal Media Manager
[29/10/2007|22:26] C:\Program Files\QuickTime
[20/08/2007|08:30] C:\Program Files\RecordNow!
[20/08/2007|08:01] C:\Program Files\Services en ligne
[20/08/2007|08:30] C:\Program Files\Sonic
[20/08/2007|08:16] C:\Program Files\Synaptics
[20/08/2007|08:07] C:\Program Files\Uninstall Information
[28/08/2007|20:46] C:\Program Files\VideoLAN
[18/09/2007|22:29] C:\Program Files\Webteh
[26/02/2008|19:35] C:\Program Files\Windows Live
[04/10/2007|12:10] C:\Program Files\Windows Media Connect 2
[04/10/2007|12:10] C:\Program Files\Windows Media Player
[20/08/2007|07:58] C:\Program Files\Windows NT
[20/08/2007|08:01] C:\Program Files\WindowsUpdate
[28/08/2007|20:46] C:\Program Files\WinRAR
[20/08/2007|08:02] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[07/04/2008|15:45] C:\Program Files\Fichiers communs\.
[07/04/2008|15:45] C:\Program Files\Fichiers communs\..
[28/08/2007|20:15] C:\Program Files\Fichiers communs\Adobe
[29/10/2007|22:24] C:\Program Files\Fichiers communs\Apple
[28/08/2007|21:02] C:\Program Files\Fichiers communs\DESIGNER
[20/08/2007|08:18] C:\Program Files\Fichiers communs\InstallShield
[09/12/2007|11:46] C:\Program Files\Fichiers communs\Microsoft Shared
[20/08/2007|08:00] C:\Program Files\Fichiers communs\MSSoap
[04/10/2007|09:59] C:\Program Files\Fichiers communs\Nero
[20/08/2007|10:49] C:\Program Files\Fichiers communs\ODBC
[20/08/2007|08:00] C:\Program Files\Fichiers communs\Services
[20/08/2007|08:30] C:\Program Files\Fichiers communs\Sonic
[20/08/2007|10:49] C:\Program Files\Fichiers communs\SpeechEngines
[20/08/2007|08:30] C:\Program Files\Fichiers communs\SureThing Shared
[28/08/2007|21:02] C:\Program Files\Fichiers communs\System
[09/12/2007|11:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\AA98862F91D7024B.job
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 72 ( 70 ## added by CiD )
/!\ 1 Not 127.0.0.1 !!
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-07 18:59:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:11][Doss:6] C:\DOCUME~1\HP\LOCALS~1\Temp
/!\ [Fich:253][Doss:0] C:\DOCUME~1\HP\Cookies
/!\ [Fich:1192][Doss:20] C:\DOCUME~1\HP\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 19:00:07,64 ]----------------------
-----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP ] [ "C:\Lop SD" ]
[ 07/04/2008 | 19:38:00,60 ] [ PC : HP-066A0A8D1E56 ]
[ MAJ : 06-04-2008 | 11:07 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Tasks\AA98862F91D7024B.job
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[28/08/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[03/10/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[29/10/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[29/10/2007|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[20/08/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[08/11/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
[27/08/2007|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/04/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/02/2008|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[09/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/10/2007|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
[04/10/2007|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26/02/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/02/2008|00:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\.
[07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\..
[28/08/2007|20:42] C:\DOCUME~1\HP\APPLIC~1\Adobe
[03/10/2007|19:32] C:\DOCUME~1\HP\APPLIC~1\Ahead
[03/11/2007|19:27] C:\DOCUME~1\HP\APPLIC~1\Apple Computer
[18/09/2007|22:29] C:\DOCUME~1\HP\APPLIC~1\BSplayer
[18/09/2007|22:24] C:\DOCUME~1\HP\APPLIC~1\BSplayer Pro
[20/08/2007|10:47] C:\DOCUME~1\HP\APPLIC~1\desktop.ini
[09/11/2007|06:26] C:\DOCUME~1\HP\APPLIC~1\FaxCtr
[27/08/2007|09:45] C:\DOCUME~1\HP\APPLIC~1\Google
[20/08/2007|08:07] C:\DOCUME~1\HP\APPLIC~1\Identities
[25/08/2007|18:10] C:\DOCUME~1\HP\APPLIC~1\Macromedia
[27/02/2008|00:29] C:\DOCUME~1\HP\APPLIC~1\Microsoft
[04/10/2007|10:01] C:\DOCUME~1\HP\APPLIC~1\Nero
[01/04/2008|21:38] C:\DOCUME~1\HP\APPLIC~1\NounLinkMove
[20/08/2007|08:30] C:\DOCUME~1\HP\APPLIC~1\Sonic
[14/03/2008|23:56] C:\DOCUME~1\HP\APPLIC~1\U3
[30/08/2007|08:54] C:\DOCUME~1\HP\APPLIC~1\vlc
[18/09/2007|22:21] C:\DOCUME~1\HP\APPLIC~1\WinRAR
[20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[04/10/2007|22:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[20/03/2008|00:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[07/04/2008 15:59][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[07/04/2008|19:38] C:\Program Files\.
[07/04/2008|19:38] C:\Program Files\..
[21/01/2008|21:39] C:\Program Files\Abbyy FineReader 6.0 Sprint
[28/08/2007|20:15] C:\Program Files\Adobe
[01/09/2007|13:19] C:\Program Files\Alwil Software
[29/10/2007|22:24] C:\Program Files\Apple Software Update
[26/02/2008|23:54] C:\Program Files\BitComet
[20/08/2007|07:59] C:\Program Files\ComPlus Applications
[20/08/2007|08:15] C:\Program Files\CONEXANT
[20/01/2008|15:42] C:\Program Files\DivX
[29/03/2008|22:55] C:\Program Files\eMule
[07/04/2008|15:45] C:\Program Files\Fichiers communs
[27/08/2007|09:44] C:\Program Files\Google
[20/08/2007|08:29] C:\Program Files\HPQ
[17/11/2007|10:54] C:\Program Files\InstallShield Installation Information
[20/08/2007|08:11] C:\Program Files\Intel
[27/02/2008|00:32] C:\Program Files\Internet Explorer
[29/10/2007|22:26] C:\Program Files\iPod
[29/10/2007|22:26] C:\Program Files\iTunes
[19/01/2008|20:37] C:\Program Files\iVideoMAX
[14/03/2008|10:26] C:\Program Files\Lavasoft
[09/11/2007|06:25] C:\Program Files\Lexmark 3300 Series
[08/11/2007|20:03] C:\Program Files\Lexmark Fax Solutions
[07/04/2008|19:36] C:\Program Files\Lx_cats
[26/08/2007|10:50] C:\Program Files\Messenger
[01/04/2008|21:36] C:\Program Files\Messenger Plus! Live
[20/08/2007|08:02] C:\Program Files\microsoft frontpage
[28/08/2007|21:02] C:\Program Files\Microsoft Office
[28/08/2007|21:00] C:\Program Files\Microsoft.NET
[20/08/2007|08:00] C:\Program Files\Movie Maker
[20/08/2007|07:57] C:\Program Files\MSN
[20/08/2007|07:58] C:\Program Files\MSN Gaming Zone
[27/02/2008|00:28] C:\Program Files\MSXML 4.0
[07/04/2008|13:57] C:\Program Files\Navilog1
[04/10/2007|09:57] C:\Program Files\nero
[20/08/2007|08:00] C:\Program Files\NetMeeting
[01/04/2008|21:37] C:\Program Files\NounLinkMove
[12/03/2008|20:40] C:\Program Files\nvcoi
[20/08/2007|07:58] C:\Program Files\Online Services
[26/08/2007|10:49] C:\Program Files\Outlook Express
[07/04/2008|10:28] C:\Program Files\Personal Media Manager
[29/10/2007|22:26] C:\Program Files\QuickTime
[20/08/2007|08:30] C:\Program Files\RecordNow!
[20/08/2007|08:01] C:\Program Files\Services en ligne
[20/08/2007|08:30] C:\Program Files\Sonic
[20/08/2007|08:16] C:\Program Files\Synaptics
[20/08/2007|08:07] C:\Program Files\Uninstall Information
[28/08/2007|20:46] C:\Program Files\VideoLAN
[18/09/2007|22:29] C:\Program Files\Webteh
[26/02/2008|19:35] C:\Program Files\Windows Live
[04/10/2007|12:10] C:\Program Files\Windows Media Connect 2
[04/10/2007|12:10] C:\Program Files\Windows Media Player
[20/08/2007|07:58] C:\Program Files\Windows NT
[20/08/2007|08:01] C:\Program Files\WindowsUpdate
[28/08/2007|20:46] C:\Program Files\WinRAR
[20/08/2007|08:02] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[07/04/2008|15:45] C:\Program Files\Fichiers communs\.
[07/04/2008|15:45] C:\Program Files\Fichiers communs\..
[28/08/2007|20:15] C:\Program Files\Fichiers communs\Adobe
[29/10/2007|22:24] C:\Program Files\Fichiers communs\Apple
[28/08/2007|21:02] C:\Program Files\Fichiers communs\DESIGNER
[20/08/2007|08:18] C:\Program Files\Fichiers communs\InstallShield
[09/12/2007|11:46] C:\Program Files\Fichiers communs\Microsoft Shared
[20/08/2007|08:00] C:\Program Files\Fichiers communs\MSSoap
[04/10/2007|09:59] C:\Program Files\Fichiers communs\Nero
[20/08/2007|10:49] C:\Program Files\Fichiers communs\ODBC
[20/08/2007|08:00] C:\Program Files\Fichiers communs\Services
[20/08/2007|08:30] C:\Program Files\Fichiers communs\Sonic
[20/08/2007|10:49] C:\Program Files\Fichiers communs\SpeechEngines
[20/08/2007|08:30] C:\Program Files\Fichiers communs\SureThing Shared
[28/08/2007|21:02] C:\Program Files\Fichiers communs\System
[09/12/2007|11:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-07 19:38:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:19][Doss:6] C:\DOCUME~1\HP\LOCALS~1\Temp
/!\ [Fich:113][Doss:0] C:\DOCUME~1\HP\Cookies
/!\ [Fich:552][Doss:20] C:\DOCUME~1\HP\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 19:39:41,98 ]----------------------
a priori les fenetres intempestives ne son plus la a part une, juste apres le precedent rapport, merci pour tout ce que tu as fait en esperant que ce dernier rapport soit bon
-----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP ] [ "C:\Lop SD" ]
[ 07/04/2008 | 19:38:00,60 ] [ PC : HP-066A0A8D1E56 ]
[ MAJ : 06-04-2008 | 11:07 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Tasks\AA98862F91D7024B.job
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[28/08/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[03/10/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[29/10/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[29/10/2007|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[20/08/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[08/11/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
[27/08/2007|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/04/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/02/2008|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[09/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/10/2007|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
[04/10/2007|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26/02/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/02/2008|00:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\.
[07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\..
[28/08/2007|20:42] C:\DOCUME~1\HP\APPLIC~1\Adobe
[03/10/2007|19:32] C:\DOCUME~1\HP\APPLIC~1\Ahead
[03/11/2007|19:27] C:\DOCUME~1\HP\APPLIC~1\Apple Computer
[18/09/2007|22:29] C:\DOCUME~1\HP\APPLIC~1\BSplayer
[18/09/2007|22:24] C:\DOCUME~1\HP\APPLIC~1\BSplayer Pro
[20/08/2007|10:47] C:\DOCUME~1\HP\APPLIC~1\desktop.ini
[09/11/2007|06:26] C:\DOCUME~1\HP\APPLIC~1\FaxCtr
[27/08/2007|09:45] C:\DOCUME~1\HP\APPLIC~1\Google
[20/08/2007|08:07] C:\DOCUME~1\HP\APPLIC~1\Identities
[25/08/2007|18:10] C:\DOCUME~1\HP\APPLIC~1\Macromedia
[27/02/2008|00:29] C:\DOCUME~1\HP\APPLIC~1\Microsoft
[04/10/2007|10:01] C:\DOCUME~1\HP\APPLIC~1\Nero
[01/04/2008|21:38] C:\DOCUME~1\HP\APPLIC~1\NounLinkMove
[20/08/2007|08:30] C:\DOCUME~1\HP\APPLIC~1\Sonic
[14/03/2008|23:56] C:\DOCUME~1\HP\APPLIC~1\U3
[30/08/2007|08:54] C:\DOCUME~1\HP\APPLIC~1\vlc
[18/09/2007|22:21] C:\DOCUME~1\HP\APPLIC~1\WinRAR
[20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[04/10/2007|22:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[20/03/2008|00:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[07/04/2008 15:59][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[07/04/2008|19:38] C:\Program Files\.
[07/04/2008|19:38] C:\Program Files\..
[21/01/2008|21:39] C:\Program Files\Abbyy FineReader 6.0 Sprint
[28/08/2007|20:15] C:\Program Files\Adobe
[01/09/2007|13:19] C:\Program Files\Alwil Software
[29/10/2007|22:24] C:\Program Files\Apple Software Update
[26/02/2008|23:54] C:\Program Files\BitComet
[20/08/2007|07:59] C:\Program Files\ComPlus Applications
[20/08/2007|08:15] C:\Program Files\CONEXANT
[20/01/2008|15:42] C:\Program Files\DivX
[29/03/2008|22:55] C:\Program Files\eMule
[07/04/2008|15:45] C:\Program Files\Fichiers communs
[27/08/2007|09:44] C:\Program Files\Google
[20/08/2007|08:29] C:\Program Files\HPQ
[17/11/2007|10:54] C:\Program Files\InstallShield Installation Information
[20/08/2007|08:11] C:\Program Files\Intel
[27/02/2008|00:32] C:\Program Files\Internet Explorer
[29/10/2007|22:26] C:\Program Files\iPod
[29/10/2007|22:26] C:\Program Files\iTunes
[19/01/2008|20:37] C:\Program Files\iVideoMAX
[14/03/2008|10:26] C:\Program Files\Lavasoft
[09/11/2007|06:25] C:\Program Files\Lexmark 3300 Series
[08/11/2007|20:03] C:\Program Files\Lexmark Fax Solutions
[07/04/2008|19:36] C:\Program Files\Lx_cats
[26/08/2007|10:50] C:\Program Files\Messenger
[01/04/2008|21:36] C:\Program Files\Messenger Plus! Live
[20/08/2007|08:02] C:\Program Files\microsoft frontpage
[28/08/2007|21:02] C:\Program Files\Microsoft Office
[28/08/2007|21:00] C:\Program Files\Microsoft.NET
[20/08/2007|08:00] C:\Program Files\Movie Maker
[20/08/2007|07:57] C:\Program Files\MSN
[20/08/2007|07:58] C:\Program Files\MSN Gaming Zone
[27/02/2008|00:28] C:\Program Files\MSXML 4.0
[07/04/2008|13:57] C:\Program Files\Navilog1
[04/10/2007|09:57] C:\Program Files\nero
[20/08/2007|08:00] C:\Program Files\NetMeeting
[01/04/2008|21:37] C:\Program Files\NounLinkMove
[12/03/2008|20:40] C:\Program Files\nvcoi
[20/08/2007|07:58] C:\Program Files\Online Services
[26/08/2007|10:49] C:\Program Files\Outlook Express
[07/04/2008|10:28] C:\Program Files\Personal Media Manager
[29/10/2007|22:26] C:\Program Files\QuickTime
[20/08/2007|08:30] C:\Program Files\RecordNow!
[20/08/2007|08:01] C:\Program Files\Services en ligne
[20/08/2007|08:30] C:\Program Files\Sonic
[20/08/2007|08:16] C:\Program Files\Synaptics
[20/08/2007|08:07] C:\Program Files\Uninstall Information
[28/08/2007|20:46] C:\Program Files\VideoLAN
[18/09/2007|22:29] C:\Program Files\Webteh
[26/02/2008|19:35] C:\Program Files\Windows Live
[04/10/2007|12:10] C:\Program Files\Windows Media Connect 2
[04/10/2007|12:10] C:\Program Files\Windows Media Player
[20/08/2007|07:58] C:\Program Files\Windows NT
[20/08/2007|08:01] C:\Program Files\WindowsUpdate
[28/08/2007|20:46] C:\Program Files\WinRAR
[20/08/2007|08:02] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[07/04/2008|15:45] C:\Program Files\Fichiers communs\.
[07/04/2008|15:45] C:\Program Files\Fichiers communs\..
[28/08/2007|20:15] C:\Program Files\Fichiers communs\Adobe
[29/10/2007|22:24] C:\Program Files\Fichiers communs\Apple
[28/08/2007|21:02] C:\Program Files\Fichiers communs\DESIGNER
[20/08/2007|08:18] C:\Program Files\Fichiers communs\InstallShield
[09/12/2007|11:46] C:\Program Files\Fichiers communs\Microsoft Shared
[20/08/2007|08:00] C:\Program Files\Fichiers communs\MSSoap
[04/10/2007|09:59] C:\Program Files\Fichiers communs\Nero
[20/08/2007|10:49] C:\Program Files\Fichiers communs\ODBC
[20/08/2007|08:00] C:\Program Files\Fichiers communs\Services
[20/08/2007|08:30] C:\Program Files\Fichiers communs\Sonic
[20/08/2007|10:49] C:\Program Files\Fichiers communs\SpeechEngines
[20/08/2007|08:30] C:\Program Files\Fichiers communs\SureThing Shared
[28/08/2007|21:02] C:\Program Files\Fichiers communs\System
[09/12/2007|11:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-07 19:38:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:19][Doss:6] C:\DOCUME~1\HP\LOCALS~1\Temp
/!\ [Fich:113][Doss:0] C:\DOCUME~1\HP\Cookies
/!\ [Fich:552][Doss:20] C:\DOCUME~1\HP\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 19:39:41,98 ]----------------------
-----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP ] [ "C:\Lop SD" ]
[ 07/04/2008 | 19:38:00,60 ] [ PC : HP-066A0A8D1E56 ]
[ MAJ : 06-04-2008 | 11:07 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Tasks\AA98862F91D7024B.job
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[28/08/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[03/10/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[29/10/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[29/10/2007|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[20/08/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[08/11/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
[27/08/2007|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/04/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/02/2008|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[09/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/10/2007|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
[04/10/2007|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26/02/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/02/2008|00:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\.
[07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\..
[28/08/2007|20:42] C:\DOCUME~1\HP\APPLIC~1\Adobe
[03/10/2007|19:32] C:\DOCUME~1\HP\APPLIC~1\Ahead
[03/11/2007|19:27] C:\DOCUME~1\HP\APPLIC~1\Apple Computer
[18/09/2007|22:29] C:\DOCUME~1\HP\APPLIC~1\BSplayer
[18/09/2007|22:24] C:\DOCUME~1\HP\APPLIC~1\BSplayer Pro
[20/08/2007|10:47] C:\DOCUME~1\HP\APPLIC~1\desktop.ini
[09/11/2007|06:26] C:\DOCUME~1\HP\APPLIC~1\FaxCtr
[27/08/2007|09:45] C:\DOCUME~1\HP\APPLIC~1\Google
[20/08/2007|08:07] C:\DOCUME~1\HP\APPLIC~1\Identities
[25/08/2007|18:10] C:\DOCUME~1\HP\APPLIC~1\Macromedia
[27/02/2008|00:29] C:\DOCUME~1\HP\APPLIC~1\Microsoft
[04/10/2007|10:01] C:\DOCUME~1\HP\APPLIC~1\Nero
[01/04/2008|21:38] C:\DOCUME~1\HP\APPLIC~1\NounLinkMove
[20/08/2007|08:30] C:\DOCUME~1\HP\APPLIC~1\Sonic
[14/03/2008|23:56] C:\DOCUME~1\HP\APPLIC~1\U3
[30/08/2007|08:54] C:\DOCUME~1\HP\APPLIC~1\vlc
[18/09/2007|22:21] C:\DOCUME~1\HP\APPLIC~1\WinRAR
[20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[04/10/2007|22:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[20/03/2008|00:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[07/04/2008 15:59][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[07/04/2008|19:38] C:\Program Files\.
[07/04/2008|19:38] C:\Program Files\..
[21/01/2008|21:39] C:\Program Files\Abbyy FineReader 6.0 Sprint
[28/08/2007|20:15] C:\Program Files\Adobe
[01/09/2007|13:19] C:\Program Files\Alwil Software
[29/10/2007|22:24] C:\Program Files\Apple Software Update
[26/02/2008|23:54] C:\Program Files\BitComet
[20/08/2007|07:59] C:\Program Files\ComPlus Applications
[20/08/2007|08:15] C:\Program Files\CONEXANT
[20/01/2008|15:42] C:\Program Files\DivX
[29/03/2008|22:55] C:\Program Files\eMule
[07/04/2008|15:45] C:\Program Files\Fichiers communs
[27/08/2007|09:44] C:\Program Files\Google
[20/08/2007|08:29] C:\Program Files\HPQ
[17/11/2007|10:54] C:\Program Files\InstallShield Installation Information
[20/08/2007|08:11] C:\Program Files\Intel
[27/02/2008|00:32] C:\Program Files\Internet Explorer
[29/10/2007|22:26] C:\Program Files\iPod
[29/10/2007|22:26] C:\Program Files\iTunes
[19/01/2008|20:37] C:\Program Files\iVideoMAX
[14/03/2008|10:26] C:\Program Files\Lavasoft
[09/11/2007|06:25] C:\Program Files\Lexmark 3300 Series
[08/11/2007|20:03] C:\Program Files\Lexmark Fax Solutions
[07/04/2008|19:36] C:\Program Files\Lx_cats
[26/08/2007|10:50] C:\Program Files\Messenger
[01/04/2008|21:36] C:\Program Files\Messenger Plus! Live
[20/08/2007|08:02] C:\Program Files\microsoft frontpage
[28/08/2007|21:02] C:\Program Files\Microsoft Office
[28/08/2007|21:00] C:\Program Files\Microsoft.NET
[20/08/2007|08:00] C:\Program Files\Movie Maker
[20/08/2007|07:57] C:\Program Files\MSN
[20/08/2007|07:58] C:\Program Files\MSN Gaming Zone
[27/02/2008|00:28] C:\Program Files\MSXML 4.0
[07/04/2008|13:57] C:\Program Files\Navilog1
[04/10/2007|09:57] C:\Program Files\nero
[20/08/2007|08:00] C:\Program Files\NetMeeting
[01/04/2008|21:37] C:\Program Files\NounLinkMove
[12/03/2008|20:40] C:\Program Files\nvcoi
[20/08/2007|07:58] C:\Program Files\Online Services
[26/08/2007|10:49] C:\Program Files\Outlook Express
[07/04/2008|10:28] C:\Program Files\Personal Media Manager
[29/10/2007|22:26] C:\Program Files\QuickTime
[20/08/2007|08:30] C:\Program Files\RecordNow!
[20/08/2007|08:01] C:\Program Files\Services en ligne
[20/08/2007|08:30] C:\Program Files\Sonic
[20/08/2007|08:16] C:\Program Files\Synaptics
[20/08/2007|08:07] C:\Program Files\Uninstall Information
[28/08/2007|20:46] C:\Program Files\VideoLAN
[18/09/2007|22:29] C:\Program Files\Webteh
[26/02/2008|19:35] C:\Program Files\Windows Live
[04/10/2007|12:10] C:\Program Files\Windows Media Connect 2
[04/10/2007|12:10] C:\Program Files\Windows Media Player
[20/08/2007|07:58] C:\Program Files\Windows NT
[20/08/2007|08:01] C:\Program Files\WindowsUpdate
[28/08/2007|20:46] C:\Program Files\WinRAR
[20/08/2007|08:02] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[07/04/2008|15:45] C:\Program Files\Fichiers communs\.
[07/04/2008|15:45] C:\Program Files\Fichiers communs\..
[28/08/2007|20:15] C:\Program Files\Fichiers communs\Adobe
[29/10/2007|22:24] C:\Program Files\Fichiers communs\Apple
[28/08/2007|21:02] C:\Program Files\Fichiers communs\DESIGNER
[20/08/2007|08:18] C:\Program Files\Fichiers communs\InstallShield
[09/12/2007|11:46] C:\Program Files\Fichiers communs\Microsoft Shared
[20/08/2007|08:00] C:\Program Files\Fichiers communs\MSSoap
[04/10/2007|09:59] C:\Program Files\Fichiers communs\Nero
[20/08/2007|10:49] C:\Program Files\Fichiers communs\ODBC
[20/08/2007|08:00] C:\Program Files\Fichiers communs\Services
[20/08/2007|08:30] C:\Program Files\Fichiers communs\Sonic
[20/08/2007|10:49] C:\Program Files\Fichiers communs\SpeechEngines
[20/08/2007|08:30] C:\Program Files\Fichiers communs\SureThing Shared
[28/08/2007|21:02] C:\Program Files\Fichiers communs\System
[09/12/2007|11:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-07 19:38:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:19][Doss:6] C:\DOCUME~1\HP\LOCALS~1\Temp
/!\ [Fich:113][Doss:0] C:\DOCUME~1\HP\Cookies
/!\ [Fich:552][Doss:20] C:\DOCUME~1\HP\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 19:39:41,98 ]----------------------
ya encore qque pub qui arrivent mais bcp moins deja
voila la bon rapport
Logfile of HijackThis v1.99.1
Scan saved at 17:36, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\nvcoi\nvcoi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackthis\test.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
voila la bon rapport
Logfile of HijackThis v1.99.1
Scan saved at 17:36, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\nvcoi\nvcoi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackthis\test.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Re,
Fix la ligne dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne l'emplacement dans le cadre ci-dessous :
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Fix la ligne dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne l'emplacement dans le cadre ci-dessous :
C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Logfile of HijackThis v1.99.1
Scan saved at 21:38, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\nvcoi\nvcoi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackthis\test.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Scan saved at 21:38, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\nvcoi\nvcoi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackthis\test.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Re,
On recommence.
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
Sélectionne tous les emplacements dans le cadre ci-dessous :
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
On recommence.
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
Sélectionne tous les emplacements dans le cadre ci-dessous :
C:\Documents and Settings\All Users\Application Data\Win knob owns four
C:\Program Files\nvcoi
C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1
C:\Program Files\nvcoi
C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Logfile of HijackThis v1.99.1
Scan saved at 21:33, on 10/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackthis\test.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Scan saved at 21:33, on 10/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackthis\test.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Lassé par la pub ? Créez un compte
