Tom's Guide > Forum > Sécurité - Virus > blem iexplore non résolu
blem iexplore non résolu - Sécurité - Virus
TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Répondre
Mot :    Pseudo :           
 
ti_samsung   26-04-2008 à 13:39:47

Bonjour,

J'ai un problème avec iexplore. Il en apparait 2 dans le gestionnaire des tâches. J'ai déjà vu des sujets dessus, mais ils ont été marqué comme résolu, alors je ne sais s'il y aura encore du people qui passera dessus, je créer donc un nouveau sujet =P

Pourriez vous m'aider? voici mon hijackthis :



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:27:09, on 26/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
E:\Marc jr\autre\antivirus\aswUpdSv.exe
E:\Marc jr\autre\antivirus\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Marc jr\autre\antivirus\ashMaiSv.exe
E:\Marc jr\autre\antivirus\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
E:\MARCJR~1\autre\ANTIVI~1\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
E:\Marc jr\autre\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://accountservices.passport.ne [...] =1036&id=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [\\CompaqPAPA\EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\DOCUME~1\Rebecca\LOCALS~1\Temp\E_S6A.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [Cake Wipe Inside Wma] C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\owns extra.exe
O4 - HKLM\..\Run: [SMSTray] E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [avast!] E:\MARCJR~1\autre\ANTIVI~1\ashDisp.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Eq free] C:\DOCUME~1\Rebecca\APPLIC~1\ITCH32~1\link loud drv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com/
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Reg [...] lashax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Marc jr\autre\antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Marc jr\autre\antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Marc jr\autre\antivirus\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Marc jr\autre\antivirus\ashWebSv.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe (file missing)

--
End of file - 7014 bytes



merci d'avance

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Angeldark   26-04-2008 à 14:47:09
- 0 +

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)


(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   26-04-2008 à 20:00:34
- 0 +

J'ai installé LOP S&D
Mais après l'avoir installé, quand je double clik sur le raccourci sur le bureau, il me met :

"le lecteur réseau ou la connexion réseau désigné par le raccourci 'LOP S&D.lnk' n'est pas disponible. Vérifiez que le disque est correctement inséré ou que la ressource réseau est disponible, puis recommencez."

Je l'ai réinstallé à plusieurs reprises déjà...

Répondre à ti_samsung
ti_samsung   26-04-2008 à 20:05:34
- 0 +

ohh j'ai réglé le problème =D
alors voici le rapport :


Rapport lopxpMH2 version 2.0 fait à 20:03:53,92 le 26/04/2008
C:\Documents and Settings\Rebecca\Bureau\lopxpMH2

******************************************
## Répertoires Application Data

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Documents and Settings\All Users\Application Data

24/08/2005 20:50 <REP> .
24/08/2005 20:50 <REP> ..
10/01/2008 20:13 <REP> Adobe
17/04/2008 11:02 <REP> Atrise
21/04/2008 13:26 <REP> AVS4YOU
24/08/2005 13:55 <REP> CyberLink
23/04/2008 16:09 <REP> Downloaded Installations
20/03/2007 23:21 <REP> EPSON
12/04/2008 16:16 <REP> flag barb cake wipe
13/04/2008 12:31 <REP> Messenger Plus!
17/04/2008 22:49 <REP> MGS
24/04/2008 19:19 <REP> Microgaming
24/08/2005 20:50 <REP> Microsoft
18/12/2006 22:42 <REP> MSN6
18/12/2006 08:36 <REP> Skype
24/08/2005 14:02 <REP> Symantec
07/11/2006 18:59 <REP> Windows Genuine Advantage
12/04/2008 15:50 <REP> WLInstaller
24/08/2005 20:50 62 desktop.ini
1 fichier(s) 62 octets
18 Rép(s) 1 172 803 584 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Documents and Settings\Default User\Application Data

24/08/2005 20:50 <REP> .
24/08/2005 20:50 <REP> ..
26/11/2005 08:27 <REP> Adobe
26/11/2005 08:27 <REP> Identities
26/11/2005 08:27 <REP> Intel
24/08/2005 20:50 <REP> Microsoft
26/11/2005 08:27 <REP> Symantec
26/11/2005 08:27 871 AdobeDLM.log
24/08/2005 20:50 62 desktop.ini
26/11/2005 08:27 0 dm.ini
3 fichier(s) 933 octets
7 Rép(s) 1 172 795 392 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

24/08/2005 20:50 <REP> .
24/08/2005 20:50 <REP> ..
26/11/2005 08:27 <REP> Adobe
26/11/2005 08:27 <REP> Microsoft
26/11/2005 08:27 13 104 GDIPFONTCACHEV1.DAT
26/11/2005 08:27 4 284 162 IconCache.db
2 fichier(s) 4 297 266 octets
4 Rép(s) 1 172 795 392 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Documents and Settings\LocalService\Application Data

24/08/2005 13:03 <REP> .
24/08/2005 13:03 <REP> ..
24/08/2005 13:03 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 1 172 795 392 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

24/08/2005 13:03 <REP> .
24/08/2005 13:03 <REP> ..
24/08/2005 13:03 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 1 172 795 392 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Documents and Settings\NetworkService\Application Data

24/08/2005 13:03 <REP> .
24/08/2005 13:03 <REP> ..
24/08/2005 13:03 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 1 172 795 392 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

24/08/2005 13:03 <REP> .
24/08/2005 13:03 <REP> ..
24/08/2005 13:03 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 1 172 791 296 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Documents and Settings\Rebecca\Application Data

26/11/2005 08:29 <REP> .
26/11/2005 08:29 <REP> ..
26/11/2005 08:29 <REP> Adobe
23/12/2006 16:09 <REP> AdobeUM
17/04/2008 11:02 <REP> Atrise
21/04/2008 13:26 <REP> AVS4YOU
26/11/2005 08:29 <REP> Identities
20/04/2008 19:34 <REP> InstallShield
26/11/2005 08:29 <REP> Intel
12/04/2008 16:16 <REP> Itch32Bat
30/03/2008 14:33 <REP> Lexmark Productivity Studio
26/11/2005 13:09 <REP> Macromedia
26/11/2005 08:29 <REP> Microsoft
26/11/2005 13:03 <REP> Mozilla
18/12/2006 22:42 <REP> MSN6
18/12/2006 08:36 <REP> Skype
18/02/2007 23:57 <REP> Sun
26/11/2005 08:29 <REP> Symantec
19/11/2007 12:40 <REP> U3
26/11/2005 08:29 62 desktop.ini
12/03/2007 22:42 26 144 GDIPFONTCACHEV1.DAT
2 fichier(s) 26 206 octets
19 Rép(s) 1 172 791 296 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Documents and Settings\Rebecca\Local Settings\Application Data

26/11/2005 08:29 <REP> .
26/11/2005 08:29 <REP> ..
26/11/2005 08:29 <REP> Adobe
04/12/2005 23:39 <REP> Identities
26/11/2005 08:29 <REP> Microsoft
29/10/2006 22:13 <REP> Mozilla
18/02/2007 23:56 <REP> Sun
12/03/2008 00:01 3 584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
26/11/2005 08:29 26 144 GDIPFONTCACHEV1.DAT
26/11/2005 08:29 5 355 548 IconCache.db
3 fichier(s) 5 385 276 octets
7 Rép(s) 1 172 791 296 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

24/08/2005 13:02 <REP> .
24/08/2005 13:02 <REP> ..
26/11/2005 08:28 <REP> Adobe
26/11/2005 08:28 <REP> Identities
26/11/2005 08:28 <REP> Intel
24/08/2005 13:02 <REP> Microsoft
26/11/2005 08:28 <REP> Symantec
26/11/2005 08:28 871 AdobeDLM.log
24/08/2005 13:02 62 desktop.ini
26/11/2005 08:28 0 dm.ini
3 fichier(s) 933 octets
7 Rép(s) 1 172 791 296 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

24/08/2005 13:02 <REP> .
24/08/2005 13:02 <REP> ..
26/11/2005 08:28 <REP> Adobe
24/08/2005 14:38 <REP> Microsoft
26/11/2005 08:28 13 104 GDIPFONTCACHEV1.DAT
26/11/2005 08:28 4 284 162 IconCache.db
2 fichier(s) 4 297 266 octets
4 Rép(s) 1 172 791 296 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks


C:\WINDOWS\Tasks\A8CDF1F8919E6228.job
s  "€!Ø    . 9 c : \ d o c u m e ~ 1 \ r e b e c c a \ a p p l i c ~ 1 \ i t c h 3 2 ~ 1 \ e a c h m a p i l o n g . e x e  R e b e c c a   0 Ì

******************************************
## Répertoires de C:\Program Files

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 405B-CA9A

Répertoire de C:\Program Files

24/04/2008 20:33 <REP> .
24/04/2008 20:33 <REP> ..
24/08/2005 21:49 <REP> Adobe
24/08/2005 13:19 <REP> AvRack
21/04/2008 13:30 <REP> AVS4YOU
21/04/2008 01:32 <REP> Circle Developement
24/08/2005 12:56 <REP> ComPlus Applications
26/04/2008 19:55 <REP> CyberLink
24/08/2005 13:38 <REP> Elantech
20/03/2007 23:21 <REP> EPSON
21/04/2008 13:25 <REP> Fichiers communs
27/11/2005 17:05 <REP> Intel
17/04/2008 23:06 <REP> Internet Explorer
12/04/2008 16:16 <REP> Itch32Bat
21/02/2008 12:52 <REP> Java
30/03/2008 14:26 <REP> Lexmark 3500-4500 Series
20/04/2008 19:37 <REP> MarkAny
12/04/2008 16:09 <REP> Messenger
12/04/2008 16:16 <REP> Messenger Plus! Live
13/04/2008 13:23 <REP> Microsoft CAPICOM 2.1.0.2
24/08/2005 13:00 <REP> microsoft frontpage
27/11/2005 16:51 <REP> Microsoft Office
27/11/2005 16:51 <REP> Microsoft Visual Studio
21/04/2008 12:37 <REP> MIKSOFT
24/08/2005 14:26 <REP> Movie Maker
26/04/2008 19:48 <REP> Mozilla Firefox
12/04/2008 16:09 <REP> MSN
24/08/2005 12:56 <REP> MSN Gaming Zone
24/08/2005 14:22 <REP> NetMeeting
30/11/2005 16:19 <REP> Norton AntiVirus
24/03/2007 23:22 <REP> Olympus
21/06/2007 16:50 <REP> Outlook Express
26/11/2005 12:34 <REP> PowerQuest
24/08/2005 13:19 <REP> Realtek Sound Manager
12/04/2008 16:09 <REP> Services en ligne
18/12/2006 08:36 <REP> Skype
26/11/2005 12:19 <REP> Symantec
26/11/2005 12:19 <REP> SymNetDrv
12/04/2008 16:13 <REP> Windows Live
22/12/2006 08:15 <REP> Windows Media Connect 2
21/04/2008 10:46 <REP> Windows Media Player
24/08/2005 14:22 <REP> Windows NT
26/11/2005 12:59 <REP> WinRAR
26/11/2005 12:57 <REP> WinZip
24/08/2005 13:00 <REP> xerox
0 fichier(s) 0 octets
45 Rép(s) 1 172 787 200 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
host-domain-lookup.com REG_SZ
www.host-domain-lookup.com REG_SZ
mysearchnow.com REG_SZ
www.mysearchnow.com REG_SZ

* Mozilla Firefox (1 autorisé 2 interdit)

---------- C:\DOCUMENTS AND SETTINGS\REBECCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJT9H6ZS.DEFAULT\HOSTPERM.1
host popup 1 cyworld.nate.com
host popup 1 www.skyblog.com
host popup 1 www.gametribe.com

******************************************
## Registre

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Cake Wipe Inside Wma REG_SZ C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\owns extra.exe

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Eq free REG_SZ C:\DOCUME~1\Rebecca\APPLIC~1\ITCH32~1\link loud drv.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


*************** Fin du rapport ****************


c'est le bon?

Répondre à ti_samsung
ti_samsung   26-04-2008 à 20:12:11
- 0 +

ahhhh!!!!!!!! pardon pardon pardon
je me suis trompé :??: c ke j'avais pas tout compris :(
mais tout est réglé :sol: j'ai trouvé et tout yeah =P
alors voici le rapport =D



-----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Rebecca ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 26/04/2008 | 20:07:39,34 ] [ PC : MAMAN ]
[ MAJ : 26-04-2008 | 11:00 ]

-------------[ Listing des dossiers dans Application Data ]------------

[10/01/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[17/04/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Atrise
[21/04/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[24/08/2005|13:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[24/08/2005|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[23/04/2008|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[20/03/2007|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
[12/04/2008|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
[13/04/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[17/04/2008|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[24/04/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[13/04/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[18/12/2006|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[18/12/2006|08:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[28/11/2005|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/11/2006|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[12/04/2008|16:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[24/08/2005|21:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[24/08/2005|21:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeDLM.log
[24/08/2005|20:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[24/08/2005|21:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\dm.ini
[24/08/2005|13:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[26/11/2005|13:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[24/08/2005|21:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[24/08/2005|14:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[24/08/2005|12:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[24/08/2005|12:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/04/2008|23:06] C:\DOCUME~1\Rebecca\APPLIC~1\Adobe
[26/02/2008|16:00] C:\DOCUME~1\Rebecca\APPLIC~1\AdobeUM
[17/04/2008|11:02] C:\DOCUME~1\Rebecca\APPLIC~1\Atrise
[21/04/2008|13:26] C:\DOCUME~1\Rebecca\APPLIC~1\AVS4YOU
[24/08/2005|20:50] C:\DOCUME~1\Rebecca\APPLIC~1\desktop.ini
[12/03/2007|22:42] C:\DOCUME~1\Rebecca\APPLIC~1\GDIPFONTCACHEV1.DAT
[24/08/2005|13:04] C:\DOCUME~1\Rebecca\APPLIC~1\Identities
[20/04/2008|19:34] C:\DOCUME~1\Rebecca\APPLIC~1\InstallShield
[26/11/2005|13:12] C:\DOCUME~1\Rebecca\APPLIC~1\Intel
[12/04/2008|16:17] C:\DOCUME~1\Rebecca\APPLIC~1\Itch32Bat
[30/03/2008|14:33] C:\DOCUME~1\Rebecca\APPLIC~1\Lexmark Productivity Studio
[26/11/2005|13:09] C:\DOCUME~1\Rebecca\APPLIC~1\Macromedia
[23/04/2008|19:06] C:\DOCUME~1\Rebecca\APPLIC~1\Microsoft
[26/11/2005|13:03] C:\DOCUME~1\Rebecca\APPLIC~1\Mozilla
[23/04/2008|01:04] C:\DOCUME~1\Rebecca\APPLIC~1\MSN6
[26/04/2008|19:47] C:\DOCUME~1\Rebecca\APPLIC~1\Skype
[18/02/2007|23:57] C:\DOCUME~1\Rebecca\APPLIC~1\Sun
[26/11/2005|08:31] C:\DOCUME~1\Rebecca\APPLIC~1\Symantec
[21/04/2008|18:13] C:\DOCUME~1\Rebecca\APPLIC~1\U3

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[26/04/2008 20:00][--ah-----] C:\WINDOWS\tasks\A8CDF1F8919E6228.job
[26/04/2008 19:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

A8CDF1F8919E6228.job <--> c:\docume~1\rebecca\applic~1\itch32~1\each

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[24/08/2005|21:49] C:\Program Files\Adobe
[24/08/2005|13:19] C:\Program Files\AvRack
[21/04/2008|13:30] C:\Program Files\AVS4YOU
[21/04/2008|01:32] C:\Program Files\Circle Developement
[24/08/2005|12:56] C:\Program Files\ComPlus Applications
[26/04/2008|19:55] C:\Program Files\CyberLink
[24/08/2005|13:38] C:\Program Files\Elantech
[20/03/2007|23:21] C:\Program Files\EPSON
[21/04/2008|13:25] C:\Program Files\Fichiers communs
[20/04/2008|19:36] C:\Program Files\InstallShield Installation Information
[27/11/2005|17:05] C:\Program Files\Intel
[17/04/2008|23:06] C:\Program Files\Internet Explorer
[12/04/2008|16:16] C:\Program Files\Itch32Bat
[21/02/2008|12:52] C:\Program Files\Java
[30/03/2008|14:26] C:\Program Files\Lexmark 3500-4500 Series
[20/04/2008|19:37] C:\Program Files\MarkAny
[12/04/2008|16:09] C:\Program Files\Messenger
[12/04/2008|16:16] C:\Program Files\Messenger Plus! Live
[13/04/2008|13:23] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[24/08/2005|13:00] C:\Program Files\microsoft frontpage
[27/11/2005|16:51] C:\Program Files\Microsoft Office
[27/11/2005|16:51] C:\Program Files\Microsoft Visual Studio
[21/04/2008|12:37] C:\Program Files\MIKSOFT
[24/08/2005|14:26] C:\Program Files\Movie Maker
[26/04/2008|19:48] C:\Program Files\Mozilla Firefox
[12/04/2008|16:09] C:\Program Files\MSN
[24/08/2005|12:56] C:\Program Files\MSN Gaming Zone
[24/08/2005|14:22] C:\Program Files\NetMeeting
[30/11/2005|16:19] C:\Program Files\Norton AntiVirus
[24/03/2007|23:22] C:\Program Files\Olympus
[21/06/2007|16:50] C:\Program Files\Outlook Express
[26/11/2005|12:34] C:\Program Files\PowerQuest
[24/08/2005|13:19] C:\Program Files\Realtek Sound Manager
[12/04/2008|16:09] C:\Program Files\Services en ligne
[18/12/2006|08:36] C:\Program Files\Skype
[26/11/2005|12:19] C:\Program Files\Symantec
[26/11/2005|12:19] C:\Program Files\SymNetDrv
[24/08/2005|13:04] C:\Program Files\Uninstall Information
[12/04/2008|16:13] C:\Program Files\Windows Live
[22/12/2006|08:15] C:\Program Files\Windows Media Connect 2
[21/04/2008|10:46] C:\Program Files\Windows Media Player
[24/08/2005|14:22] C:\Program Files\Windows NT
[24/08/2005|12:56] C:\Program Files\WindowsUpdate
[26/11/2005|12:59] C:\Program Files\WinRAR
[26/11/2005|12:57] C:\Program Files\WinZip
[24/08/2005|13:00] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[26/02/2008|16:00] C:\Program Files\Fichiers communs\Adobe
[21/04/2008|13:29] C:\Program Files\Fichiers communs\AVSMedia
[27/11/2005|16:51] C:\Program Files\Fichiers communs\Designer
[24/08/2005|13:37] C:\Program Files\Fichiers communs\InstallShield
[18/02/2007|23:56] C:\Program Files\Fichiers communs\Java
[15/04/2008|19:21] C:\Program Files\Fichiers communs\Microsoft Shared
[24/08/2005|12:57] C:\Program Files\Fichiers communs\MSSoap
[24/08/2005|20:51] C:\Program Files\Fichiers communs\ODBC
[24/08/2005|12:57] C:\Program Files\Fichiers communs\Services
[18/12/2006|08:36] C:\Program Files\Fichiers communs\Skype
[24/08/2005|20:51] C:\Program Files\Fichiers communs\SpeechEngines
[30/11/2005|16:19] C:\Program Files\Fichiers communs\Symantec Shared
[21/06/2007|16:50] C:\Program Files\Fichiers communs\System
[12/04/2008|16:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 28

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

C:\DOCUME~1\Rebecca\LOCALS~1\Temp\bis123.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\owns extra.exe
C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1
C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\each mapi long.exe
C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\flap store second bolt.exe
C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\link loud drv.exe
C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\mlukqqrt.exe
C:\Program Files\itch32~1
C:\Program Files\Circle Developement
C:\WINDOWS\Tasks\A8CDF1F8919E6228.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eq free"="C:\\DOCUME~1\\Rebecca\\APPLIC~1\\ITCH32~1\\link loud drv.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cake Wipe Inside Wma"="C:\\Documents and Settings\\All Users\\Application Data\\flag barb cake wipe\\owns extra.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 72 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-26 20:08:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:550][Doss:8] C:\DOCUME~1\Rebecca\LOCALS~1\Temp
/!\ [Fich:134][Doss:0] C:\DOCUME~1\Rebecca\Cookies
/!\ [Fich:4815][Doss:8] C:\DOCUME~1\Rebecca\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 20:09:37,31 ]----------------------


j'y comprend rien moi!!! xD

Répondre à ti_samsung
Angeldark   27-04-2008 à 13:35:57
- 0 +

Re,

Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)


(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   28-04-2008 à 01:14:46
- 0 +

Re,

Voici le rapport :



-----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Rebecca ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 28/04/2008 | 1:10:09,64 ] [ PC : MAMAN ]
[ MAJ : 26-04-2008 | 11:00 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\owns extra.exe
Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\each mapi long.exe
Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\flap store second bolt.exe
Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\link loud drv.exe
Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\mlukqqrt.exe
Supprimé! - C:\WINDOWS\Tasks\A8CDF1F8919E6228.job
Supprimé! - C:\DOCUME~1\Rebecca\LOCALS~1\Temp\bis123.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1
Supprimé! - C:\Program Files\itch32~1
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[10/01/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[17/04/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Atrise
[21/04/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[24/08/2005|13:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[24/08/2005|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[23/04/2008|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[20/03/2007|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
[13/04/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[17/04/2008|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[24/04/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[13/04/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[18/12/2006|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[18/12/2006|08:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[28/11/2005|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/11/2006|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[12/04/2008|16:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[24/08/2005|21:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[24/08/2005|21:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeDLM.log
[24/08/2005|20:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[24/08/2005|21:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\dm.ini
[24/08/2005|13:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[26/11/2005|13:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[24/08/2005|21:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[24/08/2005|14:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[24/08/2005|12:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[24/08/2005|12:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/04/2008|23:06] C:\DOCUME~1\Rebecca\APPLIC~1\Adobe
[26/02/2008|16:00] C:\DOCUME~1\Rebecca\APPLIC~1\AdobeUM
[17/04/2008|11:02] C:\DOCUME~1\Rebecca\APPLIC~1\Atrise
[21/04/2008|13:26] C:\DOCUME~1\Rebecca\APPLIC~1\AVS4YOU
[24/08/2005|20:50] C:\DOCUME~1\Rebecca\APPLIC~1\desktop.ini
[12/03/2007|22:42] C:\DOCUME~1\Rebecca\APPLIC~1\GDIPFONTCACHEV1.DAT
[24/08/2005|13:04] C:\DOCUME~1\Rebecca\APPLIC~1\Identities
[20/04/2008|19:34] C:\DOCUME~1\Rebecca\APPLIC~1\InstallShield
[26/11/2005|13:12] C:\DOCUME~1\Rebecca\APPLIC~1\Intel
[30/03/2008|14:33] C:\DOCUME~1\Rebecca\APPLIC~1\Lexmark Productivity Studio
[26/11/2005|13:09] C:\DOCUME~1\Rebecca\APPLIC~1\Macromedia
[23/04/2008|19:06] C:\DOCUME~1\Rebecca\APPLIC~1\Microsoft
[26/11/2005|13:03] C:\DOCUME~1\Rebecca\APPLIC~1\Mozilla
[23/04/2008|01:04] C:\DOCUME~1\Rebecca\APPLIC~1\MSN6
[28/04/2008|01:06] C:\DOCUME~1\Rebecca\APPLIC~1\Skype
[18/02/2007|23:57] C:\DOCUME~1\Rebecca\APPLIC~1\Sun
[26/11/2005|08:31] C:\DOCUME~1\Rebecca\APPLIC~1\Symantec
[21/04/2008|18:13] C:\DOCUME~1\Rebecca\APPLIC~1\U3

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/04/2008 01:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[24/08/2005|21:49] C:\Program Files\Adobe
[24/08/2005|13:19] C:\Program Files\AvRack
[21/04/2008|13:30] C:\Program Files\AVS4YOU
[24/08/2005|12:56] C:\Program Files\ComPlus Applications
[26/04/2008|19:55] C:\Program Files\CyberLink
[24/08/2005|13:38] C:\Program Files\Elantech
[20/03/2007|23:21] C:\Program Files\EPSON
[21/04/2008|13:25] C:\Program Files\Fichiers communs
[20/04/2008|19:36] C:\Program Files\InstallShield Installation Information
[27/11/2005|17:05] C:\Program Files\Intel
[17/04/2008|23:06] C:\Program Files\Internet Explorer
[21/02/2008|12:52] C:\Program Files\Java
[30/03/2008|14:26] C:\Program Files\Lexmark 3500-4500 Series
[20/04/2008|19:37] C:\Program Files\MarkAny
[12/04/2008|16:09] C:\Program Files\Messenger
[12/04/2008|16:16] C:\Program Files\Messenger Plus! Live
[13/04/2008|13:23] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[24/08/2005|13:00] C:\Program Files\microsoft frontpage
[27/11/2005|16:51] C:\Program Files\Microsoft Office
[27/11/2005|16:51] C:\Program Files\Microsoft Visual Studio
[21/04/2008|12:37] C:\Program Files\MIKSOFT
[24/08/2005|14:26] C:\Program Files\Movie Maker
[28/04/2008|01:08] C:\Program Files\Mozilla Firefox
[12/04/2008|16:09] C:\Program Files\MSN
[24/08/2005|12:56] C:\Program Files\MSN Gaming Zone
[24/08/2005|14:22] C:\Program Files\NetMeeting
[30/11/2005|16:19] C:\Program Files\Norton AntiVirus
[24/03/2007|23:22] C:\Program Files\Olympus
[21/06/2007|16:50] C:\Program Files\Outlook Express
[26/11/2005|12:34] C:\Program Files\PowerQuest
[24/08/2005|13:19] C:\Program Files\Realtek Sound Manager
[12/04/2008|16:09] C:\Program Files\Services en ligne
[18/12/2006|08:36] C:\Program Files\Skype
[26/11/2005|12:19] C:\Program Files\Symantec
[26/11/2005|12:19] C:\Program Files\SymNetDrv
[24/08/2005|13:04] C:\Program Files\Uninstall Information
[12/04/2008|16:13] C:\Program Files\Windows Live
[22/12/2006|08:15] C:\Program Files\Windows Media Connect 2
[21/04/2008|10:46] C:\Program Files\Windows Media Player
[24/08/2005|14:22] C:\Program Files\Windows NT
[24/08/2005|12:56] C:\Program Files\WindowsUpdate
[26/11/2005|12:59] C:\Program Files\WinRAR
[26/11/2005|12:57] C:\Program Files\WinZip
[24/08/2005|13:00] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[26/02/2008|16:00] C:\Program Files\Fichiers communs\Adobe
[21/04/2008|13:29] C:\Program Files\Fichiers communs\AVSMedia
[27/11/2005|16:51] C:\Program Files\Fichiers communs\Designer
[24/08/2005|13:37] C:\Program Files\Fichiers communs\InstallShield
[18/02/2007|23:56] C:\Program Files\Fichiers communs\Java
[15/04/2008|19:21] C:\Program Files\Fichiers communs\Microsoft Shared
[24/08/2005|12:57] C:\Program Files\Fichiers communs\MSSoap
[24/08/2005|20:51] C:\Program Files\Fichiers communs\ODBC
[24/08/2005|12:57] C:\Program Files\Fichiers communs\Services
[18/12/2006|08:36] C:\Program Files\Fichiers communs\Skype
[24/08/2005|20:51] C:\Program Files\Fichiers communs\SpeechEngines
[30/11/2005|16:19] C:\Program Files\Fichiers communs\Symantec Shared
[21/06/2007|16:50] C:\Program Files\Fichiers communs\System
[12/04/2008|16:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 31

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-28 01:11:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:564][Doss:8] C:\DOCUME~1\Rebecca\LOCALS~1\Temp
/!\ [Fich:134][Doss:0] C:\DOCUME~1\Rebecca\Cookies
/!\ [Fich:4815][Doss:8] C:\DOCUME~1\Rebecca\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 1:13:25,17 ]----------------------

Répondre à ti_samsung
Angeldark   28-04-2008 à 14:12:51
- 0 +

Reposte un rapport Hijackthis.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   28-04-2008 à 19:45:18
- 0 +

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:44:24, on 28/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
E:\Marc jr\autre\antivirus\aswUpdSv.exe
E:\Marc jr\autre\antivirus\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Marc jr\autre\antivirus\ashMaiSv.exe
E:\Marc jr\autre\antivirus\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
E:\MARCJR~1\autre\ANTIVI~1\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\Marc jr\autre\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://accountservices.passport.ne [...] =1036&id=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [\\CompaqPAPA\EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\DOCUME~1\Rebecca\LOCALS~1\Temp\E_S6A.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [SMSTray] E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [avast!] E:\MARCJR~1\autre\ANTIVI~1\ashDisp.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com/
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Reg [...] lashax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Marc jr\autre\antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Marc jr\autre\antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Marc jr\autre\antivirus\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Marc jr\autre\antivirus\ashWebSv.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe (file missing)

--
End of file - 6851 bytes

Répondre à ti_samsung
Angeldark   28-04-2008 à 20:09:56
- 0 +

Re,
Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   29-04-2008 à 10:00:10
- 0 +

L'est bien Antivir, enfin, je pense =P




Avira AntiVir Personal
Report file date: mardi 29 avril 2008 09:10

Scanning for 1243285 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: MAMAN

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 28/04/2008 20:55:29
AVSCAN.DLL : 8.1.1.0 53505 Bytes 28/04/2008 20:55:29
LUKE.DLL : 8.1.2.9 151809 Bytes 28/04/2008 20:55:29
LUKERES.DLL : 8.1.2.1 12033 Bytes 28/04/2008 20:55:29
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 20:55:30
ANTIVIR2.VDF : 7.0.3.197 1260032 Bytes 22/04/2008 20:55:30
ANTIVIR3.VDF : 7.0.3.224 212992 Bytes 28/04/2008 20:55:30
Engineversion : 8.1.0.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 28/04/2008 20:55:30
AESCRIPT.DLL : 8.1.0.27 233851 Bytes 28/04/2008 20:55:30
AESCN.DLL : 8.1.0.14 119156 Bytes 28/04/2008 20:55:30
AERDL.DLL : 8.1.0.20 418165 Bytes 28/04/2008 20:55:30
AEPACK.DLL : 8.1.1.2 364917 Bytes 28/04/2008 20:55:30
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 28/04/2008 20:55:30
AEHEUR.DLL : 8.1.0.20 1196406 Bytes 28/04/2008 20:55:30
AEHELP.DLL : 8.1.0.14 115063 Bytes 28/04/2008 20:55:30
AEGEN.DLL : 8.1.0.18 299381 Bytes 28/04/2008 20:55:30
AEEMU.DLL : 8.1.0.5 430450 Bytes 28/04/2008 20:55:30
AECORE.DLL : 8.1.0.27 168310 Bytes 28/04/2008 20:55:30
AVWINLL.DLL : 1.0.0.7 14593 Bytes 28/04/2008 20:55:29
AVPREF.DLL : 8.0.0.1 25857 Bytes 28/04/2008 20:55:29
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVREG.DLL : 8.0.0.0 30977 Bytes 28/04/2008 20:55:29
AVARKT.DLL : 1.0.0.23 307457 Bytes 28/04/2008 20:55:29
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/04/2008 20:55:29
SQLITE3.DLL : 3.3.17.1 339968 Bytes 28/04/2008 20:55:29
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 28/04/2008 20:55:29
NETNT.DLL : 8.0.0.1 7937 Bytes 28/04/2008 20:55:29
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 28/04/2008 20:55:24
RCTEXT.DLL : 8.0.32.0 86273 Bytes 28/04/2008 20:55:24

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 29 avril 2008 09:10

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'skypePM.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'MaAgent.exe' - '1' Module(s) have been scanned
Scan process 'SMSTray.exe' - '1' Module(s) have been scanned
Scan process 'lxdiamon.exe' - '1' Module(s) have been scanned
Scan process 'lxdimon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SNDSrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'o2flash.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'lxdicoms.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
39 processes with 39 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '31' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP100\A0013514.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '4846cf3f.qua'!
C:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP111\A0019232.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP113\A0019424.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP113\A0019425.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
Begin scan in 'E:\'
E:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP111\A0019115.INF
[DETECTION] Is the Trojan horse TR/Agent.123
[NOTE] The file was deleted!


End of the scan: mardi 29 avril 2008 09:59
Used time: 49:02 min

The scan has been done completely.

4270 Scanning directories
248358 Files were scanned
5 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
4 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
248353 Files not concerned
6500 Archives were scanned
1 Warnings
5 Notes

Répondre à ti_samsung
Angeldark   29-04-2008 à 12:44:24
- 0 +

Reposte un rapport Hijackthis.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   30-04-2008 à 01:09:30
- 0 +

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:09:16, on 30/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\o2flash.exe
c:\windows\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\Marc jr\autre\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://accountservices.passport.ne [...] =1036&id=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [\\CompaqPAPA\EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\DOCUME~1\Rebecca\LOCALS~1\Temp\E_S6A.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [SMSTray] E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com/
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Reg [...] lashax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe (file missing)

--
End of file - 7332 bytes

Répondre à ti_samsung
Angeldark   30-04-2008 à 15:52:26
- 1 +

Encore des soucis ?

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   01-05-2008 à 00:25:37
- -1 +

Merci pour ton aide, le PC dont je me suis servi n'a plus de problème, c'est génial, merci beaucoup.

Maintenant, je suis sur un autre PC, un DELL inspiron 9200. Quand j'allume le PC, il me met :

"Memory write/read failure at 7FFE0000, read FE19FE11 expecting FE11FE11
Memory address line failure at 7FFE0000, read FE11FE11 expecting 01010101
Memory write/read failure at 40000008, read 00E700EF expecting 00EF00EF
Decreasing available memory
Strike the F1 key to continue, F2 to run the setup utility"

Est-ce que c'est un problème de carte mémoire ou d'autres matériels informatique?

Répondre à ti_samsung
ti_samsung   01-05-2008 à 01:07:01
- 0 +

Sinon, sur ce même ordi, j'ai iexplore qui est aussi apparu T.T
Je sais pas comment cela se fait!!! o_o
C'est si étrange...

Voici le rapport HijackThis :



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:06:09, on 01/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\dvd meet.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Fast Love] C:\DOCUME~1\Marco\APPLIC~1\PLANPA~1\Book Tray.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 4508 bytes




Désolé si j'ai tellement de problème T.T

Répondre à ti_samsung
Angeldark   01-05-2008 à 14:19:29
- 0 +

Refais un scan LopSD option 1 :)

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   03-05-2008 à 00:29:06
- 0 +

Yes! Voici le rapport de LopSD =D



-----------------------[ Lop S&D 4.2.0-3 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Marco ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 03/05/2008 | 0:15:41,58 ] [ PC : MARCO-DELL ]
[ MAJ : 30-04-2008 | 18:35 ]

-------------[ Listing des dossiers dans Application Data ]------------

[01/05/2008|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/05/2008|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[30/04/2008|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[01/05/2008|00:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[30/04/2008|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/05/2008|01:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[30/04/2008|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[01/05/2008|02:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[01/05/2008|00:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/05/2008|01:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[30/04/2008|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[30/04/2008|19:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[30/04/2008|18:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[30/04/2008|18:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/04/2008|18:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
[30/04/2008|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[30/04/2008|22:07] C:\DOCUME~1\Marco\APPLIC~1\Adobe
[01/05/2008|01:50] C:\DOCUME~1\Marco\APPLIC~1\Apple Computer
[30/04/2008|19:48] C:\DOCUME~1\Marco\APPLIC~1\desktop.ini
[30/04/2008|18:17] C:\DOCUME~1\Marco\APPLIC~1\Identities
[30/04/2008|18:34] C:\DOCUME~1\Marco\APPLIC~1\Intel
[30/04/2008|22:09] C:\DOCUME~1\Marco\APPLIC~1\Macromedia
[01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\Media Player Classic
[01/05/2008|02:11] C:\DOCUME~1\Marco\APPLIC~1\Microsoft
[30/04/2008|22:50] C:\DOCUME~1\Marco\APPLIC~1\Mozilla
[01/05/2008|00:46] C:\DOCUME~1\Marco\APPLIC~1\PLAN PART
[30/04/2008|22:51] C:\DOCUME~1\Marco\APPLIC~1\Talkback
[30/04/2008|18:30] C:\DOCUME~1\Marco\APPLIC~1\U3
[01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\WinRAR

[30/04/2008|18:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
[30/04/2008|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[01/05/2008 01:46][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[01/05/2008 23:00][--ah-----] C:\WINDOWS\tasks\AE289853918B0897.job
[03/05/2008 00:10][--ah-----] C:\WINDOWS\tasks\SA.DAT
[19/08/2004 22:01][-r-h-----] C:\WINDOWS\tasks\desktop.ini

AE289853918B0897.job <--> c:\docume~1\marco\applic~1\planpa~1\DaleSeekDraw.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[30/04/2008|22:19] C:\Program Files\Ahead
[30/04/2008|22:09] C:\Program Files\Apoint
[01/05/2008|01:46] C:\Program Files\Apple Software Update
[30/04/2008|22:17] C:\Program Files\ATI Technologies
[30/04/2008|22:59] C:\Program Files\Avira
[01/05/2008|01:49] C:\Program Files\Bonjour
[01/05/2008|00:45] C:\Program Files\Circle Developement
[30/04/2008|17:57] C:\Program Files\ComPlus Applications
[01/05/2008|01:45] C:\Program Files\Fichiers communs
[01/05/2008|01:33] C:\Program Files\InstallShield Installation Information
[30/04/2008|18:33] C:\Program Files\Intel
[01/05/2008|00:04] C:\Program Files\Internet Explorer
[01/05/2008|01:49] C:\Program Files\iPod
[01/05/2008|00:03] C:\Program Files\Messenger
[01/05/2008|00:45] C:\Program Files\Messenger Plus! Live
[30/04/2008|18:02] C:\Program Files\microsoft frontpage
[30/04/2008|17:58] C:\Program Files\Movie Maker
[03/05/2008|00:13] C:\Program Files\Mozilla Firefox
[30/04/2008|17:55] C:\Program Files\MSN
[30/04/2008|17:56] C:\Program Files\MSN Gaming Zone
[01/05/2008|23:01] C:\Program Files\MSXML 6.0
[30/04/2008|17:58] C:\Program Files\NetMeeting
[30/04/2008|17:56] C:\Program Files\Online Services
[01/05/2008|00:02] C:\Program Files\Outlook Express
[01/05/2008|00:46] C:\Program Files\PLAN PART
[30/04/2008|17:59] C:\Program Files\Services en ligne
[30/04/2008|22:10] C:\Program Files\SigmaTel
[01/05/2008|01:05] C:\Program Files\Trend Micro
[30/04/2008|18:17] C:\Program Files\Uninstall Information
[01/05/2008|02:11] C:\Program Files\Western Digital Technologies
[01/05/2008|00:43] C:\Program Files\Windows Live
[01/05/2008|00:02] C:\Program Files\Windows Media Player
[30/04/2008|17:56] C:\Program Files\Windows NT
[30/04/2008|18:00] C:\Program Files\WindowsUpdate
[30/04/2008|18:02] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[30/04/2008|22:19] C:\Program Files\Fichiers communs\Ahead
[01/05/2008|01:45] C:\Program Files\Fichiers communs\Apple
[01/05/2008|01:32] C:\Program Files\Fichiers communs\InstallShield
[01/05/2008|00:40] C:\Program Files\Fichiers communs\Microsoft Shared
[30/04/2008|17:58] C:\Program Files\Fichiers communs\MSSoap
[30/04/2008|19:48] C:\Program Files\Fichiers communs\ODBC
[30/04/2008|17:58] C:\Program Files\Fichiers communs\Services
[30/04/2008|19:48] C:\Program Files\Fichiers communs\SpeechEngines
[01/05/2008|00:02] C:\Program Files\Fichiers communs\System
[01/05/2008|00:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 46

IEXPLORE.EXE ~ [408]
IEXPLORE.EXE ~ [2556]

----------------------[ Recherche avec S_Lop ]---------------------

C:\DOCUME~1\Marco\LOCALS~1\Temp\bis39.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\dvd meet.exe
C:\DOCUME~1\Marco\APPLIC~1\planpa~1
C:\DOCUME~1\Marco\APPLIC~1\planpa~1\Book Tray.exe
C:\DOCUME~1\Marco\APPLIC~1\planpa~1\DaleSeekDraw.exe
C:\DOCUME~1\Marco\APPLIC~1\planpa~1\hgscwgnl.exe
C:\DOCUME~1\Marco\APPLIC~1\planpa~1\LIES THIS CHIN PEAK.exe
C:\Program Files\planpa~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\AE289853918B0897.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Fast Love"="C:\\DOCUME~1\\Marco\\APPLIC~1\\PLANPA~1\\Book Tray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\dvd meet.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-03 00:23:10
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\WINDOWS\System32\drivers\etc\hosts.xpz 0 bytes
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:207][Doss:39] C:\DOCUME~1\Marco\LOCALS~1\Temp
/!\ [Fich:39][Doss:0] C:\DOCUME~1\Marco\Cookies
/!\ [Fich:821][Doss:4] C:\DOCUME~1\Marco\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 0:26:40,56 ]----------------------

Répondre à ti_samsung
Angeldark   03-05-2008 à 13:47:17
- 0 +

Relance l'option 2.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   03-05-2008 à 14:42:46
- 0 +

C fait =]



-----------------------[ Lop S&D 4.2.0-3 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Marco ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 03/05/2008 | 14:39:16,38 ] [ PC : MARCO-DELL ]
[ MAJ : 30-04-2008 | 18:35 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\dvd meet.exe
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\Book Tray.exe
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\DaleSeekDraw.exe
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\hgscwgnl.exe
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\LIES THIS CHIN PEAK.exe
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Tasks\AE289853918B0897.job
Supprimé! - C:\DOCUME~1\Marco\LOCALS~1\Temp\bis39.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1
Supprimé! - C:\Program Files\planpa~1
Supprimé! - C:\Program Files\Circle Developement

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[01/05/2008|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/05/2008|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[30/04/2008|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[30/04/2008|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/05/2008|01:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[30/04/2008|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[01/05/2008|02:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[01/05/2008|00:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/05/2008|01:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[01/05/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[30/04/2008|19:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[30/04/2008|18:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[30/04/2008|18:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/04/2008|18:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
[30/04/2008|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[30/04/2008|22:07] C:\DOCUME~1\Marco\APPLIC~1\Adobe
[01/05/2008|01:50] C:\DOCUME~1\Marco\APPLIC~1\Apple Computer
[30/04/2008|19:48] C:\DOCUME~1\Marco\APPLIC~1\desktop.ini
[30/04/2008|18:17] C:\DOCUME~1\Marco\APPLIC~1\Identities
[30/04/2008|18:34] C:\DOCUME~1\Marco\APPLIC~1\Intel
[30/04/2008|22:09] C:\DOCUME~1\Marco\APPLIC~1\Macromedia
[01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\Media Player Classic
[01/05/2008|02:11] C:\DOCUME~1\Marco\APPLIC~1\Microsoft
[30/04/2008|22:50] C:\DOCUME~1\Marco\APPLIC~1\Mozilla
[30/04/2008|22:51] C:\DOCUME~1\Marco\APPLIC~1\Talkback
[30/04/2008|18:30] C:\DOCUME~1\Marco\APPLIC~1\U3
[01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\WinRAR

[30/04/2008|18:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
[30/04/2008|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[01/05/2008 01:46][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[03/05/2008 13:39][--ah-----] C:\WINDOWS\tasks\SA.DAT
[19/08/2004 22:01][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[30/04/2008|22:19] C:\Program Files\Ahead
[30/04/2008|22:09] C:\Program Files\Apoint
[01/05/2008|01:46] C:\Program Files\Apple Software Update
[30/04/2008|22:17] C:\Program Files\ATI Technologies
[30/04/2008|22:59] C:\Program Files\Avira
[01/05/2008|01:49] C:\Program Files\Bonjour
[30/04/2008|17:57] C:\Program Files\ComPlus Applications
[01/05/2008|01:45] C:\Program Files\Fichiers communs
[01/05/2008|01:33] C:\Program Files\InstallShield Installation Information
[30/04/2008|18:33] C:\Program Files\Intel
[01/05/2008|00:04] C:\Program Files\Internet Explorer
[01/05/2008|01:49] C:\Program Files\iPod
[01/05/2008|00:03] C:\Program Files\Messenger
[01/05/2008|00:45] C:\Program Files\Messenger Plus! Live
[30/04/2008|18:02] C:\Program Files\microsoft frontpage
[30/04/2008|17:58] C:\Program Files\Movie Maker
[03/05/2008|14:38] C:\Program Files\Mozilla Firefox
[30/04/2008|17:55] C:\Program Files\MSN
[30/04/2008|17:56] C:\Program Files\MSN Gaming Zone
[01/05/2008|23:01] C:\Program Files\MSXML 6.0
[30/04/2008|17:58] C:\Program Files\NetMeeting
[30/04/2008|17:56] C:\Program Files\Online Services
[01/05/2008|00:02] C:\Program Files\Outlook Express
[30/04/2008|17:59] C:\Program Files\Services en ligne
[30/04/2008|22:10] C:\Program Files\SigmaTel
[01/05/2008|01:05] C:\Program Files\Trend Micro
[30/04/2008|18:17] C:\Program Files\Uninstall Information
[01/05/2008|02:11] C:\Program Files\Western Digital Technologies
[01/05/2008|00:43] C:\Program Files\Windows Live
[01/05/2008|00:02] C:\Program Files\Windows Media Player
[30/04/2008|17:56] C:\Program Files\Windows NT
[30/04/2008|18:00] C:\Program Files\WindowsUpdate
[30/04/2008|18:02] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[30/04/2008|22:19] C:\Program Files\Fichiers communs\Ahead
[01/05/2008|01:45] C:\Program Files\Fichiers communs\Apple
[01/05/2008|01:32] C:\Program Files\Fichiers communs\InstallShield
[01/05/2008|00:40] C:\Program Files\Fichiers communs\Microsoft Shared
[30/04/2008|17:58] C:\Program Files\Fichiers communs\MSSoap
[30/04/2008|19:48] C:\Program Files\Fichiers communs\ODBC
[30/04/2008|17:58] C:\Program Files\Fichiers communs\Services
[30/04/2008|19:48] C:\Program Files\Fichiers communs\SpeechEngines
[01/05/2008|00:02] C:\Program Files\Fichiers communs\System
[01/05/2008|00:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 40

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-03 14:41:22
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:206][Doss:40] C:\DOCUME~1\Marco\LOCALS~1\Temp
/!\ [Fich:67][Doss:0] C:\DOCUME~1\Marco\Cookies
/!\ [Fich:1468][Doss:4] C:\DOCUME~1\Marco\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 14:41:48,09 ]----------------------

Répondre à ti_samsung
Angeldark   03-05-2008 à 16:04:44
- 0 +

Reposte un rapport Hijackthis.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   03-05-2008 à 17:27:43
- 0 +

Voici le rapport HijackThis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:27:06, on 03/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
E:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe
E:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HerculesCamService] E:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] E:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 5782 bytes

Répondre à ti_samsung
Angeldark   03-05-2008 à 18:05:26
- 0 +

Encore des problèmes ?

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   04-05-2008 à 19:52:38
- 0 +

Et bien oui... Je suis sur un autre pc, encore une fois.
Voici son rapport HijackThis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:24, on 04/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [Boob Idle Software Acid] C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\Build Flap.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [soft enc] C:\DOCUME~1\baoul\APPLIC~1\GLUESA~1\MoreOpenMail.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 5789 bytes

Répondre à ti_samsung
ti_samsung   04-05-2008 à 19:56:29
- 0 +

Et au cas où t'en aurais déjà besoin, voici un rapport LopSD



-----------------------[ Lop S&D 4.2.0-6 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : baoul ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 04/05/2008 | 19:53:26,91 ] [ PC : XPSP2-5067F86E7 ]
[ MAJ : 04-05-2008 | 14:40 ]

-------------[ Listing des dossiers dans Application Data ]------------

[15/04/2008|08:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/04/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[06/04/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/04/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2008|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[29/04/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[07/04/2008|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[28/04/2008|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
[06/04/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/04/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[11/04/2008|09:45] C:\DOCUME~1\baoul\APPLIC~1\Adobe
[15/04/2008|10:44] C:\DOCUME~1\baoul\APPLIC~1\Ahead
[15/04/2008|08:31] C:\DOCUME~1\baoul\APPLIC~1\Apple Computer
[06/04/2008|19:38] C:\DOCUME~1\baoul\APPLIC~1\desktop.ini
[28/04/2008|03:03] C:\DOCUME~1\baoul\APPLIC~1\GLUE SAVE
[06/04/2008|17:58] C:\DOCUME~1\baoul\APPLIC~1\Identities
[06/04/2008|18:59] C:\DOCUME~1\baoul\APPLIC~1\Lavasoft
[30/04/2008|21:45] C:\DOCUME~1\baoul\APPLIC~1\LimeWire
[11/04/2008|09:45] C:\DOCUME~1\baoul\APPLIC~1\Macromedia
[30/04/2008|23:43] C:\DOCUME~1\baoul\APPLIC~1\MeuhMeuhTV
[07/04/2008|11:58] C:\DOCUME~1\baoul\APPLIC~1\Microsoft
[06/04/2008|19:43] C:\DOCUME~1\baoul\APPLIC~1\Mozilla
[04/05/2008|19:25] C:\DOCUME~1\baoul\APPLIC~1\OpenOffice.org2
[29/04/2008|00:21] C:\DOCUME~1\baoul\APPLIC~1\Samsung
[06/04/2008|21:33] C:\DOCUME~1\baoul\APPLIC~1\Sun
[04/05/2008|19:32] C:\DOCUME~1\baoul\APPLIC~1\U3
[30/04/2008|22:34] C:\DOCUME~1\baoul\APPLIC~1\vlc
[06/04/2008|19:47] C:\DOCUME~1\baoul\APPLIC~1\WinRAR

[06/04/2008|19:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[06/04/2008|17:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/04/2008|17:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06/04/2008|17:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[01/05/2008 23:00][--ah-----] C:\WINDOWS\tasks\A662B21F91852A8F.job
[07/04/2008 08:30][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[04/05/2008 19:24][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

A662B21F91852A8F.job <--> c:\docume~1\baoul\applic~1\gluesa~1\onetimepart.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/05/2008|18:59] C:\Program Files\adslTV
[15/04/2008|08:39] C:\Program Files\Ahead
[06/04/2008|18:24] C:\Program Files\Analog Devices
[06/04/2008|19:01] C:\Program Files\Apple Software Update
[06/04/2008|18:28] C:\Program Files\ATI Technologies
[06/04/2008|19:01] C:\Program Files\Bonjour
[06/04/2008|18:52] C:\Program Files\Circle Developement
[12/04/2008|22:54] C:\Program Files\Common Files
[06/04/2008|17:45] C:\Program Files\ComPlus Applications
[06/04/2008|20:12] C:\Program Files\CursorXP
[12/04/2008|11:03] C:\Program Files\DivX
[01/05/2008|00:33] C:\Program Files\DMV
[28/04/2008|11:28] C:\Program Files\eMule
[28/04/2008|23:55] C:\Program Files\Fichiers communs
[28/04/2008|03:02] C:\Program Files\GLUE SAVE
[12/04/2008|22:56] C:\Program Files\gPotato.eu
[29/04/2008|00:11] C:\Program Files\InstallShield Installation Information
[10/04/2008|03:02] C:\Program Files\Internet Explorer
[06/04/2008|18:23] C:\Program Files\InterVideo
[06/04/2008|19:02] C:\Program Files\iPod
[06/04/2008|19:02] C:\Program Files\iTunes
[06/04/2008|22:28] C:\Program Files\Java
[30/04/2008|23:01] C:\Program Files\K!TV
[30/04/2008|22:16] C:\Program Files\KSS
[06/04/2008|18:22] C:\Program Files\Lavasoft
[14/04/2008|22:25] C:\Program Files\LimeWire
[06/04/2008|18:52] C:\Program Files\Messenger Plus! Live
[30/04/2008|23:06] C:\Program Files\MeuhMeuhTV Alpha
[06/04/2008|17:50] C:\Program Files\microsoft frontpage
[06/04/2008|19:57] C:\Program Files\Movie Maker
[04/05/2008|19:48] C:\Program Files\Mozilla Firefox
[06/04/2008|17:50] C:\Program Files\msn gaming zone
[30/04/2008|09:17] C:\Program Files\MSXML 4.0
[06/04/2008|17:50] C:\Program Files\netmeeting
[06/04/2008|21:38] C:\Program Files\OpenOffice.org 2.4
[06/04/2008|19:57] C:\Program Files\Outlook Express
[01/05/2008|18:13] C:\Program Files\PeerTV
[06/04/2008|19:01] C:\Program Files\QuickTime
[28/04/2008|23:56] C:\Program Files\Samsung
[06/04/2008|17:47] C:\Program Files\Services en ligne
[14/04/2008|21:50] C:\Program Files\Soulseek-Test
[06/04/2008|20:12] C:\Program Files\SuperCopier2
[06/04/2008|18:27] C:\Program Files\swsetup
[04/05/2008|19:52] C:\Program Files\Trend Micro
[06/04/2008|17:58] C:\Program Files\Uninstall Information
[06/04/2008|18:51] C:\Program Files\Windows Live
[28/04/2008|11:30] C:\Program Files\Windows Media Connect 2
[28/04/2008|16:14] C:\Program Files\Windows Media Player
[06/04/2008|17:50] C:\Program Files\Windows NT
[06/04/2008|17:47] C:\Program Files\WindowsUpdate
[06/04/2008|19:47] C:\Program Files\WinRAR
[06/04/2008|17:50] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[29/04/2008|00:11] C:\Program Files\Fichiers communs\Adobe
[15/04/2008|08:37] C:\Program Files\Fichiers communs\Ahead
[06/04/2008|19:00] C:\Program Files\Fichiers communs\Apple
[12/04/2008|13:25] C:\Program Files\Fichiers communs\InstallShield
[06/04/2008|21:34] C:\Program Files\Fichiers communs\Java
[06/04/2008|18:49] C:\Program Files\Fichiers communs\Microsoft Shared
[06/04/2008|17:46] C:\Program Files\Fichiers communs\MSSoap
[06/04/2008|19:39] C:\Program Files\Fichiers communs\ODBC
[06/04/2008|17:46] C:\Program Files\Fichiers communs\Services
[06/04/2008|19:39] C:\Program Files\Fichiers communs\SpeechEngines
[06/04/2008|19:32] C:\Program Files\Fichiers communs\System
[06/04/2008|18:49] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 36

iexplore.exe ~ [580]
iexplore.exe ~ [1136]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle\base camp.exe
C:\DOCUME~1\baoul\APPLIC~1\gluesa~1
C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\ErrorMp3AboutAce.exe
C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\fvjyzupl.exe
C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\ilzozvfq.exe
C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\MoreOpenMail.exe
C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\onetimepart.exe
C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\twolqwvz.exe
C:\Program Files\gluesa~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\A662B21F91852A8F.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"soft enc"="C:\\DOCUME~1\\baoul\\APPLIC~1\\GLUESA~1\\MoreOpenMail.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Boob Idle Software Acid"="C:\\Documents and Settings\\All Users\\Application Data\\Part Long Boob Idle\\Build Flap.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE


-> 72 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-04 19:54:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:255][Doss:23] C:\DOCUME~1\baoul\LOCALS~1\Temp
/!\ [Fich:127][Doss:0] C:\DOCUME~1\baoul\Cookies
/!\ [Fich:2118][Doss:4] C:\DOCUME~1\baoul\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:55:38,41 ]----------------------


Merci Beaucoup d'avance!!!

Répondre à ti_samsung
Angeldark   04-05-2008 à 21:43:29
- 0 +

Option 2 maintenant.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   06-05-2008 à 12:29:32
- 0 +


-----------------------[ Lop S&D 4.2.0-6 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : baoul ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 05/05/2008 | 23:02:21,41 ] [ PC : XPSP2-5067F86E7 ]
[ MAJ : 04-05-2008 | 14:40 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\baoul\APPLIC~1\gluesa~1

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[15/04/2008|08:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/04/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[06/04/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/04/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2008|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[29/04/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[07/04/2008|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/04/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/04/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[11/04/2008|09:45] C:\DOCUME~1\baoul\APPLIC~1\Adobe
[15/04/2008|10:44] C:\DOCUME~1\baoul\APPLIC~1\Ahead
[15/04/2008|08:31] C:\DOCUME~1\baoul\APPLIC~1\Apple Computer
[06/04/2008|19:38] C:\DOCUME~1\baoul\APPLIC~1\desktop.ini
[06/04/2008|17:58] C:\DOCUME~1\baoul\APPLIC~1\Identities
[06/04/2008|18:59] C:\DOCUME~1\baoul\APPLIC~1\Lavasoft
[04/05/2008|20:26] C:\DOCUME~1\baoul\APPLIC~1\LimeWire
[04/05/2008|20:07] C:\DOCUME~1\baoul\APPLIC~1\ma-config.com
[11/04/2008|09:45] C:\DOCUME~1\baoul\APPLIC~1\Macromedia
[30/04/2008|23:43] C:\DOCUME~1\baoul\APPLIC~1\MeuhMeuhTV
[07/04/2008|11:58] C:\DOCUME~1\baoul\APPLIC~1\Microsoft
[06/04/2008|19:43] C:\DOCUME~1\baoul\APPLIC~1\Mozilla
[05/05/2008|22:04] C:\DOCUME~1\baoul\APPLIC~1\OpenOffice.org2
[29/04/2008|00:21] C:\DOCUME~1\baoul\APPLIC~1\Samsung
[06/04/2008|21:33] C:\DOCUME~1\baoul\APPLIC~1\Sun
[04/05/2008|19:32] C:\DOCUME~1\baoul\APPLIC~1\U3
[30/04/2008|22:34] C:\DOCUME~1\baoul\APPLIC~1\vlc
[06/04/2008|19:47] C:\DOCUME~1\baoul\APPLIC~1\WinRAR

[06/04/2008|19:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[06/04/2008|17:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/04/2008|17:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06/04/2008|17:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[07/04/2008 08:30][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[05/05/2008 22:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/05/2008|18:59] C:\Program Files\adslTV
[15/04/2008|08:39] C:\Program Files\Ahead
[06/04/2008|18:24] C:\Program Files\Analog Devices
[06/04/2008|19:01] C:\Program Files\Apple Software Update
[06/04/2008|18:28] C:\Program Files\ATI Technologies
[06/04/2008|19:01] C:\Program Files\Bonjour
[12/04/2008|22:54] C:\Program Files\Common Files
[06/04/2008|17:45] C:\Program Files\ComPlus Applications
[06/04/2008|20:12] C:\Program Files\CursorXP
[12/04/2008|11:03] C:\Program Files\DivX
[01/05/2008|00:33] C:\Program Files\DMV
[28/04/2008|11:28] C:\Program Files\eMule
[28/04/2008|23:55] C:\Program Files\Fichiers communs
[12/04/2008|22:56] C:\Program Files\gPotato.eu
[29/04/2008|00:11] C:\Program Files\InstallShield Installation Information
[10/04/2008|03:02] C:\Program Files\Internet Explorer
[06/04/2008|18:23] C:\Program Files\InterVideo
[06/04/2008|19:02] C:\Program Files\iPod
[06/04/2008|19:02] C:\Program Files\iTunes
[06/04/2008|22:28] C:\Program Files\Java
[30/04/2008|23:01] C:\Program Files\K!TV
[30/04/2008|22:16] C:\Program Files\KSS
[06/04/2008|18:22] C:\Program Files\Lavasoft
[14/04/2008|22:25] C:\Program Files\LimeWire
[04/05/2008|20:07] C:\Program Files\ma-config.com
[06/04/2008|18:52] C:\Program Files\Messenger Plus! Live
[30/04/2008|23:06] C:\Program Files\MeuhMeuhTV Alpha
[06/04/2008|17:50] C:\Program Files\microsoft frontpage
[06/04/2008|19:57] C:\Program Files\Movie Maker
[05/05/2008|22:15] C:\Program Files\Mozilla Firefox
[06/04/2008|17:50] C:\Program Files\msn gaming zone
[30/04/2008|09:17] C:\Program Files\MSXML 4.0
[06/04/2008|17:50] C:\Program Files\netmeeting
[06/04/2008|21:38] C:\Program Files\OpenOffice.org 2.4
[06/04/2008|19:57] C:\Program Files\Outlook Express
[01/05/2008|18:13] C:\Program Files\PeerTV
[06/04/2008|19:01] C:\Program Files\QuickTime
[28/04/2008|23:56] C:\Program Files\Samsung
[06/04/2008|17:47] C:\Program Files\Services en ligne
[14/04/2008|21:50] C:\Program Files\Soulseek-Test
[06/04/2008|20:12] C:\Program Files\SuperCopier2
[06/04/2008|18:27] C:\Program Files\swsetup
[04/05/2008|19:52] C:\Program Files\Trend Micro
[06/04/2008|17:58] C:\Program Files\Uninstall Information
[06/04/2008|18:51] C:\Program Files\Windows Live
[28/04/2008|11:30] C:\Program Files\Windows Media Connect 2
[28/04/2008|16:14] C:\Program Files\Windows Media Player
[06/04/2008|17:50] C:\Program Files\Windows NT
[06/04/2008|17:47] C:\Program Files\WindowsUpdate
[06/04/2008|19:47] C:\Program Files\WinRAR
[06/04/2008|17:50] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[29/04/2008|00:11] C:\Program Files\Fichiers communs\Adobe
[15/04/2008|08:37] C:\Program Files\Fichiers communs\Ahead
[06/04/2008|19:00] C:\Program Files\Fichiers communs\Apple
[12/04/2008|13:25] C:\Program Files\Fichiers communs\InstallShield
[06/04/2008|21:34] C:\Program Files\Fichiers communs\Java
[06/04/2008|18:49] C:\Program Files\Fichiers communs\Microsoft Shared
[06/04/2008|17:46] C:\Program Files\Fichiers communs\MSSoap
[06/04/2008|19:39] C:\Program Files\Fichiers communs\ODBC
[06/04/2008|17:46] C:\Program Files\Fichiers communs\Services
[06/04/2008|19:39] C:\Program Files\Fichiers communs\SpeechEngines
[06/04/2008|19:32] C:\Program Files\Fichiers communs\System
[06/04/2008|18:49] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 37

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-05 23:04:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:272][Doss:24] C:\DOCUME~1\baoul\LOCALS~1\Temp
/!\ [Fich:127][Doss:0] C:\DOCUME~1\baoul\Cookies
/!\ [Fich:2171][Doss:4] C:\DOCUME~1\baoul\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 23:04:31,39 ]----------------------

Répondre à ti_samsung
ti_samsung   06-05-2008 à 12:30:47
- 0 +

Et enfin le rapport HijackThis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:05:23, on 05/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [soft enc] C:\DOCUME~1\baoul\APPLIC~1\GLUESA~1\MoreOpenMail.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 5770 bytes

Répondre à ti_samsung
Angeldark   06-05-2008 à 18:30:50
- 0 +

Un nouveau rapport Hijackthis :)

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ti_samsung   07-05-2008 à 23:13:09
- 0 +

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:35:56, on 07/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [Boob Idle Software Acid] C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\Build Flap.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [soft enc] C:\DOCUME~1\baoul\APPLIC~1\GLUESA~1\MoreOpenMail.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 5817 bytes

Répondre à ti_samsung
Angeldark   09-05-2008 à 12:58:55
- 0 +

Re,

Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Boob Idle Software Acid] C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\Build Flap.exe
O4 - HKCU\..\Run: [soft enc] C:\DOCUME~1\baoul\APPLIC~1\GLUESA~1\MoreOpenMail.exe


Refais un scan LopSD option 1.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > blem iexplore non résolu
Aller à :

Il y a 1933 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,447 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens