envahi par despublicité !!! [résolue]
Dernière réponse : dans Sécurité
okokok
j'ai un gros problème! y'a tout le temps des fenètre de pub qui s'ouvre meme quand internet et fermmé! la plus part sont signé CiD!
je suis vraiment vraiment null en informatique
j'ai windows vista , comme antivirus j'ai avast
et s'il quelqu'un pouvait me sauvé a vie je lui en serait éternellement reconnaissante!
(au faite si y'a une manoeuvre trop compliquer à faireje croit que je suis fichu!)
j'ai un gros problème! y'a tout le temps des fenètre de pub qui s'ouvre meme quand internet et fermmé! la plus part sont signé CiD!
je suis vraiment vraiment null en informatique
j'ai windows vista , comme antivirus j'ai avast
et s'il quelqu'un pouvait me sauvé a vie je lui en serait éternellement reconnaissante!
(au faite si y'a une manoeuvre trop compliquer à faireje croit que je suis fichu!)
Autres pages sur : envahi despublicite resolue
Lassé par la pub ? Créez un compte
Un bonjour ?
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de LopS&D.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
en faite je viens d'apprendre que ma petite soeur avez télécharger msn+ que j'ai supprimer. du coup je n'est plus de pub CiD mais d'autre pub beaucoup moins nombreuse dont une qui reviens souvent : "spyware secure" (je crois) et qui me demande de télécharger quelque chose de payant est-ce que je doit qu'en meme faire ce que tu as dit?
Voilou alors je lisais par-ci par-là les problèmes déjà rencontrés en j'ai en effet une saleté de spyware dans le n'ordinateur ... J'en ai déjà eu un que j'avais déjà réussi à enlever, j'ai ad aware, spybot search and destroy, et spyware, tous les trois n'ayant pas réussi à me trouver ce spyware ... Tout comme mimi 18 j'ai régulièrement une pub spyware secure qui apparaît comme ça alors que je navigue sur internet (et d'autres adresses, parfois une page qu'il ne me trouve même pas, des voyages ...) et j'ai donc fait que tu as dit angel dark et le rapport est le suivant ...
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Julien ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 10/06/2008 | 19:27:45,23 ] [ PC : PERSONNE-MM8KU2 ]
[ MAJ : 07-06-2008 | 22:15 ]
-------------[ Listing des dossiers dans Application Data ]------------
[20/08/2007|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[28/07/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[21/08/2007|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
[02/03/2008|00:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[02/03/2008|00:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/06/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[28/07/2007|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[19/01/2002|01:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[19/12/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
[30/04/2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[13/08/2007|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[25/05/2008|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[13/08/2007|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[05/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/06/2008|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[03/11/2007|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[08/06/2008|15:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[26/04/2008|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[03/10/2007|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[09/06/2008|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[10/06/2008|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[09/06/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[12/08/2007|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[14/08/2007|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/03/2008|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/10/2007|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[19/01/2002|01:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/01/2002|01:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/08/2007|16:52] C:\DOCUME~1\Julien\APPLIC~1\Adobe
[03/09/2007|10:36] C:\DOCUME~1\Julien\APPLIC~1\AdobeUM
[02/03/2008|00:44] C:\DOCUME~1\Julien\APPLIC~1\Apple Computer
[28/07/2007|22:42] C:\DOCUME~1\Julien\APPLIC~1\CyberLink
[19/01/2002|01:18] C:\DOCUME~1\Julien\APPLIC~1\desktop.ini
[20/03/2008|21:06] C:\DOCUME~1\Julien\APPLIC~1\EPSON
[07/06/2008|13:31] C:\DOCUME~1\Julien\APPLIC~1\fretsonfire
[20/01/2008|13:31] C:\DOCUME~1\Julien\APPLIC~1\GDIPFONTCACHEV1.DAT
[13/08/2007|21:46] C:\DOCUME~1\Julien\APPLIC~1\Google
[30/04/2008|10:40] C:\DOCUME~1\Julien\APPLIC~1\Identities
[12/01/2008|20:25] C:\DOCUME~1\Julien\APPLIC~1\InstallShield
[19/12/2007|18:56] C:\DOCUME~1\Julien\APPLIC~1\Lavasoft
[08/06/2008|22:52] C:\DOCUME~1\Julien\APPLIC~1\LimeWire
[14/08/2007|17:04] C:\DOCUME~1\Julien\APPLIC~1\Macromedia
[28/07/2007|23:38] C:\DOCUME~1\Julien\APPLIC~1\Micro Application
[24/03/2008|19:24] C:\DOCUME~1\Julien\APPLIC~1\Microsoft
[13/08/2007|21:50] C:\DOCUME~1\Julien\APPLIC~1\Mozilla
[06/06/2008|17:49] C:\DOCUME~1\Julien\APPLIC~1\MSN6
[08/06/2008|15:30] C:\DOCUME~1\Julien\APPLIC~1\PlayFirst
[24/01/2008|23:16] C:\DOCUME~1\Julien\APPLIC~1\Skype
[13/08/2007|21:45] C:\DOCUME~1\Julien\APPLIC~1\Sun
[06/01/2008|23:35] C:\DOCUME~1\Julien\APPLIC~1\teamspeak2
[08/02/2008|18:56] C:\DOCUME~1\Julien\APPLIC~1\TuxPaint
[02/03/2008|00:46] C:\DOCUME~1\Julien\APPLIC~1\vlc
[14/08/2007|12:04] C:\DOCUME~1\Julien\APPLIC~1\WinRAR
[30/04/2008|10:40] C:\DOCUME~1\Julien\APPLIC~1\Zylom
[14/08/2007|15:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[19/01/2002|01:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[11/04/2008 11:22][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/06/2008 17:48][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[28/07/2007|22:55] C:\Program Files\Adobe
[28/07/2007|22:17] C:\Program Files\Ahead
[28/07/2007|23:17] C:\Program Files\Alwil Software
[10/06/2008|18:52] C:\Program Files\AntiVir PersonalEdition Classic
[02/03/2008|00:43] C:\Program Files\Apple Software Update
[15/11/2007|21:44] C:\Program Files\AV Vcs 6.0 DIAMOND
[08/06/2008|13:41] C:\Program Files\Boonty
[09/06/2008|13:05] C:\Program Files\BoontyGames
[14/08/2007|16:46] C:\Program Files\Common Files
[19/01/2002|01:22] C:\Program Files\ComPlus Applications
[28/07/2007|22:20] C:\Program Files\CyberLink
[07/09/2007|19:53] C:\Program Files\Diddl Screenmate
[12/01/2008|20:25] C:\Program Files\DIFX
[12/09/2007|20:30] C:\Program Files\directx
[15/11/2007|17:46] C:\Program Files\eMule
[12/08/2007|18:46] C:\Program Files\EPSON
[05/03/2008|22:11] C:\Program Files\Fichiers communs
[29/07/2007|07:55] C:\Program Files\Futuremark
[14/08/2007|11:33] C:\Program Files\Google
[25/09/2007|21:10] C:\Program Files\Heroes2
[25/12/2007|01:41] C:\Program Files\HLSW
[25/05/2008|22:00] C:\Program Files\InstallShield Installation Information
[13/05/2008|21:08] C:\Program Files\Internet Explorer
[22/03/2008|19:59] C:\Program Files\Java
[27/03/2008|18:42] C:\Program Files\JoWooD
[19/12/2007|18:56] C:\Program Files\Lavasoft
[02/05/2008|16:27] C:\Program Files\LimeWire
[13/08/2007|18:58] C:\Program Files\Messenger
[31/03/2008|22:30] C:\Program Files\Messenger Plus! Live
[28/07/2007|23:08] C:\Program Files\Micro Application
[19/01/2002|01:23] C:\Program Files\microsoft frontpage
[28/07/2007|22:52] C:\Program Files\Microsoft Office
[28/07/2007|22:28] C:\Program Files\Movie Maker
[10/06/2008|19:20] C:\Program Files\Mozilla Firefox
[05/06/2008|20:34] C:\Program Files\MSN
[19/01/2002|01:21] C:\Program Files\MSN Gaming Zone
[02/12/2007|16:25] C:\Program Files\MSXML 4.0
[03/12/2007|19:54] C:\Program Files\NetMeeting
[12/08/2007|19:08] C:\Program Files\Outlook Express
[06/03/2008|15:11] C:\Program Files\Pac-Man World 2
[09/06/2008|13:09] C:\Program Files\Playfirst
[30/12/2007|20:33] C:\Program Files\Promolettres
[02/03/2008|00:43] C:\Program Files\QuickTime
[12/01/2008|20:25] C:\Program Files\Razer
[17/09/2007|18:51] C:\Program Files\Real
[15/08/2007|02:17] C:\Program Files\RngInterstitial.dll
[13/09/2007|18:57] C:\Program Files\Rockstar Games
[01/12/2007|18:17] C:\Program Files\Samsung
[19/01/2002|01:21] C:\Program Files\Services en ligne
[19/01/2002|01:36] C:\Program Files\Silicon Image
[03/10/2007|18:20] C:\Program Files\Skype
[09/06/2008|22:29] C:\Program Files\Spybot - Search & Destroy
[10/06/2008|18:14] C:\Program Files\SpywareBlaster
[10/03/2008|18:19] C:\Program Files\StuffPlug3
[14/08/2007|18:12] C:\Program Files\Teamspeak2_RC2
[10/06/2008|19:23] C:\Program Files\Trend Micro
[07/06/2008|11:12] C:\Program Files\TuxPaint
[19/01/2002|01:28] C:\Program Files\Uninstall Information
[13/08/2007|22:00] C:\Program Files\Valve
[02/03/2008|00:46] C:\Program Files\VideoLAN
[13/09/2007|17:17] C:\Program Files\Viewpoint
[17/05/2008|22:04] C:\Program Files\Windows Journal Viewer
[05/03/2008|22:11] C:\Program Files\Windows Live
[14/08/2007|15:36] C:\Program Files\Windows Media Connect 2
[14/08/2007|15:35] C:\Program Files\Windows Media Player
[28/07/2007|22:27] C:\Program Files\Windows NT
[19/01/2002|01:43] C:\Program Files\WindowsUpdate
[14/08/2007|12:04] C:\Program Files\WinRAR
[13/08/2007|21:47] C:\Program Files\WordBiz
[19/01/2002|01:23] C:\Program Files\xerox
[08/01/2008|21:06] C:\Program Files\ZNsoft Corporation
[25/05/2008|22:11] C:\Program Files\Zylom Games
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[28/07/2007|23:09] C:\Program Files\Fichiers communs\Acronis
[28/07/2007|22:55] C:\Program Files\Fichiers communs\Adobe
[28/07/2007|22:15] C:\Program Files\Fichiers communs\Ahead
[02/03/2008|00:42] C:\Program Files\Fichiers communs\Apple
[08/06/2008|13:49] C:\Program Files\Fichiers communs\BOONTY Shared
[28/07/2007|22:52] C:\Program Files\Fichiers communs\Designer
[12/08/2007|18:47] C:\Program Files\Fichiers communs\InstallShield
[13/08/2007|21:44] C:\Program Files\Fichiers communs\Java
[26/08/2007|17:47] C:\Program Files\Fichiers communs\logishrd
[17/05/2008|22:04] C:\Program Files\Fichiers communs\Microsoft Shared
[19/01/2002|01:22] C:\Program Files\Fichiers communs\MSSoap
[19/01/2002|01:18] C:\Program Files\Fichiers communs\ODBC
[17/09/2007|18:51] C:\Program Files\Fichiers communs\Real
[19/01/2002|01:22] C:\Program Files\Fichiers communs\Services
[03/10/2007|18:20] C:\Program Files\Fichiers communs\Skype
[13/08/2007|18:39] C:\Program Files\Fichiers communs\Softwin
[19/01/2002|01:18] C:\Program Files\Fichiers communs\SpeechEngines
[12/08/2007|19:08] C:\Program Files\Fichiers communs\System
[05/03/2008|22:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 44
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 8749 ( 70 ## added by CiD )
/!\ 1 Not 127.0.0.1 !!
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-10 19:28:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\bdxrfhu_navps.dat
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\bdxrfhu.exe
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\bdxrfhu.dat
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\kimkh_navps.dat
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\bdxrfhu_nav.dat
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\kimkh_nav.dat
! EGDACCESS !
=> C:\Documents and Settings\Julien\Application Data\Macromedia\Flash Player\#SharedObjects\LADJ4DB3\crackle.com
=> C:\Documents and Settings\Julien\Application Data\Macromedia\Flash Player\#SharedObjects\LADJ4DB3\crackle.com\crackleSettings.sol
=> C:\Documents and Settings\Julien\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com
=> C:\Documents and Settings\Julien\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol
=> C:\Documents and Settings\Julien\Bureau\Zic\Helloween\Gambling With The Devil\01 - crack the riddle (intro).mp3
=> C:\Documents and Settings\Julien\Bureau\Zic\Ill Ni¤o\Enigma\12-ill_nino-kellogs_bombs_and_cracker_jacks.mp3
=> C:\Documents and Settings\Julien\Bureau\Zic\Scoldt\First Cut\04 - Crack Down.mp3
[F:897][D:41]-> C:\DOCUME~1\Julien\LOCALS~1\Temp
[F:6][D:0]-> C:\DOCUME~1\Julien\Cookies
[F:1319][D:32]-> C:\DOCUME~1\Julien\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 19:29:14,75 ]----------------------
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Julien ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 10/06/2008 | 19:27:45,23 ] [ PC : PERSONNE-MM8KU2 ]
[ MAJ : 07-06-2008 | 22:15 ]
-------------[ Listing des dossiers dans Application Data ]------------
[20/08/2007|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[28/07/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[21/08/2007|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
[02/03/2008|00:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[02/03/2008|00:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/06/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[28/07/2007|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[19/01/2002|01:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[19/12/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
[30/04/2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[13/08/2007|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[25/05/2008|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[13/08/2007|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[05/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/06/2008|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[03/11/2007|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[08/06/2008|15:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[26/04/2008|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[03/10/2007|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[09/06/2008|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[10/06/2008|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[09/06/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[12/08/2007|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[14/08/2007|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/03/2008|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/10/2007|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[19/01/2002|01:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/01/2002|01:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/08/2007|16:52] C:\DOCUME~1\Julien\APPLIC~1\Adobe
[03/09/2007|10:36] C:\DOCUME~1\Julien\APPLIC~1\AdobeUM
[02/03/2008|00:44] C:\DOCUME~1\Julien\APPLIC~1\Apple Computer
[28/07/2007|22:42] C:\DOCUME~1\Julien\APPLIC~1\CyberLink
[19/01/2002|01:18] C:\DOCUME~1\Julien\APPLIC~1\desktop.ini
[20/03/2008|21:06] C:\DOCUME~1\Julien\APPLIC~1\EPSON
[07/06/2008|13:31] C:\DOCUME~1\Julien\APPLIC~1\fretsonfire
[20/01/2008|13:31] C:\DOCUME~1\Julien\APPLIC~1\GDIPFONTCACHEV1.DAT
[13/08/2007|21:46] C:\DOCUME~1\Julien\APPLIC~1\Google
[30/04/2008|10:40] C:\DOCUME~1\Julien\APPLIC~1\Identities
[12/01/2008|20:25] C:\DOCUME~1\Julien\APPLIC~1\InstallShield
[19/12/2007|18:56] C:\DOCUME~1\Julien\APPLIC~1\Lavasoft
[08/06/2008|22:52] C:\DOCUME~1\Julien\APPLIC~1\LimeWire
[14/08/2007|17:04] C:\DOCUME~1\Julien\APPLIC~1\Macromedia
[28/07/2007|23:38] C:\DOCUME~1\Julien\APPLIC~1\Micro Application
[24/03/2008|19:24] C:\DOCUME~1\Julien\APPLIC~1\Microsoft
[13/08/2007|21:50] C:\DOCUME~1\Julien\APPLIC~1\Mozilla
[06/06/2008|17:49] C:\DOCUME~1\Julien\APPLIC~1\MSN6
[08/06/2008|15:30] C:\DOCUME~1\Julien\APPLIC~1\PlayFirst
[24/01/2008|23:16] C:\DOCUME~1\Julien\APPLIC~1\Skype
[13/08/2007|21:45] C:\DOCUME~1\Julien\APPLIC~1\Sun
[06/01/2008|23:35] C:\DOCUME~1\Julien\APPLIC~1\teamspeak2
[08/02/2008|18:56] C:\DOCUME~1\Julien\APPLIC~1\TuxPaint
[02/03/2008|00:46] C:\DOCUME~1\Julien\APPLIC~1\vlc
[14/08/2007|12:04] C:\DOCUME~1\Julien\APPLIC~1\WinRAR
[30/04/2008|10:40] C:\DOCUME~1\Julien\APPLIC~1\Zylom
[14/08/2007|15:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[19/01/2002|01:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[11/04/2008 11:22][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/06/2008 17:48][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[28/07/2007|22:55] C:\Program Files\Adobe
[28/07/2007|22:17] C:\Program Files\Ahead
[28/07/2007|23:17] C:\Program Files\Alwil Software
[10/06/2008|18:52] C:\Program Files\AntiVir PersonalEdition Classic
[02/03/2008|00:43] C:\Program Files\Apple Software Update
[15/11/2007|21:44] C:\Program Files\AV Vcs 6.0 DIAMOND
[08/06/2008|13:41] C:\Program Files\Boonty
[09/06/2008|13:05] C:\Program Files\BoontyGames
[14/08/2007|16:46] C:\Program Files\Common Files
[19/01/2002|01:22] C:\Program Files\ComPlus Applications
[28/07/2007|22:20] C:\Program Files\CyberLink
[07/09/2007|19:53] C:\Program Files\Diddl Screenmate
[12/01/2008|20:25] C:\Program Files\DIFX
[12/09/2007|20:30] C:\Program Files\directx
[15/11/2007|17:46] C:\Program Files\eMule
[12/08/2007|18:46] C:\Program Files\EPSON
[05/03/2008|22:11] C:\Program Files\Fichiers communs
[29/07/2007|07:55] C:\Program Files\Futuremark
[14/08/2007|11:33] C:\Program Files\Google
[25/09/2007|21:10] C:\Program Files\Heroes2
[25/12/2007|01:41] C:\Program Files\HLSW
[25/05/2008|22:00] C:\Program Files\InstallShield Installation Information
[13/05/2008|21:08] C:\Program Files\Internet Explorer
[22/03/2008|19:59] C:\Program Files\Java
[27/03/2008|18:42] C:\Program Files\JoWooD
[19/12/2007|18:56] C:\Program Files\Lavasoft
[02/05/2008|16:27] C:\Program Files\LimeWire
[13/08/2007|18:58] C:\Program Files\Messenger
[31/03/2008|22:30] C:\Program Files\Messenger Plus! Live
[28/07/2007|23:08] C:\Program Files\Micro Application
[19/01/2002|01:23] C:\Program Files\microsoft frontpage
[28/07/2007|22:52] C:\Program Files\Microsoft Office
[28/07/2007|22:28] C:\Program Files\Movie Maker
[10/06/2008|19:20] C:\Program Files\Mozilla Firefox
[05/06/2008|20:34] C:\Program Files\MSN
[19/01/2002|01:21] C:\Program Files\MSN Gaming Zone
[02/12/2007|16:25] C:\Program Files\MSXML 4.0
[03/12/2007|19:54] C:\Program Files\NetMeeting
[12/08/2007|19:08] C:\Program Files\Outlook Express
[06/03/2008|15:11] C:\Program Files\Pac-Man World 2
[09/06/2008|13:09] C:\Program Files\Playfirst
[30/12/2007|20:33] C:\Program Files\Promolettres
[02/03/2008|00:43] C:\Program Files\QuickTime
[12/01/2008|20:25] C:\Program Files\Razer
[17/09/2007|18:51] C:\Program Files\Real
[15/08/2007|02:17] C:\Program Files\RngInterstitial.dll
[13/09/2007|18:57] C:\Program Files\Rockstar Games
[01/12/2007|18:17] C:\Program Files\Samsung
[19/01/2002|01:21] C:\Program Files\Services en ligne
[19/01/2002|01:36] C:\Program Files\Silicon Image
[03/10/2007|18:20] C:\Program Files\Skype
[09/06/2008|22:29] C:\Program Files\Spybot - Search & Destroy
[10/06/2008|18:14] C:\Program Files\SpywareBlaster
[10/03/2008|18:19] C:\Program Files\StuffPlug3
[14/08/2007|18:12] C:\Program Files\Teamspeak2_RC2
[10/06/2008|19:23] C:\Program Files\Trend Micro
[07/06/2008|11:12] C:\Program Files\TuxPaint
[19/01/2002|01:28] C:\Program Files\Uninstall Information
[13/08/2007|22:00] C:\Program Files\Valve
[02/03/2008|00:46] C:\Program Files\VideoLAN
[13/09/2007|17:17] C:\Program Files\Viewpoint
[17/05/2008|22:04] C:\Program Files\Windows Journal Viewer
[05/03/2008|22:11] C:\Program Files\Windows Live
[14/08/2007|15:36] C:\Program Files\Windows Media Connect 2
[14/08/2007|15:35] C:\Program Files\Windows Media Player
[28/07/2007|22:27] C:\Program Files\Windows NT
[19/01/2002|01:43] C:\Program Files\WindowsUpdate
[14/08/2007|12:04] C:\Program Files\WinRAR
[13/08/2007|21:47] C:\Program Files\WordBiz
[19/01/2002|01:23] C:\Program Files\xerox
[08/01/2008|21:06] C:\Program Files\ZNsoft Corporation
[25/05/2008|22:11] C:\Program Files\Zylom Games
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[28/07/2007|23:09] C:\Program Files\Fichiers communs\Acronis
[28/07/2007|22:55] C:\Program Files\Fichiers communs\Adobe
[28/07/2007|22:15] C:\Program Files\Fichiers communs\Ahead
[02/03/2008|00:42] C:\Program Files\Fichiers communs\Apple
[08/06/2008|13:49] C:\Program Files\Fichiers communs\BOONTY Shared
[28/07/2007|22:52] C:\Program Files\Fichiers communs\Designer
[12/08/2007|18:47] C:\Program Files\Fichiers communs\InstallShield
[13/08/2007|21:44] C:\Program Files\Fichiers communs\Java
[26/08/2007|17:47] C:\Program Files\Fichiers communs\logishrd
[17/05/2008|22:04] C:\Program Files\Fichiers communs\Microsoft Shared
[19/01/2002|01:22] C:\Program Files\Fichiers communs\MSSoap
[19/01/2002|01:18] C:\Program Files\Fichiers communs\ODBC
[17/09/2007|18:51] C:\Program Files\Fichiers communs\Real
[19/01/2002|01:22] C:\Program Files\Fichiers communs\Services
[03/10/2007|18:20] C:\Program Files\Fichiers communs\Skype
[13/08/2007|18:39] C:\Program Files\Fichiers communs\Softwin
[19/01/2002|01:18] C:\Program Files\Fichiers communs\SpeechEngines
[12/08/2007|19:08] C:\Program Files\Fichiers communs\System
[05/03/2008|22:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 44
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 8749 ( 70 ## added by CiD )
/!\ 1 Not 127.0.0.1 !!
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-10 19:28:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\bdxrfhu_navps.dat
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\bdxrfhu.exe
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\bdxrfhu.dat
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\kimkh_navps.dat
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\bdxrfhu_nav.dat
C:\DOCUME~1\Julien\LOCALS~1\APPLIC~1\kimkh_nav.dat
! EGDACCESS !
=> C:\Documents and Settings\Julien\Application Data\Macromedia\Flash Player\#SharedObjects\LADJ4DB3\crackle.com
=> C:\Documents and Settings\Julien\Application Data\Macromedia\Flash Player\#SharedObjects\LADJ4DB3\crackle.com\crackleSettings.sol
=> C:\Documents and Settings\Julien\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com
=> C:\Documents and Settings\Julien\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol
=> C:\Documents and Settings\Julien\Bureau\Zic\Helloween\Gambling With The Devil\01 - crack the riddle (intro).mp3
=> C:\Documents and Settings\Julien\Bureau\Zic\Ill Ni¤o\Enigma\12-ill_nino-kellogs_bombs_and_cracker_jacks.mp3
=> C:\Documents and Settings\Julien\Bureau\Zic\Scoldt\First Cut\04 - Crack Down.mp3
[F:897][D:41]-> C:\DOCUME~1\Julien\LOCALS~1\Temp
[F:6][D:0]-> C:\DOCUME~1\Julien\Cookies
[F:1319][D:32]-> C:\DOCUME~1\Julien\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 19:29:14,75 ]----------------------
Re,
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
désolé d'avoir mis autant de temps
ca y voila le rapport:
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : ben zid ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 11/06/2008 | 10:34:00,83 ] [ PC : PC-DE-BENZID ]
[ MAJ : 07-06-2008 | 22:15 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[22/02/2008|22:08] C:\Users\BENZID~1\AppData\Roaming\Adobe\Flash Player
[02/06/2007|20:57] C:\Users\BENZID~1\AppData\Roaming\Adobe\Acrobat
[27/08/2007|19:24] C:\Users\BENZID~1\AppData\Roaming\DivX\DivX Codec
[11/07/2007|16:31] C:\Users\BENZID~1\AppData\Roaming\DivX\DivX Player
[31/01/2008|23:47] C:\Users\BENZID~1\AppData\Roaming\EoRezo\eoDesktop
[31/01/2008|18:47] C:\Users\BENZID~1\AppData\Roaming\EoRezo\db
[31/01/2008|00:15] C:\Users\BENZID~1\AppData\Roaming\EoRezo\eoStats
[30/01/2008|23:57] C:\Users\BENZID~1\AppData\Roaming\EoRezo\EoWeather
[13/10/2007|18:15] C:\Users\BENZID~1\AppData\Roaming\EPSON\Creativity Suite
[24/08/2007|17:17] C:\Users\BENZID~1\AppData\Roaming\EPSON\ESCNDV
[30/05/2008|16:35] C:\Users\BENZID~1\AppData\Roaming\Google\Local Search History
[02/06/2007|19:11] C:\Users\BENZID~1\AppData\Roaming\Identities\{06C40E65-1BAE-4B4C-9212-EA555E97D93A}
[01/09/2007|21:20] C:\Users\BENZID~1\AppData\Roaming\InstallShield\ISEngine12.0
[02/06/2007|21:35] C:\Users\BENZID~1\AppData\Roaming\Macromedia\Flash Player
[06/06/2008|18:21] C:\Users\BENZID~1\AppData\Roaming\Microsoft\MSN Messenger
[14/05/2008|20:18] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[03/09/2007|10:32] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Internet Explorer
[12/08/2007|19:43] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Crypto
[30/06/2007|14:16] C:\Users\BENZID~1\AppData\Roaming\Microsoft\IdentityCRL
[28/06/2007|12:56] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows Live Call
[16/06/2007|10:29] C:\Users\BENZID~1\AppData\Roaming\Microsoft\eHome
[08/06/2007|21:11] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Speech
[08/06/2007|21:08] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows
[02/06/2007|22:16] C:\Users\BENZID~1\AppData\Roaming\Microsoft\WLTB Custom Buttons
[02/06/2007|21:59] C:\Users\BENZID~1\AppData\Roaming\Microsoft\HTML Help
[02/06/2007|19:12] C:\Users\BENZID~1\AppData\Roaming\Microsoft\SystemCertificates
[02/06/2007|19:11] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Protect
[02/06/2007|19:10] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Credentials
[09/02/2008|21:17] C:\Users\BENZID~1\AppData\Roaming\Mozilla\Firefox
[30/12/2007|20:14] C:\Users\BENZID~1\AppData\Roaming\OpenOffice.org2\user
[08/06/2008|16:02] C:\Users\BENZID~1\AppData\Roaming\PC Tools\Spyware Doctor
[07/10/2007|15:37] C:\Users\BENZID~1\AppData\Roaming\Talkback\MozillaOrg
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[02/04/2008 15:54][--a------] C:\Windows\tasks\Norton Security Scan.job
[10/06/2008 18:35][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[11/06/2008 10:33][--ah-----] C:\Windows\tasks\SA.DAT
[11/06/2008 10:32][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[06/01/2006|19:50] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[08/06/2008|21:36] C:\ProgramData\Avira
[02/06/2007|19:07] C:\ProgramData\Bureau
[06/01/2006|20:00] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[02/06/2007|19:07] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/06/2007|22:22] C:\ProgramData\Google
[10/06/2008|18:01] C:\ProgramData\Google Updater
[02/06/2007|19:15] C:\ProgramData\InstallShield
[02/06/2007|19:07] C:\ProgramData\Menu D‚marrer
[03/06/2007|09:37] C:\ProgramData\Microsoft
[02/06/2007|19:07] C:\ProgramData\ModŠles
[01/07/2007|12:40] C:\ProgramData\Mozilla
[02/11/2006|15:02] C:\ProgramData\Start Menu
[09/06/2007|10:07] C:\ProgramData\Symantec
[11/06/2008|10:33] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[03/06/2007|10:09] C:\ProgramData\UDL
[18/11/2007|16:05] C:\ProgramData\WLInstaller
[02/06/2007|20:15] C:\ProgramData\Yahoo! Companion
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/06/2007|20:19] C:\Program Files\ABBYY FineReader 6.0 Sprint
[02/06/2007|19:15] C:\Program Files\Acer Inc
[06/01/2006|20:04] C:\Program Files\Acer Zone
[06/01/2006|19:50] C:\Program Files\Adobe
[08/06/2008|13:24] C:\Program Files\Alwil Software
[24/12/2007|18:35] C:\Program Files\Common Files
[06/01/2006|19:59] C:\Program Files\CyberLink
[30/08/2007|11:06] C:\Program Files\desktop.ini
[25/08/2007|20:10] C:\Program Files\DivX
[01/02/2008|00:05] C:\Program Files\EoRezo
[03/06/2007|10:06] C:\Program Files\epson
[02/06/2007|19:07] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/06/2008|16:22] C:\Program Files\Google
[01/09/2007|21:21] C:\Program Files\Hercules
[12/04/2008|19:54] C:\Program Files\InstallShield Installation Information
[10/04/2008|11:03] C:\Program Files\Internet Explorer
[24/12/2007|18:38] C:\Program Files\Java
[17/06/2007|11:20] C:\Program Files\LG Electronics
[04/06/2007|12:29] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/11/2007|16:31] C:\Program Files\Microsoft SQL Server Compact Edition
[02/11/2006|14:42] C:\Program Files\Movie Maker
[08/06/2008|20:57] C:\Program Files\Mozilla Firefox
[31/01/2008|23:05] C:\Program Files\Mozilla Firefox 3 Beta 2
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[04/06/2007|12:28] C:\Program Files\MSXML 4.0
[06/01/2006|19:55] C:\Program Files\NewTech Infosystems
[02/04/2008|15:54] C:\Program Files\Norton Security Scan
[24/12/2007|18:42] C:\Program Files\OpenOffice.org 2.3
[14/04/2008|18:16] C:\Program Files\Picasa2
[06/01/2006|19:37] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[16/06/2007|11:00] C:\Program Files\Samsung
[10/06/2008|10:06] C:\Program Files\Spyware Doctor
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/02/2008|01:44] C:\Program Files\Veoh Networks
[30/08/2007|11:03] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[04/06/2007|13:11] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[28/02/2008|12:15] C:\Program Files\Windows Live
[18/11/2007|19:20] C:\Program Files\Windows Live Toolbar
[15/05/2008|10:25] C:\Program Files\Windows Mail
[14/10/2007|10:49] C:\Program Files\Windows Media Player
[02/06/2007|19:07] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[09/01/2008|16:43] C:\Program Files\Windows Sidebar
[02/06/2007|19:11] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[06/01/2006|19:50] C:\Program Files\Common Files\Adobe
[17/08/2007|14:23] C:\Program Files\Common Files\InstallShield
[24/12/2007|18:35] C:\Program Files\Common Files\Java
[06/01/2006|19:54] C:\Program Files\Common Files\LightScribe
[18/11/2007|16:20] C:\Program Files\Common Files\microsoft shared
[06/01/2006|19:55] C:\Program Files\Common Files\NewTech Infosystems
[25/08/2007|20:10] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[09/06/2007|10:09] C:\Program Files\Common Files\Symantec Shared
[13/06/2007|13:23] C:\Program Files\Common Files\System
[18/11/2007|16:20] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 43
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
C:\Users\BENZID~1\AppData\Local\Temp\bisAEF6.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@www.adserver5[2].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@banner.cotedazurpalace[2].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@cotedazurpalace[2].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@adopt.euroclick[1].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@2xmoinscher[2].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@www.2xmoinscher[1].txt
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 10:34:39
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\Windows\system32\nvs2.inf
C:\Users\BENZID~1\AppData\Local\geyimu_navps.dat
C:\Users\BENZID~1\AppData\Local\geyimu.exe
C:\Users\BENZID~1\AppData\Local\geyimu.dat
C:\Users\BENZID~1\AppData\Local\geyimu_nav.dat
! EGDACCESS !
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XWZ5Z2UK\crackle.com
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XWZ5Z2UK\crackle.com\crackleSettings.sol
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol
=> C:\Users\ben zid\AppData\Roaming\Microsoft\Windows\Cookies\Low\ben_zid@crackle[2].txt
[F:3717][D:101]-> C:\Users\BENZID~1\AppData\Local\Temp
[F:1304][D:1]-> C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:314][D:9]-> C:\Users\BENZID~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:691][D:32]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 10:38:06,72 ]----------------------
ca y voila le rapport:
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : ben zid ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 11/06/2008 | 10:34:00,83 ] [ PC : PC-DE-BENZID ]
[ MAJ : 07-06-2008 | 22:15 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[22/02/2008|22:08] C:\Users\BENZID~1\AppData\Roaming\Adobe\Flash Player
[02/06/2007|20:57] C:\Users\BENZID~1\AppData\Roaming\Adobe\Acrobat
[27/08/2007|19:24] C:\Users\BENZID~1\AppData\Roaming\DivX\DivX Codec
[11/07/2007|16:31] C:\Users\BENZID~1\AppData\Roaming\DivX\DivX Player
[31/01/2008|23:47] C:\Users\BENZID~1\AppData\Roaming\EoRezo\eoDesktop
[31/01/2008|18:47] C:\Users\BENZID~1\AppData\Roaming\EoRezo\db
[31/01/2008|00:15] C:\Users\BENZID~1\AppData\Roaming\EoRezo\eoStats
[30/01/2008|23:57] C:\Users\BENZID~1\AppData\Roaming\EoRezo\EoWeather
[13/10/2007|18:15] C:\Users\BENZID~1\AppData\Roaming\EPSON\Creativity Suite
[24/08/2007|17:17] C:\Users\BENZID~1\AppData\Roaming\EPSON\ESCNDV
[30/05/2008|16:35] C:\Users\BENZID~1\AppData\Roaming\Google\Local Search History
[02/06/2007|19:11] C:\Users\BENZID~1\AppData\Roaming\Identities\{06C40E65-1BAE-4B4C-9212-EA555E97D93A}
[01/09/2007|21:20] C:\Users\BENZID~1\AppData\Roaming\InstallShield\ISEngine12.0
[02/06/2007|21:35] C:\Users\BENZID~1\AppData\Roaming\Macromedia\Flash Player
[06/06/2008|18:21] C:\Users\BENZID~1\AppData\Roaming\Microsoft\MSN Messenger
[14/05/2008|20:18] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[03/09/2007|10:32] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Internet Explorer
[12/08/2007|19:43] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Crypto
[30/06/2007|14:16] C:\Users\BENZID~1\AppData\Roaming\Microsoft\IdentityCRL
[28/06/2007|12:56] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows Live Call
[16/06/2007|10:29] C:\Users\BENZID~1\AppData\Roaming\Microsoft\eHome
[08/06/2007|21:11] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Speech
[08/06/2007|21:08] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows
[02/06/2007|22:16] C:\Users\BENZID~1\AppData\Roaming\Microsoft\WLTB Custom Buttons
[02/06/2007|21:59] C:\Users\BENZID~1\AppData\Roaming\Microsoft\HTML Help
[02/06/2007|19:12] C:\Users\BENZID~1\AppData\Roaming\Microsoft\SystemCertificates
[02/06/2007|19:11] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Protect
[02/06/2007|19:10] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Credentials
[09/02/2008|21:17] C:\Users\BENZID~1\AppData\Roaming\Mozilla\Firefox
[30/12/2007|20:14] C:\Users\BENZID~1\AppData\Roaming\OpenOffice.org2\user
[08/06/2008|16:02] C:\Users\BENZID~1\AppData\Roaming\PC Tools\Spyware Doctor
[07/10/2007|15:37] C:\Users\BENZID~1\AppData\Roaming\Talkback\MozillaOrg
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[02/04/2008 15:54][--a------] C:\Windows\tasks\Norton Security Scan.job
[10/06/2008 18:35][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[11/06/2008 10:33][--ah-----] C:\Windows\tasks\SA.DAT
[11/06/2008 10:32][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[06/01/2006|19:50] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[08/06/2008|21:36] C:\ProgramData\Avira
[02/06/2007|19:07] C:\ProgramData\Bureau
[06/01/2006|20:00] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[02/06/2007|19:07] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/06/2007|22:22] C:\ProgramData\Google
[10/06/2008|18:01] C:\ProgramData\Google Updater
[02/06/2007|19:15] C:\ProgramData\InstallShield
[02/06/2007|19:07] C:\ProgramData\Menu D‚marrer
[03/06/2007|09:37] C:\ProgramData\Microsoft
[02/06/2007|19:07] C:\ProgramData\ModŠles
[01/07/2007|12:40] C:\ProgramData\Mozilla
[02/11/2006|15:02] C:\ProgramData\Start Menu
[09/06/2007|10:07] C:\ProgramData\Symantec
[11/06/2008|10:33] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[03/06/2007|10:09] C:\ProgramData\UDL
[18/11/2007|16:05] C:\ProgramData\WLInstaller
[02/06/2007|20:15] C:\ProgramData\Yahoo! Companion
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/06/2007|20:19] C:\Program Files\ABBYY FineReader 6.0 Sprint
[02/06/2007|19:15] C:\Program Files\Acer Inc
[06/01/2006|20:04] C:\Program Files\Acer Zone
[06/01/2006|19:50] C:\Program Files\Adobe
[08/06/2008|13:24] C:\Program Files\Alwil Software
[24/12/2007|18:35] C:\Program Files\Common Files
[06/01/2006|19:59] C:\Program Files\CyberLink
[30/08/2007|11:06] C:\Program Files\desktop.ini
[25/08/2007|20:10] C:\Program Files\DivX
[01/02/2008|00:05] C:\Program Files\EoRezo
[03/06/2007|10:06] C:\Program Files\epson
[02/06/2007|19:07] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/06/2008|16:22] C:\Program Files\Google
[01/09/2007|21:21] C:\Program Files\Hercules
[12/04/2008|19:54] C:\Program Files\InstallShield Installation Information
[10/04/2008|11:03] C:\Program Files\Internet Explorer
[24/12/2007|18:38] C:\Program Files\Java
[17/06/2007|11:20] C:\Program Files\LG Electronics
[04/06/2007|12:29] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/11/2007|16:31] C:\Program Files\Microsoft SQL Server Compact Edition
[02/11/2006|14:42] C:\Program Files\Movie Maker
[08/06/2008|20:57] C:\Program Files\Mozilla Firefox
[31/01/2008|23:05] C:\Program Files\Mozilla Firefox 3 Beta 2
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[04/06/2007|12:28] C:\Program Files\MSXML 4.0
[06/01/2006|19:55] C:\Program Files\NewTech Infosystems
[02/04/2008|15:54] C:\Program Files\Norton Security Scan
[24/12/2007|18:42] C:\Program Files\OpenOffice.org 2.3
[14/04/2008|18:16] C:\Program Files\Picasa2
[06/01/2006|19:37] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[16/06/2007|11:00] C:\Program Files\Samsung
[10/06/2008|10:06] C:\Program Files\Spyware Doctor
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/02/2008|01:44] C:\Program Files\Veoh Networks
[30/08/2007|11:03] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[04/06/2007|13:11] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[28/02/2008|12:15] C:\Program Files\Windows Live
[18/11/2007|19:20] C:\Program Files\Windows Live Toolbar
[15/05/2008|10:25] C:\Program Files\Windows Mail
[14/10/2007|10:49] C:\Program Files\Windows Media Player
[02/06/2007|19:07] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[09/01/2008|16:43] C:\Program Files\Windows Sidebar
[02/06/2007|19:11] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[06/01/2006|19:50] C:\Program Files\Common Files\Adobe
[17/08/2007|14:23] C:\Program Files\Common Files\InstallShield
[24/12/2007|18:35] C:\Program Files\Common Files\Java
[06/01/2006|19:54] C:\Program Files\Common Files\LightScribe
[18/11/2007|16:20] C:\Program Files\Common Files\microsoft shared
[06/01/2006|19:55] C:\Program Files\Common Files\NewTech Infosystems
[25/08/2007|20:10] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[09/06/2007|10:09] C:\Program Files\Common Files\Symantec Shared
[13/06/2007|13:23] C:\Program Files\Common Files\System
[18/11/2007|16:20] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 43
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
C:\Users\BENZID~1\AppData\Local\Temp\bisAEF6.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@www.adserver5[2].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@banner.cotedazurpalace[2].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@cotedazurpalace[2].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@adopt.euroclick[1].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@2xmoinscher[2].txt
C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@www.2xmoinscher[1].txt
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 10:34:39
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\Windows\system32\nvs2.inf
C:\Users\BENZID~1\AppData\Local\geyimu_navps.dat
C:\Users\BENZID~1\AppData\Local\geyimu.exe
C:\Users\BENZID~1\AppData\Local\geyimu.dat
C:\Users\BENZID~1\AppData\Local\geyimu_nav.dat
! EGDACCESS !
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XWZ5Z2UK\crackle.com
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XWZ5Z2UK\crackle.com\crackleSettings.sol
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol
=> C:\Users\ben zid\AppData\Roaming\Microsoft\Windows\Cookies\Low\ben_zid@crackle[2].txt
[F:3717][D:101]-> C:\Users\BENZID~1\AppData\Local\Temp
[F:1304][D:1]-> C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:314][D:9]-> C:\Users\BENZID~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:691][D:32]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 10:38:06,72 ]----------------------
euh désolé le 1er rapport ce n'était pas le mien mais celui de quelqu'un d'autre
mais bon j'ai fait l'option 2 et voila mon 2ème rapport!![:)]( ":)")
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : ben zid ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 11/06/2008 | 12:56:40,19 ] [ PC : PC-DE-BENZID ]
[ MAJ : 07-06-2008 | 22:15 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@www.adserver5[2].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@banner.cotedazurpalace[2].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@cotedazurpalace[2].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@adopt.euroclick[1].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@2xmoinscher[2].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@www.2xmoinscher[1].txt
Supprimé! - C:\Users\BENZID~1\AppData\Local\Temp\bisAEF6.exe
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[22/02/2008|22:08] C:\Users\BENZID~1\AppData\Roaming\Adobe\Flash Player
[02/06/2007|20:57] C:\Users\BENZID~1\AppData\Roaming\Adobe\Acrobat
[27/08/2007|19:24] C:\Users\BENZID~1\AppData\Roaming\DivX\DivX Codec
[11/07/2007|16:31] C:\Users\BENZID~1\AppData\Roaming\DivX\DivX Player
[31/01/2008|23:47] C:\Users\BENZID~1\AppData\Roaming\EoRezo\eoDesktop
[31/01/2008|18:47] C:\Users\BENZID~1\AppData\Roaming\EoRezo\db
[31/01/2008|00:15] C:\Users\BENZID~1\AppData\Roaming\EoRezo\eoStats
[30/01/2008|23:57] C:\Users\BENZID~1\AppData\Roaming\EoRezo\EoWeather
[13/10/2007|18:15] C:\Users\BENZID~1\AppData\Roaming\EPSON\Creativity Suite
[24/08/2007|17:17] C:\Users\BENZID~1\AppData\Roaming\EPSON\ESCNDV
[30/05/2008|16:35] C:\Users\BENZID~1\AppData\Roaming\Google\Local Search History
[02/06/2007|19:11] C:\Users\BENZID~1\AppData\Roaming\Identities\{06C40E65-1BAE-4B4C-9212-EA555E97D93A}
[01/09/2007|21:20] C:\Users\BENZID~1\AppData\Roaming\InstallShield\ISEngine12.0
[02/06/2007|21:35] C:\Users\BENZID~1\AppData\Roaming\Macromedia\Flash Player
[06/06/2008|18:21] C:\Users\BENZID~1\AppData\Roaming\Microsoft\MSN Messenger
[14/05/2008|20:18] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[03/09/2007|10:32] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Internet Explorer
[12/08/2007|19:43] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Crypto
[30/06/2007|14:16] C:\Users\BENZID~1\AppData\Roaming\Microsoft\IdentityCRL
[28/06/2007|12:56] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows Live Call
[16/06/2007|10:29] C:\Users\BENZID~1\AppData\Roaming\Microsoft\eHome
[08/06/2007|21:11] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Speech
[08/06/2007|21:08] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows
[02/06/2007|22:16] C:\Users\BENZID~1\AppData\Roaming\Microsoft\WLTB Custom Buttons
[02/06/2007|21:59] C:\Users\BENZID~1\AppData\Roaming\Microsoft\HTML Help
[02/06/2007|19:12] C:\Users\BENZID~1\AppData\Roaming\Microsoft\SystemCertificates
[02/06/2007|19:11] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Protect
[02/06/2007|19:10] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Credentials
[09/02/2008|21:17] C:\Users\BENZID~1\AppData\Roaming\Mozilla\Firefox
[30/12/2007|20:14] C:\Users\BENZID~1\AppData\Roaming\OpenOffice.org2\user
[08/06/2008|16:02] C:\Users\BENZID~1\AppData\Roaming\PC Tools\Spyware Doctor
[07/10/2007|15:37] C:\Users\BENZID~1\AppData\Roaming\Talkback\MozillaOrg
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[02/04/2008 15:54][--a------] C:\Windows\tasks\Norton Security Scan.job
[11/06/2008 12:35][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[11/06/2008 12:56][--ah-----] C:\Windows\tasks\SA.DAT
[11/06/2008 12:54][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[06/01/2006|19:50] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[08/06/2008|21:38] C:\ProgramData\Avira
[02/06/2007|19:07] C:\ProgramData\Bureau
[06/01/2006|20:00] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[02/06/2007|19:07] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/06/2007|22:22] C:\ProgramData\Google
[10/06/2008|18:01] C:\ProgramData\Google Updater
[02/06/2007|19:15] C:\ProgramData\InstallShield
[02/06/2007|19:07] C:\ProgramData\Menu D‚marrer
[03/06/2007|09:37] C:\ProgramData\Microsoft
[02/06/2007|19:07] C:\ProgramData\ModŠles
[01/07/2007|12:40] C:\ProgramData\Mozilla
[02/11/2006|15:02] C:\ProgramData\Start Menu
[09/06/2007|10:07] C:\ProgramData\Symantec
[11/06/2008|12:56] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[03/06/2007|10:09] C:\ProgramData\UDL
[18/11/2007|16:05] C:\ProgramData\WLInstaller
[02/06/2007|20:15] C:\ProgramData\Yahoo! Companion
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/06/2007|20:19] C:\Program Files\ABBYY FineReader 6.0 Sprint
[02/06/2007|19:15] C:\Program Files\Acer Inc
[06/01/2006|20:04] C:\Program Files\Acer Zone
[06/01/2006|19:50] C:\Program Files\Adobe
[08/06/2008|13:24] C:\Program Files\Alwil Software
[24/12/2007|18:35] C:\Program Files\Common Files
[06/01/2006|19:59] C:\Program Files\CyberLink
[30/08/2007|11:06] C:\Program Files\desktop.ini
[25/08/2007|20:10] C:\Program Files\DivX
[01/02/2008|00:05] C:\Program Files\EoRezo
[03/06/2007|10:06] C:\Program Files\epson
[02/06/2007|19:07] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/06/2008|16:22] C:\Program Files\Google
[01/09/2007|21:21] C:\Program Files\Hercules
[12/04/2008|19:54] C:\Program Files\InstallShield Installation Information
[11/06/2008|12:24] C:\Program Files\Internet Explorer
[24/12/2007|18:38] C:\Program Files\Java
[17/06/2007|11:20] C:\Program Files\LG Electronics
[04/06/2007|12:29] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/11/2007|16:31] C:\Program Files\Microsoft SQL Server Compact Edition
[02/11/2006|14:42] C:\Program Files\Movie Maker
[08/06/2008|20:57] C:\Program Files\Mozilla Firefox
[31/01/2008|23:05] C:\Program Files\Mozilla Firefox 3 Beta 2
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[04/06/2007|12:28] C:\Program Files\MSXML 4.0
[06/01/2006|19:55] C:\Program Files\NewTech Infosystems
[02/04/2008|15:54] C:\Program Files\Norton Security Scan
[24/12/2007|18:42] C:\Program Files\OpenOffice.org 2.3
[14/04/2008|18:16] C:\Program Files\Picasa2
[06/01/2006|19:37] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[16/06/2007|11:00] C:\Program Files\Samsung
[11/06/2008|11:11] C:\Program Files\Spyware Doctor
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/02/2008|01:44] C:\Program Files\Veoh Networks
[30/08/2007|11:03] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[04/06/2007|13:11] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[28/02/2008|12:15] C:\Program Files\Windows Live
[18/11/2007|19:20] C:\Program Files\Windows Live Toolbar
[11/06/2008|12:24] C:\Program Files\Windows Mail
[14/10/2007|10:49] C:\Program Files\Windows Media Player
[02/06/2007|19:07] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[09/01/2008|16:43] C:\Program Files\Windows Sidebar
[02/06/2007|19:11] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[06/01/2006|19:50] C:\Program Files\Common Files\Adobe
[17/08/2007|14:23] C:\Program Files\Common Files\InstallShield
[24/12/2007|18:35] C:\Program Files\Common Files\Java
[06/01/2006|19:54] C:\Program Files\Common Files\LightScribe
[18/11/2007|16:20] C:\Program Files\Common Files\microsoft shared
[06/01/2006|19:55] C:\Program Files\Common Files\NewTech Infosystems
[25/08/2007|20:10] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[09/06/2007|10:09] C:\Program Files\Common Files\Symantec Shared
[13/06/2007|13:23] C:\Program Files\Common Files\System
[18/11/2007|16:20] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 60
iexplore.exe ~ [3860]
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 12:57:48
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\Windows\system32\nvs2.inf
C:\Users\BENZID~1\AppData\Local\geyimu_navps.dat
C:\Users\BENZID~1\AppData\Local\geyimu.exe
C:\Users\BENZID~1\AppData\Local\geyimu.dat
C:\Users\BENZID~1\AppData\Local\geyimu_nav.dat
! EGDACCESS !
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XWZ5Z2UK\crackle.com
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XWZ5Z2UK\crackle.com\crackleSettings.sol
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol
=> C:\Users\ben zid\AppData\Roaming\Microsoft\Windows\Cookies\Low\ben_zid@crackle[2].txt
[F:3721][D:99]-> C:\Users\BENZID~1\AppData\Local\Temp
[F:1312][D:1]-> C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:600][D:9]-> C:\Users\BENZID~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:691][D:32]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 13:00:35,52 ]----------------------
mais bon j'ai fait l'option 2 et voila mon 2ème rapport!
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : ben zid ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 11/06/2008 | 12:56:40,19 ] [ PC : PC-DE-BENZID ]
[ MAJ : 07-06-2008 | 22:15 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@www.adserver5[2].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@banner.cotedazurpalace[2].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@cotedazurpalace[2].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@adopt.euroclick[1].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@2xmoinscher[2].txt
Supprimé! - C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies\ben_zid@www.2xmoinscher[1].txt
Supprimé! - C:\Users\BENZID~1\AppData\Local\Temp\bisAEF6.exe
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[22/02/2008|22:08] C:\Users\BENZID~1\AppData\Roaming\Adobe\Flash Player
[02/06/2007|20:57] C:\Users\BENZID~1\AppData\Roaming\Adobe\Acrobat
[27/08/2007|19:24] C:\Users\BENZID~1\AppData\Roaming\DivX\DivX Codec
[11/07/2007|16:31] C:\Users\BENZID~1\AppData\Roaming\DivX\DivX Player
[31/01/2008|23:47] C:\Users\BENZID~1\AppData\Roaming\EoRezo\eoDesktop
[31/01/2008|18:47] C:\Users\BENZID~1\AppData\Roaming\EoRezo\db
[31/01/2008|00:15] C:\Users\BENZID~1\AppData\Roaming\EoRezo\eoStats
[30/01/2008|23:57] C:\Users\BENZID~1\AppData\Roaming\EoRezo\EoWeather
[13/10/2007|18:15] C:\Users\BENZID~1\AppData\Roaming\EPSON\Creativity Suite
[24/08/2007|17:17] C:\Users\BENZID~1\AppData\Roaming\EPSON\ESCNDV
[30/05/2008|16:35] C:\Users\BENZID~1\AppData\Roaming\Google\Local Search History
[02/06/2007|19:11] C:\Users\BENZID~1\AppData\Roaming\Identities\{06C40E65-1BAE-4B4C-9212-EA555E97D93A}
[01/09/2007|21:20] C:\Users\BENZID~1\AppData\Roaming\InstallShield\ISEngine12.0
[02/06/2007|21:35] C:\Users\BENZID~1\AppData\Roaming\Macromedia\Flash Player
[06/06/2008|18:21] C:\Users\BENZID~1\AppData\Roaming\Microsoft\MSN Messenger
[14/05/2008|20:18] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[03/09/2007|10:32] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Internet Explorer
[12/08/2007|19:43] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Crypto
[30/06/2007|14:16] C:\Users\BENZID~1\AppData\Roaming\Microsoft\IdentityCRL
[28/06/2007|12:56] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows Live Call
[16/06/2007|10:29] C:\Users\BENZID~1\AppData\Roaming\Microsoft\eHome
[08/06/2007|21:11] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Speech
[08/06/2007|21:08] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Windows
[02/06/2007|22:16] C:\Users\BENZID~1\AppData\Roaming\Microsoft\WLTB Custom Buttons
[02/06/2007|21:59] C:\Users\BENZID~1\AppData\Roaming\Microsoft\HTML Help
[02/06/2007|19:12] C:\Users\BENZID~1\AppData\Roaming\Microsoft\SystemCertificates
[02/06/2007|19:11] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Protect
[02/06/2007|19:10] C:\Users\BENZID~1\AppData\Roaming\Microsoft\Credentials
[09/02/2008|21:17] C:\Users\BENZID~1\AppData\Roaming\Mozilla\Firefox
[30/12/2007|20:14] C:\Users\BENZID~1\AppData\Roaming\OpenOffice.org2\user
[08/06/2008|16:02] C:\Users\BENZID~1\AppData\Roaming\PC Tools\Spyware Doctor
[07/10/2007|15:37] C:\Users\BENZID~1\AppData\Roaming\Talkback\MozillaOrg
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[02/04/2008 15:54][--a------] C:\Windows\tasks\Norton Security Scan.job
[11/06/2008 12:35][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[11/06/2008 12:56][--ah-----] C:\Windows\tasks\SA.DAT
[11/06/2008 12:54][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[06/01/2006|19:50] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[08/06/2008|21:38] C:\ProgramData\Avira
[02/06/2007|19:07] C:\ProgramData\Bureau
[06/01/2006|20:00] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[02/06/2007|19:07] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/06/2007|22:22] C:\ProgramData\Google
[10/06/2008|18:01] C:\ProgramData\Google Updater
[02/06/2007|19:15] C:\ProgramData\InstallShield
[02/06/2007|19:07] C:\ProgramData\Menu D‚marrer
[03/06/2007|09:37] C:\ProgramData\Microsoft
[02/06/2007|19:07] C:\ProgramData\ModŠles
[01/07/2007|12:40] C:\ProgramData\Mozilla
[02/11/2006|15:02] C:\ProgramData\Start Menu
[09/06/2007|10:07] C:\ProgramData\Symantec
[11/06/2008|12:56] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[03/06/2007|10:09] C:\ProgramData\UDL
[18/11/2007|16:05] C:\ProgramData\WLInstaller
[02/06/2007|20:15] C:\ProgramData\Yahoo! Companion
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/06/2007|20:19] C:\Program Files\ABBYY FineReader 6.0 Sprint
[02/06/2007|19:15] C:\Program Files\Acer Inc
[06/01/2006|20:04] C:\Program Files\Acer Zone
[06/01/2006|19:50] C:\Program Files\Adobe
[08/06/2008|13:24] C:\Program Files\Alwil Software
[24/12/2007|18:35] C:\Program Files\Common Files
[06/01/2006|19:59] C:\Program Files\CyberLink
[30/08/2007|11:06] C:\Program Files\desktop.ini
[25/08/2007|20:10] C:\Program Files\DivX
[01/02/2008|00:05] C:\Program Files\EoRezo
[03/06/2007|10:06] C:\Program Files\epson
[02/06/2007|19:07] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/06/2008|16:22] C:\Program Files\Google
[01/09/2007|21:21] C:\Program Files\Hercules
[12/04/2008|19:54] C:\Program Files\InstallShield Installation Information
[11/06/2008|12:24] C:\Program Files\Internet Explorer
[24/12/2007|18:38] C:\Program Files\Java
[17/06/2007|11:20] C:\Program Files\LG Electronics
[04/06/2007|12:29] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/11/2007|16:31] C:\Program Files\Microsoft SQL Server Compact Edition
[02/11/2006|14:42] C:\Program Files\Movie Maker
[08/06/2008|20:57] C:\Program Files\Mozilla Firefox
[31/01/2008|23:05] C:\Program Files\Mozilla Firefox 3 Beta 2
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[04/06/2007|12:28] C:\Program Files\MSXML 4.0
[06/01/2006|19:55] C:\Program Files\NewTech Infosystems
[02/04/2008|15:54] C:\Program Files\Norton Security Scan
[24/12/2007|18:42] C:\Program Files\OpenOffice.org 2.3
[14/04/2008|18:16] C:\Program Files\Picasa2
[06/01/2006|19:37] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[16/06/2007|11:00] C:\Program Files\Samsung
[11/06/2008|11:11] C:\Program Files\Spyware Doctor
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/02/2008|01:44] C:\Program Files\Veoh Networks
[30/08/2007|11:03] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[04/06/2007|13:11] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[28/02/2008|12:15] C:\Program Files\Windows Live
[18/11/2007|19:20] C:\Program Files\Windows Live Toolbar
[11/06/2008|12:24] C:\Program Files\Windows Mail
[14/10/2007|10:49] C:\Program Files\Windows Media Player
[02/06/2007|19:07] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[09/01/2008|16:43] C:\Program Files\Windows Sidebar
[02/06/2007|19:11] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[06/01/2006|19:50] C:\Program Files\Common Files\Adobe
[17/08/2007|14:23] C:\Program Files\Common Files\InstallShield
[24/12/2007|18:35] C:\Program Files\Common Files\Java
[06/01/2006|19:54] C:\Program Files\Common Files\LightScribe
[18/11/2007|16:20] C:\Program Files\Common Files\microsoft shared
[06/01/2006|19:55] C:\Program Files\Common Files\NewTech Infosystems
[25/08/2007|20:10] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[09/06/2007|10:09] C:\Program Files\Common Files\Symantec Shared
[13/06/2007|13:23] C:\Program Files\Common Files\System
[18/11/2007|16:20] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 60
iexplore.exe ~ [3860]
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 12:57:48
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\Windows\system32\nvs2.inf
C:\Users\BENZID~1\AppData\Local\geyimu_navps.dat
C:\Users\BENZID~1\AppData\Local\geyimu.exe
C:\Users\BENZID~1\AppData\Local\geyimu.dat
C:\Users\BENZID~1\AppData\Local\geyimu_nav.dat
! EGDACCESS !
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XWZ5Z2UK\crackle.com
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XWZ5Z2UK\crackle.com\crackleSettings.sol
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com
=> C:\Users\ben zid\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol
=> C:\Users\ben zid\AppData\Roaming\Microsoft\Windows\Cookies\Low\ben_zid@crackle[2].txt
[F:3721][D:99]-> C:\Users\BENZID~1\AppData\Local\Temp
[F:1312][D:1]-> C:\Users\BENZID~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:600][D:9]-> C:\Users\BENZID~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:691][D:32]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 13:00:35,52 ]----------------------
Re,
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 4 puis valide.
Il va te demander de saisir le nom de fichier. Saisie ce qui est en gras ci-dessous et rien d'autre puis valide :
geyimu
Retape le nom de fichier quand cela te sera demandé.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 4 puis valide.
Il va te demander de saisir le nom de fichier. Saisie ce qui est en gras ci-dessous et rien d'autre puis valide :
geyimu
Retape le nom de fichier quand cela te sera demandé.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Fais Navilog et pour Hijackthis :
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Citation :
Télécharge puis installe Hijackthis (Trend Micro)Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
voila le rapport de Navilog
Clean Navipromo version 3.5.8 commencé le 11/06/2008 à 13:18:01,87
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "ben zid"
Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16681
Système de fichiers : NTFS
Mode suppression par méthode manuelle
Nom du fichier saisi : geyimu
Nettoyage exécuté au redémarrage de l'ordinateur
*** Recherche, création sauvegardes et suppression ***
* Suppression dans "C:\Windows\system32" *
* Suppression dans "C:\Users\ben zid\AppData\Local\Microsoft" *
* Suppression dans "C:\Users\ben zid\AppData\Local\virtualstore\windows\system32" *
* Suppression dans "C:\Users\ben zid\AppData\Local" *
geyimu.exe trouvé !
Copie geyimu.exe réalisée avec succès !
geyimu.exe supprimé !
geyimu.dat trouvé !
Copie geyimu.dat réalisée avec succès !
geyimu.dat supprimé !
geyimu_nav.dat trouvé !
Copie geyimu_nav.dat réalisée avec succès !
geyimu_nav.dat supprimé !
geyimu_navps.dat trouvé !
Copie geyimu_navps.dat réalisée avec succès !
geyimu_navps.dat supprimé !
geyimu_navfx.dat trouvé !
Copie geyimu_navfx.dat réalisée avec succès !
geyimu_navfx.dat supprimé !
*** Suppression dossiers dans "C:\Windows" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "C:\ProgramData" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Suppression dossiers dans c:\users\benzid~1\appdata\roaming\micros~1\windows\startm~1\programs ***
*** Suppression dossiers dans "C:\Users\ben zid\AppData\Local\virtualstore\Program Files" ***
*** Suppression dossiers dans "C:\Users\ben zid\AppData\Roaming" ***
*** Suppression fichiers ***
C:\Windows\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\BENZID~1\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\Windows\system32" *
* Dans "C:\Users\ben zid\AppData\Local\Microsoft" *
* Dans "C:\Users\ben zid\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\ben zid\AppData\Local" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 11/06/2008 à 13:23:19,21 ***
et pour le rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:56, on 11/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10388 bytes
Clean Navipromo version 3.5.8 commencé le 11/06/2008 à 13:18:01,87
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "ben zid"
Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16681
Système de fichiers : NTFS
Mode suppression par méthode manuelle
Nom du fichier saisi : geyimu
Nettoyage exécuté au redémarrage de l'ordinateur
*** Recherche, création sauvegardes et suppression ***
* Suppression dans "C:\Windows\system32" *
* Suppression dans "C:\Users\ben zid\AppData\Local\Microsoft" *
* Suppression dans "C:\Users\ben zid\AppData\Local\virtualstore\windows\system32" *
* Suppression dans "C:\Users\ben zid\AppData\Local" *
geyimu.exe trouvé !
Copie geyimu.exe réalisée avec succès !
geyimu.exe supprimé !
geyimu.dat trouvé !
Copie geyimu.dat réalisée avec succès !
geyimu.dat supprimé !
geyimu_nav.dat trouvé !
Copie geyimu_nav.dat réalisée avec succès !
geyimu_nav.dat supprimé !
geyimu_navps.dat trouvé !
Copie geyimu_navps.dat réalisée avec succès !
geyimu_navps.dat supprimé !
geyimu_navfx.dat trouvé !
Copie geyimu_navfx.dat réalisée avec succès !
geyimu_navfx.dat supprimé !
*** Suppression dossiers dans "C:\Windows" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "C:\ProgramData" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Suppression dossiers dans c:\users\benzid~1\appdata\roaming\micros~1\windows\startm~1\programs ***
*** Suppression dossiers dans "C:\Users\ben zid\AppData\Local\virtualstore\Program Files" ***
*** Suppression dossiers dans "C:\Users\ben zid\AppData\Roaming" ***
*** Suppression fichiers ***
C:\Windows\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\BENZID~1\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\Windows\system32" *
* Dans "C:\Users\ben zid\AppData\Local\Microsoft" *
* Dans "C:\Users\ben zid\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\ben zid\AppData\Local" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 11/06/2008 à 13:23:19,21 ***
et pour le rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:56, on 11/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10388 bytes
Re,
Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir
Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic
Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir
Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic
en faite je l'ai télécharger à l'aide du lien dans le Tutorial sur l'antivirus AntiVir Personal Edition Classic et sa ma pris 1min 15 c'est déjà beaucoup mieux que 1h15 dit donc
mais je me suis posé une autre question dans le tutoriale "qu'" il est conseillé d'effectuer le scan en mode sans échec afin que les malwares ne soient pas actifs durant le scan (cela peut empûcher leur éradication). "
est-ce vraiment necessaire car je suis une merde en informatique et le mode sans echec je comprend rien ?
et j'ai fini de télécharger antivir mais y'a un autre signe qui est apparue en plus du petit parapluie e
c'est une alerte de sécurité Windows qui dit que antivir est peut-être périmé?
c'est normale?
mais je me suis posé une autre question dans le tutoriale "qu'" il est conseillé d'effectuer le scan en mode sans échec afin que les malwares ne soient pas actifs durant le scan (cela peut empûcher leur éradication). "
est-ce vraiment necessaire car je suis une merde en informatique et le mode sans echec je comprend rien ?
et j'ai fini de télécharger antivir mais y'a un autre signe qui est apparue en plus du petit parapluie e
c'est une alerte de sécurité Windows qui dit que antivir est peut-être périmé?
c'est normale?
ca y est voilà le rapport:
Avira AntiVir Personal
Report file date: mercredi 11 juin 2008 17:17
Scanning for 1326682 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Boot mode: Normally booted
Username: ben zid
Computer name: PC-DE-BENZID
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 14:41:04
ANTIVIR3.VDF : 7.0.4.179 318464 Bytes 11/06/2008 14:41:05
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 11/06/2008 14:41:14
AESCN.DLL : 8.1.0.21 119156 Bytes 11/06/2008 14:41:14
AERDL.DLL : 8.1.0.20 418165 Bytes 11/06/2008 14:41:13
AEPACK.DLL : 8.1.1.5 364918 Bytes 11/06/2008 14:41:12
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 11/06/2008 14:41:11
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 11/06/2008 14:41:11
AEHELP.DLL : 8.1.0.15 115063 Bytes 11/06/2008 14:41:08
AEGEN.DLL : 8.1.0.28 307572 Bytes 11/06/2008 14:41:08
AEEMU.DLL : 8.1.0.6 430451 Bytes 11/06/2008 14:41:07
AECORE.DLL : 8.1.0.31 168310 Bytes 11/06/2008 14:41:06
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\ProgramData\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 11 juin 2008 17:17
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'mobsync.exe' - '1' Module(s) have been scanned
Scan process 'FlashUtil9e.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'ieuser.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '0' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '0' Module(s) have been scanned
Scan process 'eRecoveryService.exe' - '0' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'pctsSvc.exe' - '0' Module(s) have been scanned
Scan process 'pctsAuxs.exe' - '0' Module(s) have been scanned
Scan process 'RichVideo.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '0' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '0' Module(s) have been scanned
Scan process 'eDSService.exe' - '0' Module(s) have been scanned
Scan process 'avguard.exe' - '0' Module(s) have been scanned
Scan process 'MemCheck.exe' - '0' Module(s) have been scanned
Scan process 'eRAgent.exe' - '1' Module(s) have been scanned
Scan process 'Acer.Empowering.Framework.Supervisor.ex' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'VeohClient.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'pctsTray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '0' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '0' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'SLsvc.exe' - '0' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'winlogon.exe' - '0' Module(s) have been scanned
Scan process 'lsm.exe' - '0' Module(s) have been scanned
Scan process 'lsass.exe' - '0' Module(s) have been scanned
Scan process 'services.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'wininit.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'smss.exe' - '0' Module(s) have been scanned
21 processes with 21 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
[WARNING] Accès refusé.
[INFO] Please restart the search with Administrator rights
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
[WARNING] Accès refusé.
[INFO] Please restart the search with Administrator rights
Boot sector 'D:\'
[INFO] No virus was found!
[WARNING] Accès refusé.
[INFO] Please restart the search with Administrator rights
Starting to scan the registry.
The registry was scanned ( '15' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Users\ben zid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JSTI5GC\Navilog1[1].exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.99
[NOTE] The file was moved to '48c5eea2.qua'!
C:\Users\ben zid\Documents\Mes fichiers reçus\image-770-jpeg.zip
[0] Archive type: ZIP
--> image25t7.zip
[DETECTION] Is the Trojan horse TR/Pakes.byd
[NOTE] The file was moved to '48b0ef9a.qua'!
Begin scan in 'D:\' <DATA>
Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: mercredi 11 juin 2008 17:39
Used time: 21:35 min
The scan has been done completely.
13251 Scanning directories
249568 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
249566 Files not concerned
2056 Archives were scanned
9 Warnings
2 Notes
Avira AntiVir Personal
Report file date: mercredi 11 juin 2008 17:17
Scanning for 1326682 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Boot mode: Normally booted
Username: ben zid
Computer name: PC-DE-BENZID
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 14:41:04
ANTIVIR3.VDF : 7.0.4.179 318464 Bytes 11/06/2008 14:41:05
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 11/06/2008 14:41:14
AESCN.DLL : 8.1.0.21 119156 Bytes 11/06/2008 14:41:14
AERDL.DLL : 8.1.0.20 418165 Bytes 11/06/2008 14:41:13
AEPACK.DLL : 8.1.1.5 364918 Bytes 11/06/2008 14:41:12
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 11/06/2008 14:41:11
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 11/06/2008 14:41:11
AEHELP.DLL : 8.1.0.15 115063 Bytes 11/06/2008 14:41:08
AEGEN.DLL : 8.1.0.28 307572 Bytes 11/06/2008 14:41:08
AEEMU.DLL : 8.1.0.6 430451 Bytes 11/06/2008 14:41:07
AECORE.DLL : 8.1.0.31 168310 Bytes 11/06/2008 14:41:06
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\ProgramData\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 11 juin 2008 17:17
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'mobsync.exe' - '1' Module(s) have been scanned
Scan process 'FlashUtil9e.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'ieuser.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '0' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '0' Module(s) have been scanned
Scan process 'eRecoveryService.exe' - '0' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'pctsSvc.exe' - '0' Module(s) have been scanned
Scan process 'pctsAuxs.exe' - '0' Module(s) have been scanned
Scan process 'RichVideo.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '0' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '0' Module(s) have been scanned
Scan process 'eDSService.exe' - '0' Module(s) have been scanned
Scan process 'avguard.exe' - '0' Module(s) have been scanned
Scan process 'MemCheck.exe' - '0' Module(s) have been scanned
Scan process 'eRAgent.exe' - '1' Module(s) have been scanned
Scan process 'Acer.Empowering.Framework.Supervisor.ex' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'VeohClient.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'pctsTray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '0' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '0' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'SLsvc.exe' - '0' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'winlogon.exe' - '0' Module(s) have been scanned
Scan process 'lsm.exe' - '0' Module(s) have been scanned
Scan process 'lsass.exe' - '0' Module(s) have been scanned
Scan process 'services.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'wininit.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'smss.exe' - '0' Module(s) have been scanned
21 processes with 21 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
[WARNING] Accès refusé.
[INFO] Please restart the search with Administrator rights
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
[WARNING] Accès refusé.
[INFO] Please restart the search with Administrator rights
Boot sector 'D:\'
[INFO] No virus was found!
[WARNING] Accès refusé.
[INFO] Please restart the search with Administrator rights
Starting to scan the registry.
The registry was scanned ( '15' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Users\ben zid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JSTI5GC\Navilog1[1].exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.99
[NOTE] The file was moved to '48c5eea2.qua'!
C:\Users\ben zid\Documents\Mes fichiers reçus\image-770-jpeg.zip
[0] Archive type: ZIP
--> image25t7.zip
[DETECTION] Is the Trojan horse TR/Pakes.byd
[NOTE] The file was moved to '48b0ef9a.qua'!
Begin scan in 'D:\' <DATA>
Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: mercredi 11 juin 2008 17:39
Used time: 21:35 min
The scan has been done completely.
13251 Scanning directories
249568 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
249566 Files not concerned
2056 Archives were scanned
9 Warnings
2 Notes
voici le rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:56, on 11/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10388 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:56, on 11/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10388 bytes
apparement j'ai du faire une erreur quand je double clic sur Hijackthis
et que je clic sur "do a systeme scan and save a logfile" sa me met qu'il faut que je l'exécute en tant qu'administrateuret sa me donne se que j'ai poste dans mon dernier message
quand je l'execute en tant qu'administrateur sa me dit "qu'une reference a été renvoyé par le serveur".
alors je sais pas du tout quoi faire
bon ben je reposte un nouveau rapport si c'est bon:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:56, on 11/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10388 bytes
et que je clic sur "do a systeme scan and save a logfile" sa me met qu'il faut que je l'exécute en tant qu'administrateuret sa me donne se que j'ai poste dans mon dernier message
quand je l'execute en tant qu'administrateur sa me dit "qu'une reference a été renvoyé par le serveur".
alors je sais pas du tout quoi faire
bon ben je reposte un nouveau rapport si c'est bon:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:56, on 11/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10388 bytes
ok ca me donne ce rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:07:59, on 11/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10419 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:07:59, on 11/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10419 bytes
Re,
Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [?????????] ??????????????e
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [?????????] ??????????????e
voila le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:12:28, on 12/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10272 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:12:28, on 12/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSN...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10272 bytes
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumConnexion lente résolu
- ForumEcran bleu apres quelques minutes window 7
- ForumTrojan qui revient sans cesse sur firefox
- ForumProbleme spyware ou malware ou virus
- ForumSpoolsv .exe -erreur d'application
- ForumImpossible centre de sécurité windows
- ForumFenetre intempestive internet explorer résolu
- ForumAdobe flash player 10 activex windows 7
- ForumProbleme publication windows movie maker vista
- ForumCentre de sécurité windows vista
- Voir plus
