Bagle impossible à supprimer

Bagle impossible à supprimer - Sécurité - Virus

Recherche Recherche
Règles Règles
Aide Aide

TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !

Se connecter | Inscription

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : Bagle impossible à supprimer

k1K103400

Profil : IDNaute

Plus d'informations

11-07-2008 à 00:07:38

Bonjour,

Je m'adresse à vous car je ne sais plus quoi faire pour eliminer Bagle.

J'ai passé Eliblaga, Combofix, malwayres...

Rien de concluant. Cetrte satanée fenêtre apparaît sans cesse.

Perte de connexion internet... impossble de lancer un .exe (erreur win32).... La galère en plus avec un PC qui boot aléatoirement !!!

@+++

Message édité par k1K103400 le 11-07-2008 à 00:11:22

Liens sponsorisés

Inscrivez-vous ou connectez-vous pour masquer ceci.

XmichouX

Profil : Helper

Plus d'informations

11-07-2008 à 00:11:03

Masquer

Bonjour,

Supprime C:\Qoobox & C:\Muestras.

Télécharge Elibagla au bas de cette page.
Il est préférable pour certains antivirus de les désactiver avant d’entâmer cette procédure !

Clique sur le Descargar Elibagla afin de télécharger le fichier, enregistre-le sur ton Bureau.
Lance le en double cliquant dessus.
Vérifie que dans le menu déroulant Unidad, il y ait bien la racine de la racine de la partition où est installé Windows, généralement -> C:\
L'option Eliminar Ficheros Automaticamente doit également être cochée.
Clique sur Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention

k1K103400

Profil : IDNaute

Plus d'informations

11-07-2008 à 21:41:55

Masquer

Bonsoir et merci

Voici le log :

Citation :

Fri Jul 11 19:38:16 2008
EliBagle v11.57 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 8 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\397211.EXE --> Eliminado Bagle

Nº Total de Directorios: 12224
Nº Total de Ficheros: 138567
Nº de Ficheros Analizados: 16613
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2

Message édité par k1K103400 le 11-07-2008 à 21:42:57

XmichouX

Profil : Helper

Plus d'informations

12-07-2008 à 00:40:49

Masquer

Re,

Fais un clic droit sur ComboFix (de sUBs) et choisis Enregistrer la cible (du lien) sous.

Choisis le Bureau, insère un trait d'union entre Combo et Fix de telle manière à obtenir Combo-Fix.exe, puis choisis Enregistrer.
Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
Double clique sur ComboFix.exe.
Accepte la licence en cliquant sur Oui.
Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide : Comment utiliser ComboFix.

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention

k1K103400

Profil : IDNaute

Plus d'informations

12-07-2008 à 09:30:23

Masquer

Bonjour,

Voici le log :

Citation :

ComboFix 08-07-11.1 - Cyril 2008-07-12 9:16:00.25 - NTFSx86

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Cyril\Application Data\m
C:\Documents and Settings\Cyril\Application Data\m\data.oct
C:\Documents and Settings\Cyril\Application Data\m\flec006.exe
C:\Documents and Settings\Cyril\Application Data\m\list.oct
C:\Documents and Settings\Cyril\Application Data\m\shared
C:\Documents and Settings\Cyril\Application Data\m\shared\3D_Browser_Pro_7.03.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\642-513_Practice_Exam_Testing_Engine_Software_1.0_(Key).zip
C:\Documents and Settings\Cyril\Application Data\m\shared\7art_Angry_Wolves_ScreenSaver_1.6_Key.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\A-one_iPod_Video_Convertor_4.32.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\A3nalogGauge_1.0.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\ActivShopper_1.1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Ai_Picture_Utility_8.25_[Key+Serial].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Alt_MP3_Screensaver_Player_1.9.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\ArtLab_6.01.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Auction_Chief_1.1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\AutoFlashFXP_1.3.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Battlefield_1942_Wasteland_2042_Dedicated_Server_1.0_beta.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\BigFoot_2.2.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\BitDefender.9.09.Pro.Plus.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\BlackMagic_Business_Edition_2.x.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Blaze_ImgConvert_2.05.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Bowling_Blast_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\CamZoomer_2.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Cayman_Browser_2.2.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Ceramic_Raw_Materials_1.00.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Check_Page_Load_2.1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\ChequePrint_1.1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Chilkat_Encryption_C++_Library_1.0_With_Crack.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\ClinicGate_Standard_2.8_[Key].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Commit_4.0.0.2.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Countdown_Sequencer_1.2_(Key+Serial).zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Countdown_to_any_date_1.0.1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Cute_Trader_1.3.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\CyraKnow_Pro_Series_Mark_Phillips_Wine_Guide_1.5.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Dema_Image_Resizer_2005_with_B-Spline_5.0.16.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Diplomacy.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Dr._DivX_2.01_Beta_4.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Easy_CD_&_DVD_Cover_Creator_4.13_(Crack).zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Eggz_1.05_Serial.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\eIQ_LogAnalyzer_4.0_Crack.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\eJukebox_4.1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\EKOS_MP3_Minimizer_3.0.2.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\EM.MCQ_2.0.5.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Email_Security_2.7.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Eurobloks_1.01.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Event_Log_Explorer_2.2.3.411.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Excel_Invoice_Manager_Express_2.8.1012_(Key+Serial).zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Fighter_Ace_II.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\File_Sweeper_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\FileCrypt_Desktop_Pro_1.6.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\FileMakerRecovery_1.6.0729_[Crack].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Flash_Screensaver_Maker_Simple_Version_3.8_Patch.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Framy_Basketball_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Frozen_Fruits_2_2.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\FTPBAT_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Goocal_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\GUIdir_1.2.0.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Half-Life_2_official_movie.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Halo_Combat_Evolved_Crazy_Matrix_Map.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Heatsoft_Clone_Cleaner_Lite_1.05.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Html_Password_Pro_5.011_Key+Serial.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\HtmlFilter_1.0_[Key+Serial].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\HyperBlue_Screen_Saver_1.5_[Serial].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Ichiban_Sudoku_1.9.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\ImTOO_Audio_Maker_3.0.37.0525_Key.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\InfoBox_3.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Invadazoid_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\ISO_9000_Tracking_Software_2.1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Jazz_and_Faust_patch.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\JBLab_Secure_Notes_2.4_[Key+Serial].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Jet_DVD_Ripper_1.4.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\JewDuo_Chat_0.1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Just_Barkley_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Karen's_Drive_Info_2.3.1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Key_Launcher_1.5_(Patch).zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Klick-N-View_Business_Cards_4.5.2.1_Serial.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\LERSUS_3.1.0.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Lets_Make_Pictures_1.00_Key+Serial.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Levonet_Print_Studio_2.0.1.12_(Patch).zip
C:\Documents and Settings\Cyril\Application Data\m\shared\LingvoSoft_Talking_Dictionary_2007_English_-_Portuguese_4.0.22_[Cracked].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\LLYF_ToolBox_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\MacroIt_1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\MailCarrier_Mail_Server_3.01.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Mailshell_Domino_Plug-in_1.0a.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\MaltaDiving_2.2.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Mosaico_Author_3.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Mount_Everything_3.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\mozless_0.1.13.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Music_Library_2.0_build_957.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Mustang_Passion_Clock_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Negative_Calorie_Diet_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\NTK_HTML_Builder_1.5.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\NvChess_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Online_Functions_-_Exchange_Rates_2.1_Crack.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Ontrack_Data_Recovery_for_NetWare_5.10_[KeyGen].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Ozon_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Pengsdata_File_Categorization_2.02_(Crack).zip
C:\Documents and Settings\Cyril\Application Data\m\shared\PenReader_2.02_(KeyGen).zip
C:\Documents and Settings\Cyril\Application Data\m\shared\PhDT_0.9.5.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Photo_Builder_Standard_5.3.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Picture_Attachments_Wizard_(for_Microsoft_Outlook)_1.1.0.6_Cracked.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Polar_Help_Desk_4.1.13.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Portable_MP3_Repair_Tool_1.5.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Privat-Webcam_Generation_II_2.2.1_KeyGen.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Project-Eo_Multi_Diary_-_Day_Edition_1.0.2_Key+Serial.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\PSP_Video_Manager_1.1.10.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\QSynchronization_1.8.2.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Real_Estate_Closing_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Recover_Data_for_Mac_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Recover4all_Professional_2.31.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Relata_1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\RemoteDeviceExplorer_1.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\rimwheel_0.1.4.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Rock_and_Roll_Jukebox_Demo_Screensaver_1.0_[Key].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Rune_Rage_map.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Shed_1.01.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\SI-Metric_Office_2.1_[Key+Serial].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\SilverFast_DCPro_Studio_6.5.r5_With_Crack.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\SiteLinkChecker_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Softmos_Calendar_1.0.268_[Key].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\SpamFilter_for_Outlook_2.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\SpeedTec_2.1.203_[Serial].zip
C:\Documents and Settings\Cyril\Application Data\m\shared\SpywareStriker_9.3.0.10.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Symantec.Norton.Save.&.Restore.Activation.Crack.Patch.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\TextSpeech_Pro_Ultimate_2.0.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Turbo_WinMD5_0.44.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Ultra_Video_Splitter_4.1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\UltraConverter_2.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Unreal_Tournament_2004_Beam_Me_Up_Scotty_Mutator.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Unwired_InfoShare_List_Manager_for_Pocket_PC_1.2.496.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Videowebgate_lite_1.0.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Voice_Emotion_for_VoIP_5.6.0.16.zip
C:\Documents and Settings\Cyril\Application Data\m\shared\Wing_IDE_Professional_3.0.0_Alpha_3_(Cracked).zip
C:\Documents and Settings\Cyril\Application Data\m\shared\WinResource_1.0_Crack.zip
C:\Documents and Settings\Cyril\Application Data\m\srvlist.oct
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\142214.exe
C:\WINDOWS\system32\drivers\downld\143566.exe
C:\WINDOWS\system32\drivers\downld\150716.exe
C:\WINDOWS\system32\drivers\downld\154131.exe
C:\WINDOWS\system32\drivers\downld\159709.exe
C:\WINDOWS\system32\drivers\downld\179738.exe
C:\WINDOWS\system32\drivers\downld\187489.exe
C:\WINDOWS\system32\drivers\downld\208269.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe
.
---- Previous Run -------
.
C:\WINDOWS\system32\drivers\downld

.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-12 to 2008-07-12 ))))))))))))))))))))))))))))))))))))
.

2008-07-09 07:03 . 2008-07-09 07:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-08 22:54 . 2008-07-08 22:54 <REP> d-------- C:\_OTMoveIt
2008-07-08 22:45 . 2008-07-08 22:45 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-08 22:45 . 2008-07-08 22:45 <REP> d-------- C:\Program Files\CCleaner
2008-07-08 22:45 . 2008-07-08 22:45 <REP> d-------- C:\Documents and Settings\Cyril\Application Data\Malwarebytes
2008-07-08 22:45 . 2008-07-08 22:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-08 22:45 . 2008-07-07 17:42 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-08 22:45 . 2008-07-07 17:42 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-08 21:44 . 2008-07-08 21:44 <REP> d-------- C:\Program Files\Trend Micro
2008-07-06 23:04 . 2008-07-06 23:04 121 --a------ C:\WINDOWS\bdagent.INI
2008-07-06 23:00 . 2008-07-06 23:00 77,824 --a------ C:\WINDOWS\system32\xcomm.dll.avxpnd
2008-07-06 22:04 . 2008-07-06 22:04 <REP> d-------- C:\Program Files\BitDefender
2008-07-06 22:04 . 2008-07-06 22:04 <REP> d-------- C:\Documents and Settings\Cyril\Application Data\Bitdefender
2008-07-06 22:04 . 2008-07-06 22:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-07-06 22:02 . 2008-07-06 22:04 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-07-06 21:58 . 2008-07-06 21:58 250 --a------ C:\WINDOWS\gmer.ini
2008-07-06 20:26 . 2005-01-29 21:15 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-07-06 20:26 . 2005-01-29 21:15 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-07-06 20:26 . 2005-01-29 21:19 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-07-06 20:26 . 2005-01-31 19:15 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-07-06 20:26 . 2005-01-29 21:15 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-07-06 20:26 . 2005-01-29 21:15 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-07-06 20:26 . 2008-07-06 20:55 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-07-06 20:26 . 2008-07-06 20:26 <REP> d-------- C:\Documents and Settings\Administrateur
2008-07-04 07:05 . 2004-07-26 06:01 692,224 --a------ C:\Documents and Settings\Cyril\SOUNDMAN.EXE
2008-07-02 21:12 . 2008-07-02 21:12 <REP> d-------- C:\Program Files\SoftLogica
2008-06-26 12:04 . 2008-07-02 19:13 <REP> d-------- C:\Program Files\Ontrack
2008-06-25 07:42 . 2008-07-03 19:47 <REP> d-------- C:\Program Files\Runtime Software
2008-06-20 19:41 . 2008-06-20 19:41 247,808 -----c--- C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 12:44 . 2008-06-20 12:44 138,368 -----c--- C:\WINDOWS\system32\dllcache\afd.sys
2008-06-18 19:49 . 2008-06-18 19:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\LogMeIn

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-12 07:15 --------- d-----w C:\Program Files\SPAMfighter
2008-07-11 22:02 --------- d-----w C:\Program Files\LogMeIn
2008-07-06 09:49 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-07-03 18:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-03 05:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-03 04:44 --------- d-----w C:\Program Files\Norton AntiVirus
2008-07-03 00:33 --------- d-----w C:\Program Files\eMule
2008-06-24 22:32 27,390,464 ----a-w C:\WINDOWS\Internet Logs\xDB83.tmp
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-19 18:10 --------- d-----w C:\Documents and Settings\Cyril\Application Data\AdobeUM
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-02 19:13 --------- d-----w C:\Documents and Settings\Cyril\Application Data\Apple Computer
2008-06-01 19:32 --------- d-----w C:\Program Files\LimeWire
2008-06-01 13:47 --------- d-----w C:\Program Files\iTunes
2008-06-01 13:47 --------- d-----w C:\Program Files\iPod
2008-06-01 13:47 --------- d-----w C:\Program Files\Bonjour
2008-06-01 13:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-01 13:46 --------- d-----w C:\Program Files\QuickTime
2008-06-01 13:45 --------- d-----w C:\Program Files\Apple Software Update
2008-06-01 13:44 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-06-01 13:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-05-28 10:33 83,288 ----a-w C:\WINDOWS\system32\LMIRfsClientNP.dll
2008-05-28 10:32 87,352 ----a-w C:\WINDOWS\system32\LMIinit.dll
2008-05-28 10:32 24,608 ----a-w C:\WINDOWS\system32\LMIport.dll
2008-05-28 10:32 23,736 ----a-w C:\WINDOWS\system32\lmimirr.dll
2008-05-28 10:32 10,040 ----a-w C:\WINDOWS\system32\lmimirr2.dll
2008-05-27 20:27 --------- d-----w C:\Program Files\adslTV
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-09-26 17:31 2,532,922 ----a-w C:\WINDOWS\inf\SET179E.tmp
2005-12-12 20:54 9,462 ----a-w C:\Program Files\SolidWorksswxJRNL.BAK
2008-02-28 12:30 8,784 ----a-w C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
2008-02-28 12:33 245,408 ----a-w C:\Program Files\mozilla firefox\plugins\unicows.dll
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-12-17 12:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll
.

((((((((((((((((((((((((((((( snapshot@2008-07-11_21.56.54.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-11 18:23:58 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-12 07:15:06 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-07-10 18:13:15 1,677,056 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon.exe
+ 2008-07-12 07:03:49 1,677,056 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-11-30 22:49 4662776]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 15:07 1289000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="NvQTwk" [X]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-07-10 20:41 58984]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-10 17:26 406016]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-12 09:09 980736]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2004-07-26 06:01 692224]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-10-29 22:03 185896]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 14:03 63048]
"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-01-02 18:03 308880]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 16:39 40960]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-07-10 20:41 311296]
"SoundMan"="SOUNDMAN.EXE" [2002-03-21 04:23 46592 C:\WINDOWS\SOUNDMAN.EXE]
"WD Button Manager"="WDBtnMgr.exe" [2007-01-10 23:31 339968 C:\WINDOWS\system32\WDBtnMgr.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 17:10 110592 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 17:09 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-05 00:20:42 113664]
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 01:19:50 217193]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696]
Moteur du Planificateur de tƒches SolidWorks.lnk - C:\Program Files\SolidWorks (2)\swScheduler\swBOEngine.exe [2004-09-08 18:51:44 151552]
WD Backup Monitor.lnk - C:\Program Files\My Book\WD Backup\uBBMonitor.exe [2007-01-10 23:33:13 98304]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"disableregistrytoosl"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"vidc.ffds"= ffdshow.ax
"VIDC.VP40"= vp4vfw.dll
"MSACM.CEGSM"= mobilev.acm
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"VIDC.HFYU"= huffyuv.dll
"VIDC.VP31"= vp31vfw.dll
"VIDC.ACDV"= ACDV.dll
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
--a------ 2004-07-26 06:01 692224 C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessagerStarter Wanadoo]
--a------ 2003-04-04 17:47 32768 C:\PROGRA~1\MESSAG~1\StartMessager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
--a------ 2005-01-29 17:32 12598440 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2006-10-29 22:03 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
--a------ 2004-08-20 12:28 45056 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
-ra------ 2002-02-01 11:46 303104 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\RealVNC\\VNC4\\vncviewer.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 PQV2i;PQV2i;C:\WINDOWS\system32\drivers\PQV2i.sys [2003-06-03 16:52]
R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2004-08-27 17:18]
R0 SiWinAcc;SiWinAcc;C:\WINDOWS\system32\drivers\SiWinAcc.sys [2004-05-20 18:35]
R0 sonyhcb;Sony Digital Imaging Base;C:\WINDOWS\system32\DRIVERS\sonyhcb.sys [2001-10-31 15:30]
R0 SSI;SSI;C:\WINDOWS\system32\Drivers\SSI.SYS [2005-12-14 19:06]
R1 PQIMount;PQIMount;C:\WINDOWS\system32\drivers\PQIMount.sys [2003-06-03 16:52]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 15:31]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 13:39]
R2 SPAMfighter Update Service;SPAMfighter Update Service;C:\Program Files\SPAMfighter\sfus.exe [2007-12-14 10:57]
S3 sonyhcs;Sony Digital Imaging Video;C:\WINDOWS\system32\DRIVERS\sonyhcs.sys [2001-10-31 15:31]
S4 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys []
S4 ewido security suite driver;ewido security suite driver;C:\Program Files\ewido\security suite\guard.sys [2004-11-22 16:15]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe1539f0-a0ed-11db-8f81-0020ed4d39fa}]
\Shell\AutoRun\command - J:\LaunchU3.exe -a

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-07-11 17:33:45 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-12 09:19:06
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet010\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

[HKEY_LOCAL_MACHINE\System\ControlSet010\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\ramaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
C:\WINDOWS\system32\cmd.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-12 9:23:20 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-12 07:23:01
ComboFix2.txt 2008-07-11 19:57:18

Pre-Run: 36,189,212,672 octets libres
Post-Run: 36,159,926,272 octets libres

402 --- E O F --- 2008-07-09 18:02:24

XmichouX

Profil : Helper

Plus d'informations

12-07-2008 à 14:12:33

Masquer

C'est mieux ?

Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

Double clique sur HJTInstall.exe pour lancer l'installation.
Clique sur Install.
Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
Accepte la licence en cliquant sur Yes.
Clique sur Do a system scan and save a logfile.
Poste ici le rapport généré.

Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

Aide : Comment utiliser HijackThis.

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention

k1K103400

Profil : IDNaute

Plus d'informations

13-07-2008 à 13:38:22

Masquer

Merci,
Ce n'est pas forcément mieux, la fenêtre crack apparaît toujours !! Et il ya des fichiers qui sont curieux dans la fenêtre processus :

138348.exe
Flec06.exe

Voici le rapport :

Citation :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:06, on 13/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_ [...] TbId=66027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/i [...] .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: IEPlugin Class - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\Advanced System Optimizer\IEHelper.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {F11BFF96-CC7A-4482-819B-91EAE4C454EF} (NTR ActiveX 1.1.6) - https://www.ntrconnect.com/main/mod [...] x116_6.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

Dans l'actualité

Ver Bagle.B

Un nouveau virus transite sur Internet : Bagle.AM

Le virus Bagle.AF se propage à grande vitesse

AppDelete pour Mac : supprimer les programmes proprement

Les téléchargements

Ressources relatives

Les derniers dossiers

TouschSmart : test des PC tactiles HP

Le guide du Web gratuit

La high tech et ses lieux cultes

Le test des MacBook et MacBook Pro

Les offres partenaires