Ordi lent, infecté et fenêtres de pub : help !
Forum Sécurité - Virus : Ordi lent, infecté et fenêtres de pub : help !
Bonsoir,
Après pas mal de souci pour télécharger Hijackthis, j'ai enfin réussi et voilà le rapport, est-ce-que qqu'un peut m'aider.
Par avance merci beaucoup.
Logfile of HijackThis v1.99.1
Scan saved at 19:56:59, on 24/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\documents and settings\patrice\local settings\application data\caswequ.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\Patrice\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[3].zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.c [...] x_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AXIS TONS THE MP3] C:\Documents and Settings\All Users\Application Data\Readme Live Axis Tons\ball memo.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
O4 - HKCU\..\Run: [caswequ] "c:\documents and settings\patrice\local settings\application data\caswequ.exe" caswequ
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?a435fdbd7e0246c1bd12fcf97329cba
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?a435fdbd7e0246c1bd12fcf97329cba
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/cl [...] .2.0.6.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
Bonjour,
Télécharge Lop S&D.exe (Eric_71) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de LopS&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Répondre à Angeldark
Bonsoir,
Merci bocou pour votre réponse.
Voici le rapport de LopS&D :
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
Award Medallion BIOS v6.00PG
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [1] ( 25/08/2008|18:48 )
--------------------\\ Listing des dossiers dans APPLIC~1
[29/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/02/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[10/03/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[30/01/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[02/11/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[16/08/2004|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[08/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[18/09/2006|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[23/08/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[10/07/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[05/11/2006|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure
[11/07/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[31/08/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/03/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
[05/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
[16/07/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
[04/07/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[15/01/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[20/08/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
[16/08/2004|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[08/01/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[24/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[20/08/2008|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
[22/08/2008|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/07/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/05/2006|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04/01/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[10/03/2006|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[03/06/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[14/09/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/08/2004|18:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/08/2004|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/03/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[10/03/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[10/03/2006|16:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[23/02/2007|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/08/2004|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[14/02/2007|15:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[11/02/2008|17:41] C:\DOCUME~1\Patrice\APPLIC~1\Adobe
[04/09/2007|17:33] C:\DOCUME~1\Patrice\APPLIC~1\AdobeUM
[13/03/2006|19:34] C:\DOCUME~1\Patrice\APPLIC~1\ArcSoft
[02/11/2006|15:52] C:\DOCUME~1\Patrice\APPLIC~1\CyberLink
[16/08/2004|18:55] C:\DOCUME~1\Patrice\APPLIC~1\desktop.ini
[24/06/2008|22:37] C:\DOCUME~1\Patrice\APPLIC~1\EPSON
[02/05/2008|15:10] C:\DOCUME~1\Patrice\APPLIC~1\GDIPFONTCACHEV1.DAT
[18/09/2006|18:20] C:\DOCUME~1\Patrice\APPLIC~1\Google
[10/03/2006|18:24] C:\DOCUME~1\Patrice\APPLIC~1\Help
[01/07/2008|19:44] C:\DOCUME~1\Patrice\APPLIC~1\Icone
[11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Identities
[30/01/2008|22:04] C:\DOCUME~1\Patrice\APPLIC~1\InstallShield
[10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Leadertech
[19/08/2007|17:36] C:\DOCUME~1\Patrice\APPLIC~1\LEGO Company
[31/08/2007|18:05] C:\DOCUME~1\Patrice\APPLIC~1\Macromedia
[14/09/2007|19:10] C:\DOCUME~1\Patrice\APPLIC~1\Microsoft
[10/03/2006|20:15] C:\DOCUME~1\Patrice\APPLIC~1\MSN Search Toolbar
[10/03/2006|18:27] C:\DOCUME~1\Patrice\APPLIC~1\MSNInstaller
[04/07/2008|20:47] C:\DOCUME~1\Patrice\APPLIC~1\PlayFirst
[10/03/2006|22:53] C:\DOCUME~1\Patrice\APPLIC~1\Real
[05/09/2006|23:57] C:\DOCUME~1\Patrice\APPLIC~1\SecuROM
[10/05/2006|14:00] C:\DOCUME~1\Patrice\APPLIC~1\SendPix
[10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Sonic
[23/08/2008|22:54] C:\DOCUME~1\Patrice\APPLIC~1\Starware354
[10/03/2006|16:50] C:\DOCUME~1\Patrice\APPLIC~1\Sun
[21/02/2008|21:27] C:\DOCUME~1\Patrice\APPLIC~1\Super-Cow
[20/08/2008|12:34] C:\DOCUME~1\Patrice\APPLIC~1\Symantec
[20/08/2008|12:22] C:\DOCUME~1\Patrice\APPLIC~1\Up Creative Skip
[17/03/2006|19:50] C:\DOCUME~1\Patrice\APPLIC~1\yahoo!
[10/03/2006|16:54] C:\DOCUME~1\Patrice\APPLIC~1\You've Got Pictures Screensaver
[11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Zylom
[03/07/2006|14:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[15/03/2006|14:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[20/08/2008 12:35][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Patrice.job
[10/03/2006 17:13][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
[25/08/2008 12:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/02/2007|19:03] C:\Program Files\3B Software
[01/07/2007|16:59] C:\Program Files\Adibou et ses amis
[29/04/2008|12:19] C:\Program Files\Adobe
[10/03/2006|16:46] C:\Program Files\AMD
[10/03/2006|17:52] C:\Program Files\AOL 9.0
[10/03/2006|16:54] C:\Program Files\AOL Compagnon
[10/03/2006|18:35] C:\Program Files\ArcSoft
[30/01/2008|22:07] C:\Program Files\Avanquest update
[16/07/2008|12:23] C:\Program Files\Beach Soccer
[05/09/2006|23:57] C:\Program Files\BoontyGames
[10/03/2006|18:13] C:\Program Files\Canon
[26/11/2006|12:54] C:\Program Files\Chicken Invaders 2
[25/05/2006|14:32] C:\Program Files\Chicken Invaders 2 Fran‡ais
[20/08/2008|18:03] C:\Program Files\Circle Developement
[30/01/2008|22:05] C:\Program Files\Common Files
[16/08/2004|19:05] C:\Program Files\ComPlus Applications
[10/03/2006|19:40] C:\Program Files\CosmoSoftware
[02/11/2006|10:31] C:\Program Files\CyberLink
[02/11/2006|10:31] C:\Program Files\CyberLink DVD Solution
[10/03/2006|18:46] C:\Program Files\directx
[07/07/2008|22:26] C:\Program Files\DVD Shrink
[10/03/2006|16:59] C:\Program Files\Dynamic Toolbar
[11/07/2008|18:44] C:\Program Files\eMule
[04/01/2007|17:52] C:\Program Files\EPSON
[20/08/2008|12:31] C:\Program Files\Fichiers communs
[02/07/2007|17:38] C:\Program Files\Google
[04/07/2008|17:12] C:\Program Files\Icone
[16/07/2008|12:14] C:\Program Files\InstallShield Installation Information
[15/08/2007|11:36] C:\Program Files\InterActual
[18/08/2008|18:16] C:\Program Files\Internet Explorer
[23/08/2006|13:54] C:\Program Files\Java
[15/03/2006|15:36] C:\Program Files\K-Lite Codec Pack
[10/03/2006|19:11] C:\Program Files\Larousse
[10/03/2006|16:54] C:\Program Files\Learn2.com
[04/07/2008|17:12] C:\Program Files\LETMIN
[18/08/2008|18:15] C:\Program Files\Messenger
[11/07/2008|16:06] C:\Program Files\Messenger Plus! Live
[15/09/2007|19:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[16/08/2004|19:11] C:\Program Files\microsoft frontpage
[17/03/2006|13:37] C:\Program Files\Microsoft Money
[07/03/2008|12:21] C:\Program Files\microsoft office
[10/03/2006|17:02] C:\Program Files\Microsoft Visual Studio
[17/03/2006|13:35] C:\Program Files\Microsoft Works
[17/03/2006|13:32] C:\Program Files\Microsoft Works Suite 2003
[07/02/2008|16:31] C:\Program Files\monAlbumPhoto
[30/01/2008|22:06] C:\Program Files\Motorola Phone Tools
[14/07/2007|14:59] C:\Program Files\Movie Maker
[10/03/2006|18:27] C:\Program Files\MSN
[19/08/2008|21:19] C:\Program Files\MSN Games
[16/08/2004|19:03] C:\Program Files\MSN Gaming Zone
[11/07/2008|16:06] C:\Program Files\MSN Messenger
[10/03/2006|20:10] C:\Program Files\MSN Toolbar Suite
[19/11/2006|21:37] C:\Program Files\MSXML 4.0
[16/08/2004|19:06] C:\Program Files\NetMeeting
[20/08/2008|12:32] C:\Program Files\Norton Internet Security
[16/08/2004|19:03] C:\Program Files\Online Services
[13/06/2007|23:40] C:\Program Files\Outlook Express
[10/05/2006|13:55] C:\Program Files\PixDiscount
[10/03/2006|16:54] C:\Program Files\QuickTime
[10/03/2006|16:54] C:\Program Files\Real
[10/06/2006|19:14] C:\Program Files\ReflexiveArcade
[20/03/2006|22:29] C:\Program Files\RM-X Player V3
[23/04/2007|19:24] C:\Program Files\SAGEM
[18/04/2007|10:16] C:\Program Files\Securitoo
[16/08/2004|19:07] C:\Program Files\Services en ligne
[08/01/2008|16:12] C:\Program Files\Skyline
[19/08/2008|21:17] C:\Program Files\Sonic
[23/08/2008|22:32] C:\Program Files\Spybot - Search & Destroy
[20/08/2008|19:43] C:\Program Files\Spyware-Secure
[23/08/2008|22:54] C:\Program Files\Starware354
[20/08/2008|12:32] C:\Program Files\Symantec
[05/09/2006|23:57] C:\Program Files\T‚l‚chargeur de Tomb Raider - Legend
[24/08/2008|17:03] C:\Program Files\Trend Micro
[16/08/2004|19:19] C:\Program Files\Uninstall Information
[10/08/2004|00:30] C:\Program Files\Uninstall_CDS.exe
[20/08/2008|12:19] C:\Program Files\Up Creative Skip
[10/03/2006|16:54] C:\Program Files\Viewpoint
[11/07/2008|16:06] C:\Program Files\Windows Live
[23/02/2007|15:10] C:\Program Files\Windows Media Connect 2
[23/02/2007|15:10] C:\Program Files\Windows Media Player
[16/08/2004|19:03] C:\Program Files\Windows NT
[20/08/2008|12:31] C:\Program Files\Windows Sidebar
[16/08/2004|19:07] C:\Program Files\WindowsUpdate
[16/08/2004|19:11] C:\Program Files\xerox
[17/03/2006|19:50] C:\Program Files\Yahoo!
[12/05/2008|12:32] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[10/03/2006|22:57] C:\Program Files\Fichiers communs\Adobe
[10/03/2006|16:54] C:\Program Files\Fichiers communs\AOL
[10/03/2006|16:54] C:\Program Files\Fichiers communs\aolshare
[10/03/2006|17:02] C:\Program Files\Fichiers communs\Designer
[04/01/2007|17:56] C:\Program Files\Fichiers communs\InstallShield
[10/03/2006|16:50] C:\Program Files\Fichiers communs\Java
[19/08/2008|21:31] C:\Program Files\Fichiers communs\Microsoft Shared
[30/01/2008|22:05] C:\Program Files\Fichiers communs\Motorola Shared
[16/08/2004|19:06] C:\Program Files\Fichiers communs\MSSoap
[10/03/2006|16:54] C:\Program Files\Fichiers communs\Nullsoft
[16/08/2004|18:57] C:\Program Files\Fichiers communs\ODBC
[10/03/2006|17:00] C:\Program Files\Fichiers communs\Real
[16/08/2004|19:06] C:\Program Files\Fichiers communs\Services
[10/03/2006|19:46] C:\Program Files\Fichiers communs\snpp202
[10/03/2006|17:03] C:\Program Files\Fichiers communs\Sonic Shared
[16/08/2004|18:56] C:\Program Files\Fichiers communs\SpeechEngines
[25/08/2008|14:29] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|23:40] C:\Program Files\Fichiers communs\System
[10/03/2006|17:00] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 53 Processus )
iexplore.exe ~ [PID:2324] ~ [Threads:19]
iexplore.exe ~ [PID:2708] ~ [Threads:4]
iexplore.exe ~ [PID:628] ~ [Threads:28]
iexplore.exe ~ [PID:3912] ~ [Threads:23]
iexplore.exe ~ [PID:3812] ~ [Threads:21]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\ball memo.exe
C:\Program Files\Circle Developement
C:\DOCUME~1\Patrice\Cookies\patrice@advertstream[2].txt
C:\DOCUME~1\Patrice\Cookies\patrice@d2.advertserve[1].txt
C:\DOCUME~1\Patrice\Cookies\patrice@www.adserver5[1].txt
C:\DOCUME~1\Patrice\Cookies\patrice@advertising[1].txt
C:\DOCUME~1\Patrice\Cookies\patrice@banner.cotedazurpalace[2].txt
C:\DOCUME~1\Patrice\Cookies\patrice@cotedazurpalace[1].txt
C:\DOCUME~1\Patrice\Cookies\patrice@adopt.euroclick[1].txt
C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[3].txt
C:\DOCUME~1\Patrice\Cookies\patrice@pacificpoker[2].txt
C:\DOCUME~1\Patrice\Cookies\patrice@partypoker[1].txt
C:\DOCUME~1\Patrice\Cookies\patrice@32vegas[2].txt
C:\DOCUME~1\Patrice\Cookies\patrice@banner.32vegas[2].txt
C:\DOCUME~1\Patrice\Cookies\patrice@888[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AXIS TONS THE MP3"="C:\\Documents and Settings\\All Users\\Application Data\\Readme Live Axis Tons\\ball memo.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-25 18:49:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
caswequ.dat
caswequ.exe
caswequ_nav.dat
caswequ_navps.dat
CASWEQU.EXE-21245B88.pf
==> EGDACCESS <==
--------------------\\ ROGUES ..
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
C:\DOCUME~1\Patrice\APPLIC~1\Starware354
C:\PROGRA~1\Starware354
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Patrice\Local Settings\Temp\R‚pertoire temporaire 1 pour Clone Dvd Any Dvd Crack Serial.zip
C:\DOCUME~1\Patrice\Local Settings\Temp\R‚pertoire temporaire 1 pour Clone Dvd Any Dvd Crack Serial.zip\Office 97 Professional - Español - Clonecd.rar
C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip
[F:422][D:394]-> C:\DOCUME~1\Patrice\LOCALS~1\Temp
[F:395][D:0]-> C:\DOCUME~1\Patrice\Cookies
[F:14449][D:38]-> C:\DOCUME~1\Patrice\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 18:54:19
Re,
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Message édité par Angeldark le 30-08-2008 à 15:17:47
Répondre à Angeldark
OK, voici le rapport, sachant que ma page internet s'est fermée toute seule et que j'ai eu un message de "Spybot - Search &Destroy" me demandant d'autoriser à supprimer un fichier important "????MP3", j'ai répondu Oui, j'espère ne pas avoir commis d'erreur.
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
Award Medallion BIOS v6.00PG
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [2] ( 25/08/2008|21:07 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\ball memo.exe
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@www.adserver5[1].txt
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@partypoker[1].txt
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@32vegas[2].txt
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
Supprime! - C:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[29/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/02/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[10/03/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[30/01/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[02/11/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[16/08/2004|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[08/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[18/09/2006|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[23/08/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[10/07/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[05/11/2006|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure
[11/07/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[31/08/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/03/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
[05/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
[16/07/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
[04/07/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[15/01/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[16/08/2004|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[08/01/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[24/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[20/08/2008|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
[22/08/2008|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/07/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/05/2006|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04/01/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[03/06/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[14/09/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/08/2004|18:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/08/2004|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/03/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[10/03/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[10/03/2006|16:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[23/02/2007|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/08/2004|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[14/02/2007|15:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[11/02/2008|17:41] C:\DOCUME~1\Patrice\APPLIC~1\Adobe
[04/09/2007|17:33] C:\DOCUME~1\Patrice\APPLIC~1\AdobeUM
[13/03/2006|19:34] C:\DOCUME~1\Patrice\APPLIC~1\ArcSoft
[02/11/2006|15:52] C:\DOCUME~1\Patrice\APPLIC~1\CyberLink
[16/08/2004|18:55] C:\DOCUME~1\Patrice\APPLIC~1\desktop.ini
[24/06/2008|22:37] C:\DOCUME~1\Patrice\APPLIC~1\EPSON
[02/05/2008|15:10] C:\DOCUME~1\Patrice\APPLIC~1\GDIPFONTCACHEV1.DAT
[18/09/2006|18:20] C:\DOCUME~1\Patrice\APPLIC~1\Google
[10/03/2006|18:24] C:\DOCUME~1\Patrice\APPLIC~1\Help
[01/07/2008|19:44] C:\DOCUME~1\Patrice\APPLIC~1\Icone
[11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Identities
[30/01/2008|22:04] C:\DOCUME~1\Patrice\APPLIC~1\InstallShield
[10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Leadertech
[19/08/2007|17:36] C:\DOCUME~1\Patrice\APPLIC~1\LEGO Company
[31/08/2007|18:05] C:\DOCUME~1\Patrice\APPLIC~1\Macromedia
[14/09/2007|19:10] C:\DOCUME~1\Patrice\APPLIC~1\Microsoft
[10/03/2006|20:15] C:\DOCUME~1\Patrice\APPLIC~1\MSN Search Toolbar
[10/03/2006|18:27] C:\DOCUME~1\Patrice\APPLIC~1\MSNInstaller
[04/07/2008|20:47] C:\DOCUME~1\Patrice\APPLIC~1\PlayFirst
[10/03/2006|22:53] C:\DOCUME~1\Patrice\APPLIC~1\Real
[05/09/2006|23:57] C:\DOCUME~1\Patrice\APPLIC~1\SecuROM
[10/05/2006|14:00] C:\DOCUME~1\Patrice\APPLIC~1\SendPix
[10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Sonic
[23/08/2008|22:54] C:\DOCUME~1\Patrice\APPLIC~1\Starware354
[10/03/2006|16:50] C:\DOCUME~1\Patrice\APPLIC~1\Sun
[21/02/2008|21:27] C:\DOCUME~1\Patrice\APPLIC~1\Super-Cow
[20/08/2008|12:34] C:\DOCUME~1\Patrice\APPLIC~1\Symantec
[20/08/2008|12:22] C:\DOCUME~1\Patrice\APPLIC~1\Up Creative Skip
[17/03/2006|19:50] C:\DOCUME~1\Patrice\APPLIC~1\yahoo!
[10/03/2006|16:54] C:\DOCUME~1\Patrice\APPLIC~1\You've Got Pictures Screensaver
[11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Zylom
[03/07/2006|14:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[15/03/2006|14:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/08/2008 20:12][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Patrice.job
[10/03/2006 17:13][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
[25/08/2008 12:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/02/2007|19:03] C:\Program Files\3B Software
[01/07/2007|16:59] C:\Program Files\Adibou et ses amis
[29/04/2008|12:19] C:\Program Files\Adobe
[10/03/2006|16:46] C:\Program Files\AMD
[10/03/2006|17:52] C:\Program Files\AOL 9.0
[10/03/2006|16:54] C:\Program Files\AOL Compagnon
[10/03/2006|18:35] C:\Program Files\ArcSoft
[30/01/2008|22:07] C:\Program Files\Avanquest update
[16/07/2008|12:23] C:\Program Files\Beach Soccer
[05/09/2006|23:57] C:\Program Files\BoontyGames
[10/03/2006|18:13] C:\Program Files\Canon
[26/11/2006|12:54] C:\Program Files\Chicken Invaders 2
[25/05/2006|14:32] C:\Program Files\Chicken Invaders 2 Fran‡ais
[30/01/2008|22:05] C:\Program Files\Common Files
[16/08/2004|19:05] C:\Program Files\ComPlus Applications
[10/03/2006|19:40] C:\Program Files\CosmoSoftware
[02/11/2006|10:31] C:\Program Files\CyberLink
[02/11/2006|10:31] C:\Program Files\CyberLink DVD Solution
[10/03/2006|18:46] C:\Program Files\directx
[07/07/2008|22:26] C:\Program Files\DVD Shrink
[10/03/2006|16:59] C:\Program Files\Dynamic Toolbar
[11/07/2008|18:44] C:\Program Files\eMule
[04/01/2007|17:52] C:\Program Files\EPSON
[20/08/2008|12:31] C:\Program Files\Fichiers communs
[02/07/2007|17:38] C:\Program Files\Google
[04/07/2008|17:12] C:\Program Files\Icone
[16/07/2008|12:14] C:\Program Files\InstallShield Installation Information
[15/08/2007|11:36] C:\Program Files\InterActual
[18/08/2008|18:16] C:\Program Files\Internet Explorer
[23/08/2006|13:54] C:\Program Files\Java
[15/03/2006|15:36] C:\Program Files\K-Lite Codec Pack
[10/03/2006|19:11] C:\Program Files\Larousse
[10/03/2006|16:54] C:\Program Files\Learn2.com
[04/07/2008|17:12] C:\Program Files\LETMIN
[18/08/2008|18:15] C:\Program Files\Messenger
[11/07/2008|16:06] C:\Program Files\Messenger Plus! Live
[15/09/2007|19:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[16/08/2004|19:11] C:\Program Files\microsoft frontpage
[17/03/2006|13:37] C:\Program Files\Microsoft Money
[07/03/2008|12:21] C:\Program Files\microsoft office
[10/03/2006|17:02] C:\Program Files\Microsoft Visual Studio
[17/03/2006|13:35] C:\Program Files\Microsoft Works
[17/03/2006|13:32] C:\Program Files\Microsoft Works Suite 2003
[07/02/2008|16:31] C:\Program Files\monAlbumPhoto
[30/01/2008|22:06] C:\Program Files\Motorola Phone Tools
[14/07/2007|14:59] C:\Program Files\Movie Maker
[10/03/2006|18:27] C:\Program Files\MSN
[19/08/2008|21:19] C:\Program Files\MSN Games
[16/08/2004|19:03] C:\Program Files\MSN Gaming Zone
[11/07/2008|16:06] C:\Program Files\MSN Messenger
[10/03/2006|20:10] C:\Program Files\MSN Toolbar Suite
[19/11/2006|21:37] C:\Program Files\MSXML 4.0
[16/08/2004|19:06] C:\Program Files\NetMeeting
[20/08/2008|12:32] C:\Program Files\Norton Internet Security
[16/08/2004|19:03] C:\Program Files\Online Services
[13/06/2007|23:40] C:\Program Files\Outlook Express
[10/05/2006|13:55] C:\Program Files\PixDiscount
[10/03/2006|16:54] C:\Program Files\QuickTime
[10/03/2006|16:54] C:\Program Files\Real
[10/06/2006|19:14] C:\Program Files\ReflexiveArcade
[20/03/2006|22:29] C:\Program Files\RM-X Player V3
[23/04/2007|19:24] C:\Program Files\SAGEM
[18/04/2007|10:16] C:\Program Files\Securitoo
[16/08/2004|19:07] C:\Program Files\Services en ligne
[08/01/2008|16:12] C:\Program Files\Skyline
[19/08/2008|21:17] C:\Program Files\Sonic
[23/08/2008|22:32] C:\Program Files\Spybot - Search & Destroy
[20/08/2008|19:43] C:\Program Files\Spyware-Secure
[23/08/2008|22:54] C:\Program Files\Starware354
[20/08/2008|12:32] C:\Program Files\Symantec
[05/09/2006|23:57] C:\Program Files\T‚l‚chargeur de Tomb Raider - Legend
[24/08/2008|17:03] C:\Program Files\Trend Micro
[16/08/2004|19:19] C:\Program Files\Uninstall Information
[10/08/2004|00:30] C:\Program Files\Uninstall_CDS.exe
[20/08/2008|12:19] C:\Program Files\Up Creative Skip
[11/07/2008|16:06] C:\Program Files\Windows Live
[23/02/2007|15:10] C:\Program Files\Windows Media Connect 2
[23/02/2007|15:10] C:\Program Files\Windows Media Player
[16/08/2004|19:03] C:\Program Files\Windows NT
[20/08/2008|12:31] C:\Program Files\Windows Sidebar
[16/08/2004|19:07] C:\Program Files\WindowsUpdate
[16/08/2004|19:11] C:\Program Files\xerox
[17/03/2006|19:50] C:\Program Files\Yahoo!
[12/05/2008|12:32] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[10/03/2006|22:57] C:\Program Files\Fichiers communs\Adobe
[10/03/2006|16:54] C:\Program Files\Fichiers communs\AOL
[10/03/2006|16:54] C:\Program Files\Fichiers communs\aolshare
[10/03/2006|17:02] C:\Program Files\Fichiers communs\Designer
[04/01/2007|17:56] C:\Program Files\Fichiers communs\InstallShield
[10/03/2006|16:50] C:\Program Files\Fichiers communs\Java
[19/08/2008|21:31] C:\Program Files\Fichiers communs\Microsoft Shared
[30/01/2008|22:05] C:\Program Files\Fichiers communs\Motorola Shared
[16/08/2004|19:06] C:\Program Files\Fichiers communs\MSSoap
[10/03/2006|16:54] C:\Program Files\Fichiers communs\Nullsoft
[16/08/2004|18:57] C:\Program Files\Fichiers communs\ODBC
[10/03/2006|17:00] C:\Program Files\Fichiers communs\Real
[16/08/2004|19:06] C:\Program Files\Fichiers communs\Services
[10/03/2006|19:46] C:\Program Files\Fichiers communs\snpp202
[10/03/2006|17:03] C:\Program Files\Fichiers communs\Sonic Shared
[16/08/2004|18:56] C:\Program Files\Fichiers communs\SpeechEngines
[25/08/2008|20:08] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|23:40] C:\Program Files\Fichiers communs\System
[10/03/2006|17:00] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 46 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[1].txt
C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-25 21:09:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
caswequ.dat
caswequ.exe
caswequ_nav.dat
caswequ_navps.dat
CASWEQU.EXE-21245B88.pf
==> EGDACCESS <==
--------------------\\ ROGUES ..
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
C:\DOCUME~1\Patrice\APPLIC~1\Starware354
C:\PROGRA~1\Starware354
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Patrice\Local Settings\Temp\R‚pertoire temporaire 1 pour Clone Dvd Any Dvd Crack Serial.zip
C:\DOCUME~1\Patrice\Local Settings\Temp\R‚pertoire temporaire 1 pour Clone Dvd Any Dvd Crack Serial.zip\Office 97 Professional - Español - Clonecd.rar
C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip
[F:423][D:394]-> C:\DOCUME~1\Patrice\LOCALS~1\Temp
[F:353][D:0]-> C:\DOCUME~1\Patrice\Cookies
[F:16217][D:38]-> C:\DOCUME~1\Patrice\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 21:14:59
Bonjour,
J'ai vu passer un message comme quoi vous êtes en "maintenance" mercredi. Est-ce-que vous pensez pouvoir me répondre avant. Merci bocou
Re,
On continue 
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 4 puis valide.
Il va te demander de saisir le nom de fichier. Saisie ce qui est en gras ci-dessous et rien d'autre puis valide :
caswequ
Retape le nom de fichier quand cela te sera demandé.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Répondre à Angeldark
Re,
Alors voici le rapport Navilog :
Clean Navipromo version 3.6.5 commencé le 26/08/2008 à 19:12:09,17
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Patrice"
Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Mode suppression par méthode manuelle
Nom du fichier saisi : caswequ
Nettoyage exécuté au redémarrage de l'ordinateur
*** Recherche, création sauvegardes et suppression ***
* Suppression dans "C:\WINDOWS\system32" *
C:\WINDOWS\prefetch\caswequ*.pf trouvé !
Copie C:\WINDOWS\prefetch\caswequ*.pf réalisée avec succès !
C:\WINDOWS\prefetch\caswequ*.pf supprimé !
* Suppression dans "C:\Documents and Settings\Patrice\locals~1\applic~1" *
caswequ.exe trouvé !
Copie caswequ.exe réalisée avec succès !
caswequ.exe supprimé !
caswequ.dat trouvé !
Copie caswequ.dat réalisée avec succès !
caswequ.dat supprimé !
caswequ_nav.dat trouvé !
Copie caswequ_nav.dat réalisée avec succès !
caswequ_nav.dat supprimé !
caswequ_navps.dat trouvé !
Copie caswequ_navps.dat réalisée avec succès !
caswequ_navps.dat supprimé !
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Patrice\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Patrice\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Patrice\menudm~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Patrice\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
* Dans "C:\Documents and Settings\Patrice\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 26/08/2008 à 19:17:41,79 ***
Voici le rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:38:32, on 26/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.c [...] x_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?a435fdbd7e0246c1bd12fcf97329cba
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?a435fdbd7e0246c1bd12fcf97329cba
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/cl [...] .2.0.6.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 11340 bytes
Que dois-je faire maintenant ?
Pour info, j'ai Norton et Spybot sur mon PC dois-je les garder ?
Par contre, j'ai perdu mon graveur qui était Record Now !
Merci pour tout
Refais un scan LopSD option 1
Répondre à Angeldark
Rapport LopSD
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
Award Medallion BIOS v6.00PG
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [1] ( 26/08/2008|20:03 )
--------------------\\ Listing des dossiers dans APPLIC~1
[29/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/02/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[10/03/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[30/01/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[02/11/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[16/08/2004|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[08/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[18/09/2006|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[23/08/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[10/07/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[05/11/2006|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure
[11/07/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[31/08/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/03/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
[05/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
[16/07/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
[04/07/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[15/01/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[16/08/2004|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[08/01/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[24/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[20/08/2008|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
[22/08/2008|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/07/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/05/2006|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04/01/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[03/06/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[14/09/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/08/2004|18:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/08/2004|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/03/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[10/03/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[10/03/2006|16:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[23/02/2007|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/08/2004|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[14/02/2007|15:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[11/02/2008|17:41] C:\DOCUME~1\Patrice\APPLIC~1\Adobe
[04/09/2007|17:33] C:\DOCUME~1\Patrice\APPLIC~1\AdobeUM
[13/03/2006|19:34] C:\DOCUME~1\Patrice\APPLIC~1\ArcSoft
[02/11/2006|15:52] C:\DOCUME~1\Patrice\APPLIC~1\CyberLink
[16/08/2004|18:55] C:\DOCUME~1\Patrice\APPLIC~1\desktop.ini
[24/06/2008|22:37] C:\DOCUME~1\Patrice\APPLIC~1\EPSON
[02/05/2008|15:10] C:\DOCUME~1\Patrice\APPLIC~1\GDIPFONTCACHEV1.DAT
[18/09/2006|18:20] C:\DOCUME~1\Patrice\APPLIC~1\Google
[10/03/2006|18:24] C:\DOCUME~1\Patrice\APPLIC~1\Help
[01/07/2008|19:44] C:\DOCUME~1\Patrice\APPLIC~1\Icone
[11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Identities
[30/01/2008|22:04] C:\DOCUME~1\Patrice\APPLIC~1\InstallShield
[10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Leadertech
[19/08/2007|17:36] C:\DOCUME~1\Patrice\APPLIC~1\LEGO Company
[31/08/2007|18:05] C:\DOCUME~1\Patrice\APPLIC~1\Macromedia
[14/09/2007|19:10] C:\DOCUME~1\Patrice\APPLIC~1\Microsoft
[10/03/2006|20:15] C:\DOCUME~1\Patrice\APPLIC~1\MSN Search Toolbar
[10/03/2006|18:27] C:\DOCUME~1\Patrice\APPLIC~1\MSNInstaller
[04/07/2008|20:47] C:\DOCUME~1\Patrice\APPLIC~1\PlayFirst
[10/03/2006|22:53] C:\DOCUME~1\Patrice\APPLIC~1\Real
[05/09/2006|23:57] C:\DOCUME~1\Patrice\APPLIC~1\SecuROM
[10/05/2006|14:00] C:\DOCUME~1\Patrice\APPLIC~1\SendPix
[10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Sonic
[23/08/2008|22:54] C:\DOCUME~1\Patrice\APPLIC~1\Starware354
[10/03/2006|16:50] C:\DOCUME~1\Patrice\APPLIC~1\Sun
[21/02/2008|21:27] C:\DOCUME~1\Patrice\APPLIC~1\Super-Cow
[20/08/2008|12:34] C:\DOCUME~1\Patrice\APPLIC~1\Symantec
[20/08/2008|12:22] C:\DOCUME~1\Patrice\APPLIC~1\Up Creative Skip
[17/03/2006|19:50] C:\DOCUME~1\Patrice\APPLIC~1\yahoo!
[10/03/2006|16:54] C:\DOCUME~1\Patrice\APPLIC~1\You've Got Pictures Screensaver
[11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Zylom
[03/07/2006|14:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[15/03/2006|14:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/08/2008 20:12][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Patrice.job
[10/03/2006 17:13][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
[26/08/2008 19:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/02/2007|19:03] C:\Program Files\3B Software
[01/07/2007|16:59] C:\Program Files\Adibou et ses amis
[29/04/2008|12:19] C:\Program Files\Adobe
[10/03/2006|16:46] C:\Program Files\AMD
[10/03/2006|17:52] C:\Program Files\AOL 9.0
[10/03/2006|16:54] C:\Program Files\AOL Compagnon
[10/03/2006|18:35] C:\Program Files\ArcSoft
[30/01/2008|22:07] C:\Program Files\Avanquest update
[16/07/2008|12:23] C:\Program Files\Beach Soccer
[05/09/2006|23:57] C:\Program Files\BoontyGames
[10/03/2006|18:13] C:\Program Files\Canon
[26/11/2006|12:54] C:\Program Files\Chicken Invaders 2
[25/05/2006|14:32] C:\Program Files\Chicken Invaders 2 Fran‡ais
[30/01/2008|22:05] C:\Program Files\Common Files
[16/08/2004|19:05] C:\Program Files\ComPlus Applications
[10/03/2006|19:40] C:\Program Files\CosmoSoftware
[02/11/2006|10:31] C:\Program Files\CyberLink
[02/11/2006|10:31] C:\Program Files\CyberLink DVD Solution
[10/03/2006|18:46] C:\Program Files\directx
[07/07/2008|22:26] C:\Program Files\DVD Shrink
[10/03/2006|16:59] C:\Program Files\Dynamic Toolbar
[11/07/2008|18:44] C:\Program Files\eMule
[04/01/2007|17:52] C:\Program Files\EPSON
[20/08/2008|12:31] C:\Program Files\Fichiers communs
[02/07/2007|17:38] C:\Program Files\Google
[04/07/2008|17:12] C:\Program Files\Icone
[16/07/2008|12:14] C:\Program Files\InstallShield Installation Information
[15/08/2007|11:36] C:\Program Files\InterActual
[18/08/2008|18:16] C:\Program Files\Internet Explorer
[23/08/2006|13:54] C:\Program Files\Java
[15/03/2006|15:36] C:\Program Files\K-Lite Codec Pack
[10/03/2006|19:11] C:\Program Files\Larousse
[10/03/2006|16:54] C:\Program Files\Learn2.com
[04/07/2008|17:12] C:\Program Files\LETMIN
[18/08/2008|18:15] C:\Program Files\Messenger
[11/07/2008|16:06] C:\Program Files\Messenger Plus! Live
[15/09/2007|19:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[16/08/2004|19:11] C:\Program Files\microsoft frontpage
[17/03/2006|13:37] C:\Program Files\Microsoft Money
[07/03/2008|12:21] C:\Program Files\microsoft office
[10/03/2006|17:02] C:\Program Files\Microsoft Visual Studio
[17/03/2006|13:35] C:\Program Files\Microsoft Works
[17/03/2006|13:32] C:\Program Files\Microsoft Works Suite 2003
[07/02/2008|16:31] C:\Program Files\monAlbumPhoto
[30/01/2008|22:06] C:\Program Files\Motorola Phone Tools
[14/07/2007|14:59] C:\Program Files\Movie Maker
[10/03/2006|18:27] C:\Program Files\MSN
[19/08/2008|21:19] C:\Program Files\MSN Games
[16/08/2004|19:03] C:\Program Files\MSN Gaming Zone
[11/07/2008|16:06] C:\Program Files\MSN Messenger
[10/03/2006|20:10] C:\Program Files\MSN Toolbar Suite
[19/11/2006|21:37] C:\Program Files\MSXML 4.0
[26/08/2008|19:17] C:\Program Files\Navilog1
[16/08/2004|19:06] C:\Program Files\NetMeeting
[20/08/2008|12:32] C:\Program Files\Norton Internet Security
[16/08/2004|19:03] C:\Program Files\Online Services
[13/06/2007|23:40] C:\Program Files\Outlook Express
[10/05/2006|13:55] C:\Program Files\PixDiscount
[10/03/2006|16:54] C:\Program Files\QuickTime
[10/03/2006|16:54] C:\Program Files\Real
[10/06/2006|19:14] C:\Program Files\ReflexiveArcade
[20/03/2006|22:29] C:\Program Files\RM-X Player V3
[23/04/2007|19:24] C:\Program Files\SAGEM
[18/04/2007|10:16] C:\Program Files\Securitoo
[16/08/2004|19:07] C:\Program Files\Services en ligne
[08/01/2008|16:12] C:\Program Files\Skyline
[19/08/2008|21:17] C:\Program Files\Sonic
[23/08/2008|22:32] C:\Program Files\Spybot - Search & Destroy
[23/08/2008|22:54] C:\Program Files\Starware354
[20/08/2008|12:32] C:\Program Files\Symantec
[05/09/2006|23:57] C:\Program Files\T‚l‚chargeur de Tomb Raider - Legend
[24/08/2008|17:03] C:\Program Files\Trend Micro
[16/08/2004|19:19] C:\Program Files\Uninstall Information
[10/08/2004|00:30] C:\Program Files\Uninstall_CDS.exe
[20/08/2008|12:19] C:\Program Files\Up Creative Skip
[11/07/2008|16:06] C:\Program Files\Windows Live
[23/02/2007|15:10] C:\Program Files\Windows Media Connect 2
[23/02/2007|15:10] C:\Program Files\Windows Media Player
[16/08/2004|19:03] C:\Program Files\Windows NT
[20/08/2008|12:31] C:\Program Files\Windows Sidebar
[16/08/2004|19:07] C:\Program Files\WindowsUpdate
[16/08/2004|19:11] C:\Program Files\xerox
[17/03/2006|19:50] C:\Program Files\Yahoo!
[12/05/2008|12:32] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[10/03/2006|22:57] C:\Program Files\Fichiers communs\Adobe
[10/03/2006|16:54] C:\Program Files\Fichiers communs\AOL
[10/03/2006|16:54] C:\Program Files\Fichiers communs\aolshare
[10/03/2006|17:02] C:\Program Files\Fichiers communs\Designer
[04/01/2007|17:56] C:\Program Files\Fichiers communs\InstallShield
[10/03/2006|16:50] C:\Program Files\Fichiers communs\Java
[19/08/2008|21:31] C:\Program Files\Fichiers communs\Microsoft Shared
[30/01/2008|22:05] C:\Program Files\Fichiers communs\Motorola Shared
[16/08/2004|19:06] C:\Program Files\Fichiers communs\MSSoap
[10/03/2006|16:54] C:\Program Files\Fichiers communs\Nullsoft
[16/08/2004|18:57] C:\Program Files\Fichiers communs\ODBC
[10/03/2006|17:00] C:\Program Files\Fichiers communs\Real
[16/08/2004|19:06] C:\Program Files\Fichiers communs\Services
[10/03/2006|19:46] C:\Program Files\Fichiers communs\snpp202
[10/03/2006|17:03] C:\Program Files\Fichiers communs\Sonic Shared
[16/08/2004|18:56] C:\Program Files\Fichiers communs\SpeechEngines
[26/08/2008|19:00] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|23:40] C:\Program Files\Fichiers communs\System
[10/03/2006|17:00] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 47 Processus )
iexplore.exe ~ [PID:3568] ~ [Threads:4]
iexplore.exe ~ [PID:1980] ~ [Threads:28]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[1].txt
C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-26 20:04:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
C:\DOCUME~1\Patrice\APPLIC~1\Starware354
C:\PROGRA~1\Starware354
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip
[F:13][D:2]-> C:\DOCUME~1\Patrice\LOCALS~1\Temp
[F:363][D:0]-> C:\DOCUME~1\Patrice\Cookies
[F:18064][D:42]-> C:\DOCUME~1\Patrice\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 20:07:20
Re,
Supprime tes cracks.
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de Toolbar-S&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré. (C:\TB.txt)
Répondre à Angeldark
Bonsoir,
Quand je clique sur Toolbar-S&D je tombe là-dessus :
(The requested file is not displayed because it might contain malicious content.
If you believe this is an error, please visit our contact page to let us know. Contact Us)
Je ne peux donc pas le télécharger, je fais quoi ?
Utilise ce lien :
http://www.sendspace.com/file/hs97kv
Répondre à Angeldark
Rapport Toolbar S&D
-----------\\ ToolBar S&D 1.1.5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Award Medallion BIOS v6.00PG
USER : Patrice ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
"C:\ToolBar SD" ( MAJ : 26-08-2008|22:40 )
Option : [1] ( 27/08/2008|20:37 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\dynamic toolbar
C:\Program Files\dynamic toolbar\batch.bat
C:\Program Files\dynamic toolbar\Cache
C:\Program Files\dynamic toolbar\PBFRV2
C:\Program Files\dynamic toolbar\unins000.dat
C:\Program Files\dynamic toolbar\unins000.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\buttons
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\contexts
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\SimpleUpdate
C:\DOCUME~1\Patrice\APPLIC~1\Starware354
C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Games
C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Movies
C:\DOCUME~1\Patrice\APPLIC~1\Starware354\RecipeSearch_Foreign
C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Recipes_Foreign
C:\DOCUME~1\Patrice\APPLIC~1\Starware354\ScreensaversMarketingSitePager
C:\Program Files\Starware354
C:\Program Files\Starware354\bin
C:\Program Files\Starware354\icons
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://securityresponse.symantec.com/avcenter/fix_homepage"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://search.msn.com/spbasic.htm"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
C:\DOCUME~1\Patrice\APPLIC~1\Starware354
C:\PROGRA~1\Starware354
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip
-----------\\ Fin du rapport a 20:39:23,62
Bonsoir,
Juste une petite précision : ma connexion internet est toujours aussi lente.
Re,
Passe l'option 2 maintenant.
Répondre à Angeldark
-----------\\ ToolBar S&D 1.1.5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Award Medallion BIOS v6.00PG
USER : Patrice ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
"C:\ToolBar SD" ( MAJ : 26-08-2008|22:40 )
Option : [2] ( 28/08/2008|20:20 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\dynamic toolbar\batch.bat
Supprime! - C:\Program Files\dynamic toolbar\Cache
Supprime! - C:\Program Files\dynamic toolbar\PBFRV2
Supprime! - C:\Program Files\dynamic toolbar\unins000.dat
Supprime! - C:\Program Files\dynamic toolbar\unins000.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\buttons
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\contexts
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\SimpleUpdate
Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Games
Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Movies
Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\RecipeSearch_Foreign
Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Recipes_Foreign
Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\ScreensaversMarketingSitePager
Supprime! - C:\Program Files\Starware354\bin
Supprime! - C:\Program Files\Starware354\icons
Supprime! - C:\Program Files\dynamic toolbar
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354
Supprime! - C:\Program Files\Starware354
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://securityresponse.symantec.com/avcenter/fix_homepage"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://search.msn.com/spbasic.htm"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.msn.com/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip
-----------\\ Fin du rapport a 20:24:41,57
Merci de supprimer tes cracks. Reposte un rapport Hijackthis.
Répondre à Angeldark
Désolée, mais je ne sais pas comment supprimer des cracks !!!
Rapport HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:06:28, on 29/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchFilter.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.c [...] x_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/cl [...] .2.0.6.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 10757 bytes
Re,
On va faire autrement.
Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
R3 - Default URLSearchHook is missing
|
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1
|
- Relance Lop S&D.
- Choisis cette fois-ci l'option 4 (LopScript). Une page blanche va s'ouvrir, colle (Ctrl+V) le texte précedemment copié.
- Ferme cette page, il te sera demandé de l'enregistrer, accepte.
! Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Répondre à Angeldark
Rapport Lop S&D
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
Award Medallion BIOS v6.00PG
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [4] ( 29/08/2008|22:30 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script
C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1
C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
Supprime! - C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
Supprime! - C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
Supprime! - C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
Supprime! - C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1
Supprime! - C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[1].txt
Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[2].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[29/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/02/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[10/03/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[30/01/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[02/11/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[16/08/2004|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[08/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[18/09/2006|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[23/08/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[10/07/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[05/11/2006|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure
[11/07/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[31/08/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/03/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
[05/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
[16/07/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
[04/07/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[15/01/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[16/08/2004|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[08/01/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[24/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[22/08/2008|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/07/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/05/2006|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04/01/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[03/06/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[14/09/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/08/2004|18:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/08/2004|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/03/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[10/03/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[10/03/2006|16:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[23/02/2007|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/08/2004|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[14/02/2007|15:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[11/02/2008|17:41] C:\DOCUME~1\Patrice\APPLIC~1\Adobe
[04/09/2007|17:33] C:\DOCUME~1\Patrice\APPLIC~1\AdobeUM
[13/03/2006|19:34] C:\DOCUME~1\Patrice\APPLIC~1\ArcSoft
[02/11/2006|15:52] C:\DOCUME~1\Patrice\APPLIC~1\CyberLink
[16/08/2004|18:55] C:\DOCUME~1\Patrice\APPLIC~1\desktop.ini
[24/06/2008|22:37] C:\DOCUME~1\Patrice\APPLIC~1\EPSON
[02/05/2008|15:10] C:\DOCUME~1\Patrice\APPLIC~1\GDIPFONTCACHEV1.DAT
[18/09/2006|18:20] C:\DOCUME~1\Patrice\APPLIC~1\Google
[10/03/2006|18:24] C:\DOCUME~1\Patrice\APPLIC~1\Help
[01/07/2008|19:44] C:\DOCUME~1\Patrice\APPLIC~1\Icone
[11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Identities
[30/01/2008|22:04] C:\DOCUME~1\Patrice\APPLIC~1\InstallShield
[10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Leadertech
[19/08/2007|17:36] C:\DOCUME~1\Patrice\APPLIC~1\LEGO Company
[31/08/2007|18:05] C:\DOCUME~1\Patrice\APPLIC~1\Macromedia
[14/09/2007|19:10] C:\DOCUME~1\Patrice\APPLIC~1\Microsoft
[10/03/2006|20:15] C:\DOCUME~1\Patrice\APPLIC~1\MSN Search Toolbar
[10/03/2006|18:27] C:\DOCUME~1\Patrice\APPLIC~1\MSNInstaller
[04/07/2008|20:47] C:\DOCUME~1\Patrice\APPLIC~1\PlayFirst
[10/03/2006|22:53] C:\DOCUME~1\Patrice\APPLIC~1\Real
[05/09/2006|23:57] C:\DOCUME~1\Patrice\APPLIC~1\SecuROM
[10/05/2006|14:00] C:\DOCUME~1\Patrice\APPLIC~1\SendPix
[10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Sonic
[10/03/2006|16:50] C:\DOCUME~1\Patrice\APPLIC~1\Sun
[21/02/2008|21:27] C:\DOCUME~1\Patrice\APPLIC~1\Super-Cow
[20/08/2008|12:34] C:\DOCUME~1\Patrice\APPLIC~1\Symantec
[17/03/2006|19:50] C:\DOCUME~1\Patrice\APPLIC~1\yahoo!
[10/03/2006|16:54] C:\DOCUME~1\Patrice\APPLIC~1\You've Got Pictures Screensaver
[11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Zylom
[03/07/2006|14:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[15/03/2006|14:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/08/2008 20:12][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Patrice.job
[10/03/2006 17:13][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
[29/08/2008 15:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/02/2007|19:03] C:\Program Files\3B Software
[01/07/2007|16:59] C:\Program Files\Adibou et ses amis
[29/04/2008|12:19] C:\Program Files\Adobe
[10/03/2006|16:46] C:\Program Files\AMD
[10/03/2006|17:52] C:\Program Files\AOL 9.0
[10/03/2006|16:54] C:\Program Files\AOL Compagnon
[10/03/2006|18:35] C:\Program Files\ArcSoft
[30/01/2008|22:07] C:\Program Files\Avanquest update
[16/07/2008|12:23] C:\Program Files\Beach Soccer
[05/09/2006|23:57] C:\Program Files\BoontyGames
[10/03/2006|18:13] C:\Program Files\Canon
[26/11/2006|12:54] C:\Program Files\Chicken Invaders 2
[25/05/2006|14:32] C:\Program Files\Chicken Invaders 2 Fran‡ais
[30/01/2008|22:05] C:\Program Files\Common Files
[16/08/2004|19:05] C:\Program Files\ComPlus Applications
[10/03/2006|19:40] C:\Program Files\CosmoSoftware
[02/11/2006|10:31] C:\Program Files\CyberLink
[02/11/2006|10:31] C:\Program Files\CyberLink DVD Solution
[10/03/2006|18:46] C:\Program Files\directx
[07/07/2008|22:26] C:\Program Files\DVD Shrink
[11/07/2008|18:44] C:\Program Files\eMule
[04/01/2007|17:52] C:\Program Files\EPSON
[20/08/2008|12:31] C:\Program Files\Fichiers communs
[02/07/2007|17:38] C:\Program Files\Google
[04/07/2008|17:12] C:\Program Files\Icone
[29/08/2008|17:53] C:\Program Files\InstallShield Installation Information
[15/08/2007|11:36] C:\Program Files\InterActual
[18/08/2008|18:16] C:\Program Files\Internet Explorer
[23/08/2006|13:54] C:\Program Files\Java
[15/03/2006|15:36] C:\Program Files\K-Lite Codec Pack
[10/03/2006|19:11] C:\Program Files\Larousse
[10/03/2006|16:54] C:\Program Files\Learn2.com
[04/07/2008|17:12] C:\Program Files\LETMIN
[18/08/2008|18:15] C:\Program Files\Messenger
[11/07/2008|16:06] C:\Program Files\Messenger Plus! Live
[15/09/2007|19:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[16/08/2004|19:11] C:\Program Files\microsoft frontpage
[17/03/2006|13:37] C:\Program Files\Microsoft Money
[07/03/2008|12:21] C:\Program Files\microsoft office
[10/03/2006|17:02] C:\Program Files\Microsoft Visual Studio
[17/03/2006|13:35] C:\Program Files\Microsoft Works
[17/03/2006|13:32] C:\Program Files\Microsoft Works Suite 2003
[07/02/2008|16:31] C:\Program Files\monAlbumPhoto
[30/01/2008|22:06] C:\Program Files\Motorola Phone Tools
[14/07/2007|14:59] C:\Program Files\Movie Maker
[10/03/2006|18:27] C:\Program Files\MSN
[19/08/2008|21:19] C:\Program Files\MSN Games
[16/08/2004|19:03] C:\Program Files\MSN Gaming Zone
[11/07/2008|16:06] C:\Program Files\MSN Messenger
[10/03/2006|20:10] C:\Program Files\MSN Toolbar Suite
[19/11/2006|21:37] C:\Program Files\MSXML 4.0
[26/08/2008|19:17] C:\Program Files\Navilog1
[16/08/2004|19:06] C:\Program Files\NetMeeting
[20/08/2008|12:32] C:\Program Files\Norton Internet Security
[16/08/2004|19:03] C:\Program Files\Online Services
[13/06/2007|23:40] C:\Program Files\Outlook Express
[10/05/2006|13:55] C:\Program Files\PixDiscount
[10/03/2006|16:54] C:\Program Files\QuickTime
[10/03/2006|16:54] C:\Program Files\Real
[10/06/2006|19:14] C:\Program Files\ReflexiveArcade
[20/03/2006|22:29] C:\Program Files\RM-X Player V3
[23/04/2007|19:24] C:\Program Files\SAGEM
[29/08/2008|17:54] C:\Program Files\SCi
[18/04/2007|10:16] C:\Program Files\Securitoo
[16/08/2004|19:07] C:\Program Files\Services en ligne
[08/01/2008|16:12] C:\Program Files\Skyline
[19/08/2008|21:17] C:\Program Files\Sonic
[23/08/2008|22:32] C:\Program Files\Spybot - Search & Destroy
[20/08/2008|12:32] C:\Program Files\Symantec
[05/09/2006|23:57] C:\Program Files\T‚l‚chargeur de Tomb Raider - Legend
[24/08/2008|17:03] C:\Program Files\Trend Micro
[16/08/2004|19:19] C:\Program Files\Uninstall Information
[10/08/2004|00:30] C:\Program Files\Uninstall_CDS.exe
[20/08/2008|12:19] C:\Program Files\Up Creative Skip
[11/07/2008|16:06] C:\Program Files\Windows Live
[23/02/2007|15:10] C:\Program Files\Windows Media Connect 2
[23/02/2007|15:10] C:\Program Files\Windows Media Player
[16/08/2004|19:03] C:\Program Files\Windows NT
[20/08/2008|12:31] C:\Program Files\Windows Sidebar
[16/08/2004|19:07] C:\Program Files\WindowsUpdate
[16/08/2004|19:11] C:\Program Files\xerox
[17/03/2006|19:50] C:\Program Files\Yahoo!
[28/08/2008|12:16] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[10/03/2006|22:57] C:\Program Files\Fichiers communs\Adobe
[10/03/2006|16:54] C:\Program Files\Fichiers communs\AOL
[10/03/2006|16:54] C:\Program Files\Fichiers communs\aolshare
[10/03/2006|17:02] C:\Program Files\Fichiers communs\Designer
[04/01/2007|17:56] C:\Program Files\Fichiers communs\InstallShield
[10/03/2006|16:50] C:\Program Files\Fichiers communs\Java
[19/08/2008|21:31] C:\Program Files\Fichiers communs\Microsoft Shared
[30/01/2008|22:05] C:\Program Files\Fichiers communs\Motorola Shared
[16/08/2004|19:06] C:\Program Files\Fichiers communs\MSSoap
[10/03/2006|16:54] C:\Program Files\Fichiers communs\Nullsoft
[16/08/2004|18:57] C:\Program Files\Fichiers communs\ODBC
[10/03/2006|17:00] C:\Program Files\Fichiers communs\Real
[16/08/2004|19:06] C:\Program Files\Fichiers communs\Services
[10/03/2006|19:46] C:\Program Files\Fichiers communs\snpp202
[10/03/2006|17:03] C:\Program Files\Fichiers communs\Sonic Shared
[16/08/2004|18:56] C:\Program Files\Fichiers communs\SpeechEngines
[29/08/2008|22:24] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|23:40] C:\Program Files\Fichiers communs\System
[10/03/2006|17:00] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 45 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Patrice\Cookies\patrice@advertstream[2].txt
C:\DOCUME~1\Patrice\Cookies\patrice@advertising[2].txt
C:\DOCUME~1\Patrice\Cookies\patrice@adopt.euroclick[2].txt
C:\DOCUME~1\Patrice\Cookies\patrice@2xmoinscher[2].txt
C:\DOCUME~1\Patrice\Cookies\patrice@www.2xmoinscher[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-29 22:32:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip
[F:189][D:5]-> C:\DOCUME~1\Patrice\LOCALS~1\Temp
[F:465][D:0]-> C:\DOCUME~1\Patrice\Cookies
[F:13891][D:38]-> C:\DOCUME~1\Patrice\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 22:34:37
Rapport HJT que j'ai redemandé parce que quand j'ai lancé les fix il m'a deux ou trois questions en anglais et je ne suis pas sûre d'avoir bien répondu...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:36:18, on 29/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.c [...] x_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/cl [...] .2.0.6.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 10448 bytes
MERCI BOCOUUUUUU pour votre aide
Re,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
- Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
- Afin de lancer la recherche, clic sur"Rechercher".
- Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
AIDE : Tuto en images sur MBAM
Répondre à Angeldark
Re,
Voici le rapport : il y avait 4 fichiers infectés
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1062
Windows 5.1.2600 Service Pack 2
13:34:29 31/08/2008
mbam-log-08-31-2008 (13-34-29).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 151752
Temps écoulé: 2 hour(s), 25 minute(s), 6 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP883\A0098744.dll (Adware.2020Search) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP883\A0098752.dll (Adware.Shopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP891\A0101951.exe (BHO.Baidu) -> Quarantined and deleted successfully.
Par contre, maintenant mon ordi est long a allumer et la page MSN longue à arriver : depuis que j'ai allumé en mode sans échec....
Est-ce normal ?
Merci
| Citation : Est-ce normal ? |
Pas lié à un virus je pense.
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:59:52, on 31/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.c [...] x_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/cl [...] .2.0.6.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 10342 bytes
Re,
Supprime ce dossier :
C:\Program Files\Up Creative Skip
Fix la ligne dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe |
Message édité par Angeldark le 31-08-2008 à 22:00:31
Répondre à Angeldark
Merci pour tout, mon ordi a l'air de bien se porter.
Encore merci pour le temps que tu m'as accordé... et bravo !!!
Bon surf.
Répondre à Angeldark
Bonsoir,
Deux mois plus tard, j'ai l'impression que mon ordi redevient lent et m'envoie de temps en temps des pages de pub.
Voici le rapport Hijackthis, peux-tu y jeter un oeil STP, et bien évidemment si tu as le temps.
Merci bocou
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:31:45, on 02/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/cl [...] .2.0.6.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 10375 bytes
Il y a 324 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
