aider moi svp
Forum Sécurité - Virus : aider moi svp
Salut je ne sais pas tro dans kel forum m'adresser alor jdemande ici
depuis quelque temp mon ordi est tres lent et des fenetres publicitaire internet s'ouvre toute seule
j'en ai parle autour de moi et quelqu'un m'a dit que le problemme venait de la grande quantité de musique stoquée sur mon disque dur j'utilise i tunes et possede 10 giga de musique environpourtant lorsque je consute la capacite du disque dur je m'apersoi qu'il reste enormement d'espace libre
est ce que kelkun pourai m'aider a resoudre ce probleme
pensser vous aussi que cela vient de la musique? est ce un virus?
merci d'avance
Message édité par lom_07 le 27-08-2008 à 18:49:34
Tu peux écrire en français ?
Répondre à Angeldark
oui excuser moi c'est une une facheuse habitude .
je me réexplique : donc; mon ordinateure est très lent et des fenetre internet s'ouvrent toute seules, norton m'indique pourtant aucun virus ni problemme particulier. Je me suis alor renseigner et quelqun m'a dit que cela pouvait venir de la grande quantité de musique (10go)presente sur mon ordinateure. je voulait donc savoir si le probleme venait efectivement de ma musique ou si il y avait une autre cause . pouver vous m'aider?
bonne soirée
Message édité par lom_07 le 27-08-2008 à 19:56:32
salut,ta musique stocké n'a rien à voir avec le problème,as tu fait un nettoyage contre les spywares,genre Ad-aware ou Spybot?
Répondre à cbone
merci de votre rapiditée je suis heureux d'aprendre que je vais pouvoir gardé ma musique
oui mon pere a executer spy bot et aparament cela n'a pas changer grand chose au probleme...
On peut voir si tu es infecté.
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Répondre à Angeldark
merci beaucoup
je procederai demin car je n'ai plus le temp ce soir
merci encore . et j'espere a demin!
bonne fin de soirée
Bonjour.
voila le rapport de hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:02:47, on 28/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Link Road.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [regs remote] C:\DOCUME~1\lomig\APPLIC~1\2BODY~1\Seek Mail.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Compaq_Propriétaire')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Compaq_Propriétaire')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 (User 'Compaq_Propriétaire')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden (User 'Compaq_Propriétaire')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1008\..\Run: [regs remote] C:\DOCUME~1\COMPAQ~1\APPLIC~1\2BODY~1\Seek Mail.exe (User 'Compaq_Propriétaire')
O4 - HKUS\S-1-5-21-2467794096-1380120373-2375025980-1011\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'solenn')
O4 - S-1-5-21-2467794096-1380120373-2375025980-1008 Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe (User 'Compaq_Propriétaire')
O4 - S-1-5-21-2467794096-1380120373-2375025980-1008 User Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe (User 'Compaq_Propriétaire')
O4 - S-1-5-21-2467794096-1380120373-2375025980-1011 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'solenn')
O4 - S-1-5-21-2467794096-1380120373-2375025980-1011 User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'solenn')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] xmk879YYFR
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/s [...] Plugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: crawley - {8bbe40fd-0416-4c3f-80ea-0c7ad5fb1aab} - C:\WINDOWS\system32\igpfced.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 16800 bytes
merci de votre aide
Message édité par lom_07 le 28-08-2008 à 18:15:55
Re,
Télécharge Lop S&D.exe (Eric_71) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de LopS&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Répondre à Angeldark
salut merci de votre attention
voila le rapport
--------------------\\ Lop S&D 4.2.3-6 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : BIOS Ver: A7225NH5 V3.13 07/18/06 14:31:38
USER : lomig ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
Option : [1] ( 28/08/2008|20:42 )
--------------------\\ Listing des dossiers dans APPLIC~1
[23/05/2007|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/12/2007|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[08/03/2008|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/08/2008|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[03/01/2006|03:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[13/09/2006|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DataViz
[23/11/2004|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[15/09/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/01/2006|03:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[13/09/2006|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotSync
[03/01/2006|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[26/08/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[26/08/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[03/01/2006|03:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[24/05/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[24/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[01/08/2008|12:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[23/08/2008|15:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/07/2008|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[02/02/2007|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[06/02/2008|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PferdeHof
[25/09/2006|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[03/01/2006|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[02/01/2007|14:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/01/2006|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[21/06/2007|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[22/08/2008|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[25/05/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[22/08/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[02/09/2006|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[11/09/2006|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/08/2007|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[17/11/2007|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/08/2008|16:12] C:\DOCUME~1\COMPAQ~1\APPLIC~1\2 body
[27/05/2008|21:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe
[11/01/2008|10:04] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM
[05/06/2008|19:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer
[16/11/2006|23:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Creative
[22/01/2008|18:12] C:\DOCUME~1\COMPAQ~1\APPLIC~1\CyberLink
[23/11/2004|17:13] C:\DOCUME~1\COMPAQ~1\APPLIC~1\desktop.ini
[02/05/2007|18:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DivX
[02/09/2006|17:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\EPSON
[23/10/2007|22:45] C:\DOCUME~1\COMPAQ~1\APPLIC~1\GDIPFONTCACHEV1.DAT
[13/09/2007|18:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google
[21/11/2007|16:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help
[13/09/2006|17:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HotSync
[06/03/2008|17:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HP
[02/09/2006|16:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HPQ
[29/05/2008|15:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ICQ Toolbar
[27/10/2005|00:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities
[13/09/2006|17:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech
[02/09/2006|16:38] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia
[05/06/2008|23:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft
[11/09/2006|19:35] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft Web Folders
[15/11/2007|23:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Mozilla
[03/01/2006|03:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Real
[28/08/2008|20:35] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Skype
[28/05/2007|15:01] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic
[03/09/2006|12:22] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun
[05/11/2007|12:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec
[29/05/2007|23:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\TaoUSign
[07/02/2008|17:16] C:\DOCUME~1\COMPAQ~1\APPLIC~1\U3
[16/09/2007|11:45] C:\DOCUME~1\COMPAQ~1\APPLIC~1\vlc
[28/09/2007|18:35] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Windows Desktop Search
[23/11/2004|17:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/10/2005|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/01/2006|03:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/01/2006|03:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[03/01/2006|03:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[12/10/2007|21:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/08/2008|16:32] C:\DOCUME~1\lomig\APPLIC~1\2 body
[27/05/2008|20:01] C:\DOCUME~1\lomig\APPLIC~1\Adobe
[12/11/2006|14:23] C:\DOCUME~1\lomig\APPLIC~1\AdobeUM
[10/07/2008|19:55] C:\DOCUME~1\lomig\APPLIC~1\Apple Computer
[22/09/2006|20:17] C:\DOCUME~1\lomig\APPLIC~1\Creative
[12/11/2006|12:17] C:\DOCUME~1\lomig\APPLIC~1\CyberLink
[23/11/2004|17:13] C:\DOCUME~1\lomig\APPLIC~1\desktop.ini
[29/04/2007|18:39] C:\DOCUME~1\lomig\APPLIC~1\DivX
[01/06/2008|11:22] C:\DOCUME~1\lomig\APPLIC~1\dvdcss
[09/12/2007|11:52] C:\DOCUME~1\lomig\APPLIC~1\EPSON
[22/08/2008|19:26] C:\DOCUME~1\lomig\APPLIC~1\Fit3DLive
[20/02/2007|20:22] C:\DOCUME~1\lomig\APPLIC~1\GDIPFONTCACHEV1.DAT
[14/09/2007|19:14] C:\DOCUME~1\lomig\APPLIC~1\Google
[09/09/2006|17:55] C:\DOCUME~1\lomig\APPLIC~1\Help
[13/09/2006|18:53] C:\DOCUME~1\lomig\APPLIC~1\HotSync
[22/10/2006|12:18] C:\DOCUME~1\lomig\APPLIC~1\HP
[12/11/2006|14:51] C:\DOCUME~1\lomig\APPLIC~1\HPQ
[10/07/2008|21:52] C:\DOCUME~1\lomig\APPLIC~1\ICQ
[21/05/2008|17:36] C:\DOCUME~1\lomig\APPLIC~1\ICQ Toolbar
[27/10/2005|00:34] C:\DOCUME~1\lomig\APPLIC~1\Identities
[03/10/2007|17:14] C:\DOCUME~1\lomig\APPLIC~1\InstallShield
[26/08/2008|12:46] C:\DOCUME~1\lomig\APPLIC~1\InstallShield Installation Information
[12/11/2006|12:27] C:\DOCUME~1\lomig\APPLIC~1\Leadertech
[05/09/2006|20:28] C:\DOCUME~1\lomig\APPLIC~1\Macromedia
[22/05/2008|16:23] C:\DOCUME~1\lomig\APPLIC~1\Microsoft
[29/04/2007|18:40] C:\DOCUME~1\lomig\APPLIC~1\Mozilla
[20/07/2008|20:53] C:\DOCUME~1\lomig\APPLIC~1\NCH Swift Sound
[25/05/2007|19:18] C:\DOCUME~1\lomig\APPLIC~1\PlayFirst
[06/09/2006|17:08] C:\DOCUME~1\lomig\APPLIC~1\Real
[20/07/2008|19:34] C:\DOCUME~1\lomig\APPLIC~1\Samsung
[04/07/2008|13:10] C:\DOCUME~1\lomig\APPLIC~1\Skype
[12/11/2006|12:27] C:\DOCUME~1\lomig\APPLIC~1\Sonic
[17/09/2006|20:02] C:\DOCUME~1\lomig\APPLIC~1\Sun
[05/11/2007|21:22] C:\DOCUME~1\lomig\APPLIC~1\Symantec
[12/09/2007|17:27] C:\DOCUME~1\lomig\APPLIC~1\vlc
[28/09/2007|20:11] C:\DOCUME~1\lomig\APPLIC~1\Windows Desktop Search
[16/12/2006|13:22] C:\DOCUME~1\lomig\APPLIC~1\Xfire
[26/01/2008|10:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/08/2008|11:38] C:\DOCUME~1\solenn\APPLIC~1\2 body
[28/05/2008|14:29] C:\DOCUME~1\solenn\APPLIC~1\Adobe
[08/11/2006|11:11] C:\DOCUME~1\solenn\APPLIC~1\AdobeUM
[24/05/2008|22:53] C:\DOCUME~1\solenn\APPLIC~1\Apple Computer
[07/11/2006|19:49] C:\DOCUME~1\solenn\APPLIC~1\Creative
[08/11/2006|10:39] C:\DOCUME~1\solenn\APPLIC~1\CyberLink
[23/11/2004|17:13] C:\DOCUME~1\solenn\APPLIC~1\desktop.ini
[15/06/2007|21:04] C:\DOCUME~1\solenn\APPLIC~1\DivX
[08/12/2007|16:29] C:\DOCUME~1\solenn\APPLIC~1\EPSON
[23/08/2008|20:22] C:\DOCUME~1\solenn\APPLIC~1\Fit3DLive
[28/02/2007|13:27] C:\DOCUME~1\solenn\APPLIC~1\GDIPFONTCACHEV1.DAT
[15/09/2007|12:50] C:\DOCUME~1\solenn\APPLIC~1\Google
[03/11/2007|20:29] C:\DOCUME~1\solenn\APPLIC~1\Help
[16/10/2006|22:41] C:\DOCUME~1\solenn\APPLIC~1\HotSync
[24/05/2008|18:39] C:\DOCUME~1\solenn\APPLIC~1\HP
[02/11/2006|18:55] C:\DOCUME~1\solenn\APPLIC~1\HPQ
[07/05/2008|20:28] C:\DOCUME~1\solenn\APPLIC~1\ICQ
[31/01/2008|16:00] C:\DOCUME~1\solenn\APPLIC~1\ICQ Toolbar
[27/10/2005|00:34] C:\DOCUME~1\solenn\APPLIC~1\Identities
[01/09/2007|10:50] C:\DOCUME~1\solenn\APPLIC~1\Leadertech
[24/08/2008|13:09] C:\DOCUME~1\solenn\APPLIC~1\LimeWire
[16/10/2006|22:48] C:\DOCUME~1\solenn\APPLIC~1\Macromedia
[06/06/2008|19:14] C:\DOCUME~1\solenn\APPLIC~1\Microsoft
[18/11/2007|20:15] C:\DOCUME~1\solenn\APPLIC~1\Mozilla
[21/11/2006|18:48] C:\DOCUME~1\solenn\APPLIC~1\Real
[01/09/2007|10:50] C:\DOCUME~1\solenn\APPLIC~1\Sonic
[02/11/2006|13:37] C:\DOCUME~1\solenn\APPLIC~1\Sun
[05/11/2007|13:51] C:\DOCUME~1\solenn\APPLIC~1\Symantec
[22/09/2007|16:47] C:\DOCUME~1\solenn\APPLIC~1\vlc
[28/09/2007|17:37] C:\DOCUME~1\solenn\APPLIC~1\Windows Desktop Search
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[28/08/2008 20:00][--ah-----] C:\WINDOWS\tasks\A83AE62A91859D4A.job
[25/08/2008 23:41][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Compaq_Propri‚taire.job
[23/08/2008 15:29][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[28/08/2008 20:23][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[27/08/2008 16:36][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
[28/08/2008 08:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
( A83AE62A91859D4A.job )=( c:\docume~1\solenn\applic~1\2body~1\sitegreythunk.exe )
--------------------\\ MsgPlus SPONSOR INSTALLED !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"
"SponsorInstalled"=dword:00000000
--------------------\\ Listing des dossiers dans C:\Program Files
[01/08/2008|11:37] C:\Program Files\2 body
[22/10/2007|20:34] C:\Program Files\Adobe
[02/09/2006|16:38] C:\Program Files\Alice
[07/11/2007|19:35] C:\Program Files\Asthme Academy
[21/01/2007|15:00] C:\Program Files\Audacity
[09/11/2007|18:59] C:\Program Files\Audible
[30/04/2008|18:55] C:\Program Files\CDBreton
[01/08/2008|11:37] C:\Program Files\Circle Developement
[20/10/2005|21:06] C:\Program Files\ComPlus Applications
[19/02/2007|21:07] C:\Program Files\Core Design
[19/02/2007|18:19] C:\Program Files\Creative
[22/09/2006|19:13] C:\Program Files\Creative Installation Information
[03/01/2006|03:27] C:\Program Files\CyberLink
[02/12/2006|13:01] C:\Program Files\directx
[02/06/2008|20:21] C:\Program Files\DivX
[13/09/2006|18:02] C:\Program Files\Documents To Go
[21/04/2008|17:42] C:\Program Files\Droppix
[02/09/2006|17:17] C:\Program Files\EPSON
[05/06/2008|16:34] C:\Program Files\Fichiers communs
[22/09/2007|11:26] C:\Program Files\Fight for Kisses
[13/09/2006|18:57] C:\Program Files\FunWebProducts
[13/09/2007|18:07] C:\Program Files\Google
[03/01/2006|03:37] C:\Program Files\Hewlett-Packard
[04/06/2008|13:45] C:\Program Files\Hip Interactive
[03/01/2006|03:26] C:\Program Files\HP
[27/08/2008|19:42] C:\Program Files\ICQ6
[04/04/2008|18:35] C:\Program Files\ICQToolbar
[21/04/2008|17:48] C:\Program Files\illiminable
[26/08/2008|13:48] C:\Program Files\IncrediMail
[20/07/2008|19:09] C:\Program Files\InstallShield Installation Information
[22/08/2008|16:05] C:\Program Files\Internet Explorer
[08/03/2008|17:01] C:\Program Files\iPod
[08/03/2008|17:01] C:\Program Files\iTunes
[25/10/2007|14:36] C:\Program Files\Java
[17/05/2008|13:48] C:\Program Files\JS World
[25/09/2006|20:15] C:\Program Files\Kodak
[01/08/2008|13:45] C:\Program Files\LimeWire
[03/09/2006|11:19] C:\Program Files\Logitech
[22/08/2008|16:06] C:\Program Files\Messenger
[01/08/2008|11:37] C:\Program Files\Messenger Plus! Live
[01/08/2008|11:28] C:\Program Files\MessengerPlus! 3
[29/08/2007|22:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[11/09/2006|19:35] C:\Program Files\microsoft frontpage
[11/09/2006|19:36] C:\Program Files\Microsoft Office
[24/01/2007|09:17] C:\Program Files\Microsoft Picture It! PhotoPub
[27/09/2007|19:36] C:\Program Files\Microsoft SQL Server Compact Edition
[03/01/2006|03:29] C:\Program Files\Microsoft Works
[27/10/2005|00:36] C:\Program Files\Movie Maker
[28/08/2008|19:33] C:\Program Files\Mozilla Firefox
[04/09/2006|19:44] C:\Program Files\MSN
[27/10/2005|00:36] C:\Program Files\MSN Gaming Zone
[01/08/2008|11:37] C:\Program Files\MSN Messenger
[19/11/2006|04:01] C:\Program Files\MSXML 4.0
[06/02/2008|14:40] C:\Program Files\MyEstate
[20/07/2008|20:53] C:\Program Files\NCH Swift Sound
[25/08/2008|15:51] C:\Program Files\NEC
[23/06/2007|16:25] C:\Program Files\NetMeeting
[05/06/2008|16:35] C:\Program Files\Norton Internet Security
[25/05/2007|19:18] C:\Program Files\Oberon Media
[27/10/2005|00:36] C:\Program Files\Online Services
[13/06/2007|23:30] C:\Program Files\Outlook Express
[13/09/2006|18:30] C:\Program Files\palmOne
[03/01/2006|03:35] C:\Program Files\PC-Doctor 5 for Windows
[20/03/2008|18:07] C:\Program Files\QuickTime
[03/01/2006|03:24] C:\Program Files\Real
[20/07/2008|19:08] C:\Program Files\Samsung
[03/01/2006|03:39] C:\Program Files\Services en ligne
[02/01/2007|14:12] C:\Program Files\Skype
[03/01/2006|03:25] C:\Program Files\Sonic
[21/06/2007|19:56] C:\Program Files\Spybot - Search & Destroy
[05/06/2008|16:35] C:\Program Files\Symantec
[02/09/2006|16:38] C:\Program Files\TechCity Solutions
[15/07/2008|13:02] C:\Program Files\TmNationsForever
[28/08/2008|09:56] C:\Program Files\Trend Micro
[22/06/2007|18:30] C:\Program Files\TryMedia
[20/10/2005|21:06] C:\Program Files\Uninstall Information
[12/09/2007|17:26] C:\Program Files\VideoLAN
[10/07/2007|11:30] C:\Program Files\warcraft iii
[27/09/2007|19:36] C:\Program Files\Windows Desktop Search
[28/02/2008|01:35] C:\Program Files\Windows Live
[02/11/2007|23:53] C:\Program Files\Windows Live Toolbar
[09/03/2007|20:15] C:\Program Files\Windows Media Connect 2
[07/02/2008|16:40] C:\Program Files\Windows Media Player
[27/10/2005|00:36] C:\Program Files\Windows NT
[05/06/2008|16:34] C:\Program Files\Windows Sidebar
[20/10/2005|21:05] C:\Program Files\WindowsUpdate
[22/10/2007|20:33] C:\Program Files\WinRAR
[27/10/2005|00:37] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/10/2007|20:34] C:\Program Files\Fichiers communs\Adobe
[06/12/2007|19:26] C:\Program Files\Fichiers communs\Apple
[21/09/2006|18:50] C:\Program Files\Fichiers communs\Creative
[13/09/2006|17:50] C:\Program Files\Fichiers communs\DataViz
[11/09/2006|19:31] C:\Program Files\Fichiers communs\Designer
[21/04/2008|17:47] C:\Program Files\Fichiers communs\Droppix
[03/01/2006|03:20] C:\Program Files\Fichiers communs\HP
[02/09/2006|17:15] C:\Program Files\Fichiers communs\InstallShield
[03/01/2006|03:05] C:\Program Files\Fichiers communs\Java
[25/09/2006|20:15] C:\Program Files\Fichiers communs\KODAK
[03/09/2006|11:18] C:\Program Files\Fichiers communs\Labtec
[21/04/2008|17:46] C:\Program Files\Fichiers communs\LightScribe
[11/06/2008|17:59] C:\Program Files\Fichiers communs\Microsoft Shared
[27/10/2005|00:35] C:\Program Files\Fichiers communs\MSSoap
[19/05/2007|13:34] C:\Program Files\Fichiers communs\Oberon Media
[27/10/2005|00:35] C:\Program Files\Fichiers communs\ODBC
[03/01/2006|03:24] C:\Program Files\Fichiers communs\Real
[27/10/2005|00:35] C:\Program Files\Fichiers communs\Services
[02/01/2007|14:12] C:\Program Files\Fichiers communs\Skype
[03/01/2006|03:24] C:\Program Files\Fichiers communs\Sonic Shared
[27/10/2005|00:35] C:\Program Files\Fichiers communs\SpeechEngines
[03/01/2006|03:25] C:\Program Files\Fichiers communs\SureThing Shared
[16/12/2006|10:01] C:\Program Files\Fichiers communs\SWF Studio
[28/08/2008|17:07] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|23:30] C:\Program Files\Fichiers communs\System
[03/01/2006|03:25] C:\Program Files\Fichiers communs\TiVo Shared
[17/11/2007|11:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/01/2006|03:24] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 89 Processus )
IEXPLORE.EXE ~ [PID:1808]
IEXPLORE.EXE ~ [PID:2064]
IEXPLORE.EXE ~ [PID:2392]
IEXPLORE.EXE ~ [PID:3352]
iexplore.exe ~ [PID:2192]
IEXPLORE.EXE ~ [PID:7196]
IEXPLORE.EXE ~ [PID:5952]
IEXPLORE.EXE ~ [PID:7252]
iexplore.exe ~ [PID:4864]
IEXPLORE.EXE ~ [PID:4740]
IEXPLORE.EXE ~ [PID:4952]
iexplore.exe ~ [PID:3092]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Joy Eggs.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Link Road.exe
C:\DOCUME~1\COMPAQ~1\APPLIC~1\2body~1
C:\DOCUME~1\COMPAQ~1\APPLIC~1\2body~1\Seek Mail.exe
C:\DOCUME~1\lomig\APPLIC~1\2body~1
C:\DOCUME~1\lomig\APPLIC~1\2body~1\Seek Mail.exe
C:\DOCUME~1\solenn\APPLIC~1\2body~1
C:\DOCUME~1\solenn\APPLIC~1\2body~1\hokvgqpg.exe
C:\DOCUME~1\solenn\APPLIC~1\2body~1\Objclosesecondtwo.exe
C:\DOCUME~1\solenn\APPLIC~1\2body~1\qohjmbrc.exe
C:\DOCUME~1\solenn\APPLIC~1\2body~1\Seek Mail.exe
C:\DOCUME~1\solenn\APPLIC~1\2body~1\site grey thunk.exe
C:\Program Files\2body~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\lomig\Cookies\lomig@www.adserver5[1].txt
C:\DOCUME~1\lomig\Cookies\lomig@advertising[1].txt
C:\DOCUME~1\lomig\Cookies\lomig@adopt.euroclick[1].txt
C:\DOCUME~1\lomig\Cookies\lomig@sr2.livemediasrv[1].txt
C:\DOCUME~1\lomig\Cookies\lomig@sr2.livemediasrv[2].txt
C:\DOCUME~1\lomig\Cookies\lomig@partypoker[2].txt
C:\WINDOWS\Tasks\A83AE62A91859D4A.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"regs remote"="C:\\DOCUME~1\\lomig\\APPLIC~1\\2BODY~1\\Seek Mail.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Link Road.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-28 20:43:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 9
--------------------\\ Recherche d'autres infections
C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf
C:\WINDOWS\System32\rldzdfy.dat
C:\WINDOWS\System32\rldzdfy_nav.dat
C:\WINDOWS\System32\rldzdfy_navps.dat
==> EGDACCESS <==
[F:1926][D:161]-> C:\DOCUME~1\lomig\LOCALS~1\Temp
[F:97][D:0]-> C:\DOCUME~1\lomig\Cookies
[F:2764][D:7]-> C:\DOCUME~1\lomig\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 20:45:52
bonne chance^^ et encore merci
Re,
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Répondre à Angeldark
et voila le rapport...
--------------------\\ Lop S&D 4.2.3-6 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : BIOS Ver: A7225NH5 V3.13 07/18/06 14:31:38
USER : lomig ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
Option : [2] ( 28/08/2008|21:25 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Joy Eggs.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Link Road.exe
Supprime! - C:\DOCUME~1\COMPAQ~1\APPLIC~1\2body~1\Seek Mail.exe
Supprime! - C:\DOCUME~1\lomig\APPLIC~1\2body~1\Seek Mail.exe
Supprime! - C:\DOCUME~1\solenn\APPLIC~1\2body~1\hokvgqpg.exe
Supprime! - C:\DOCUME~1\solenn\APPLIC~1\2body~1\Objclosesecondtwo.exe
Supprime! - C:\DOCUME~1\solenn\APPLIC~1\2body~1\qohjmbrc.exe
Supprime! - C:\DOCUME~1\solenn\APPLIC~1\2body~1\Seek Mail.exe
Supprime! - C:\DOCUME~1\solenn\APPLIC~1\2body~1\site grey thunk.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@www.adserver5[1].txt
Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@advertising[1].txt
Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@sr2.livemediasrv[1].txt
Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@sr2.livemediasrv[2].txt
Supprime! - C:\DOCUME~1\lomig\Cookies\lomig@partypoker[2].txt
Supprime! - C:\WINDOWS\Tasks\A83AE62A91859D4A.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Supprime! - C:\DOCUME~1\COMPAQ~1\APPLIC~1\2body~1
Supprime! - C:\DOCUME~1\lomig\APPLIC~1\2body~1
Supprime! - C:\DOCUME~1\solenn\APPLIC~1\2body~1
Supprime! - C:\Program Files\2body~1
Supprime! - C:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/05/2007|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/12/2007|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[08/03/2008|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/01/2006|03:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[13/09/2006|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DataViz
[23/11/2004|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[15/09/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/01/2006|03:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[13/09/2006|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotSync
[03/01/2006|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[26/08/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[26/08/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[03/01/2006|03:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[24/05/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[24/08/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[01/08/2008|12:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[23/08/2008|15:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/07/2008|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[02/02/2007|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[06/02/2008|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PferdeHof
[25/09/2006|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[03/01/2006|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[02/01/2007|14:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/01/2006|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[21/06/2007|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[22/08/2008|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[25/05/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[22/08/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[02/09/2006|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[11/09/2006|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/08/2007|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[17/11/2007|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[27/05/2008|21:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe
[11/01/2008|10:04] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM
[05/06/2008|19:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer
[16/11/2006|23:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Creative
[22/01/2008|18:12] C:\DOCUME~1\COMPAQ~1\APPLIC~1\CyberLink
[23/11/2004|17:13] C:\DOCUME~1\COMPAQ~1\APPLIC~1\desktop.ini
[02/05/2007|18:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DivX
[02/09/2006|17:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\EPSON
[23/10/2007|22:45] C:\DOCUME~1\COMPAQ~1\APPLIC~1\GDIPFONTCACHEV1.DAT
[13/09/2007|18:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google
[21/11/2007|16:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help
[13/09/2006|17:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HotSync
[06/03/2008|17:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HP
[02/09/2006|16:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\HPQ
[29/05/2008|15:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ICQ Toolbar
[27/10/2005|00:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities
[13/09/2006|17:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech
[02/09/2006|16:38] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia
[05/06/2008|23:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft
[11/09/2006|19:35] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft Web Folders
[15/11/2007|23:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Mozilla
[03/01/2006|03:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Real
[28/08/2008|21:20] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Skype
[28/05/2007|15:01] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic
[03/09/2006|12:22] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun
[05/11/2007|12:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec
[29/05/2007|23:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\TaoUSign
[07/02/2008|17:16] C:\DOCUME~1\COMPAQ~1\APPLIC~1\U3
[16/09/2007|11:45] C:\DOCUME~1\COMPAQ~1\APPLIC~1\vlc
[28/09/2007|18:35] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Windows Desktop Search
[23/11/2004|17:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/10/2005|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/01/2006|03:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/01/2006|03:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[03/01/2006|03:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[12/10/2007|21:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[27/05/2008|20:01] C:\DOCUME~1\lomig\APPLIC~1\Adobe
[12/11/2006|14:23] C:\DOCUME~1\lomig\APPLIC~1\AdobeUM
[10/07/2008|19:55] C:\DOCUME~1\lomig\APPLIC~1\Apple Computer
[22/09/2006|20:17] C:\DOCUME~1\lomig\APPLIC~1\Creative
[12/11/2006|12:17] C:\DOCUME~1\lomig\APPLIC~1\CyberLink
[23/11/2004|17:13] C:\DOCUME~1\lomig\APPLIC~1\desktop.ini
[29/04/2007|18:39] C:\DOCUME~1\lomig\APPLIC~1\DivX
[01/06/2008|11:22] C:\DOCUME~1\lomig\APPLIC~1\dvdcss
[09/12/2007|11:52] C:\DOCUME~1\lomig\APPLIC~1\EPSON
[22/08/2008|19:26] C:\DOCUME~1\lomig\APPLIC~1\Fit3DLive
[20/02/2007|20:22] C:\DOCUME~1\lomig\APPLIC~1\GDIPFONTCACHEV1.DAT
[14/09/2007|19:14] C:\DOCUME~1\lomig\APPLIC~1\Google
[09/09/2006|17:55] C:\DOCUME~1\lomig\APPLIC~1\Help
[13/09/2006|18:53] C:\DOCUME~1\lomig\APPLIC~1\HotSync
[22/10/2006|12:18] C:\DOCUME~1\lomig\APPLIC~1\HP
[12/11/2006|14:51] C:\DOCUME~1\lomig\APPLIC~1\HPQ
[10/07/2008|21:52] C:\DOCUME~1\lomig\APPLIC~1\ICQ
[21/05/2008|17:36] C:\DOCUME~1\lomig\APPLIC~1\ICQ Toolbar
[27/10/2005|00:34] C:\DOCUME~1\lomig\APPLIC~1\Identities
[03/10/2007|17:14] C:\DOCUME~1\lomig\APPLIC~1\InstallShield
[26/08/2008|12:46] C:\DOCUME~1\lomig\APPLIC~1\InstallShield Installation Information
[12/11/2006|12:27] C:\DOCUME~1\lomig\APPLIC~1\Leadertech
[05/09/2006|20:28] C:\DOCUME~1\lomig\APPLIC~1\Macromedia
[22/05/2008|16:23] C:\DOCUME~1\lomig\APPLIC~1\Microsoft
[29/04/2007|18:40] C:\DOCUME~1\lomig\APPLIC~1\Mozilla
[20/07/2008|20:53] C:\DOCUME~1\lomig\APPLIC~1\NCH Swift Sound
[25/05/2007|19:18] C:\DOCUME~1\lomig\APPLIC~1\PlayFirst
[06/09/2006|17:08] C:\DOCUME~1\lomig\APPLIC~1\Real
[20/07/2008|19:34] C:\DOCUME~1\lomig\APPLIC~1\Samsung
[04/07/2008|13:10] C:\DOCUME~1\lomig\APPLIC~1\Skype
[12/11/2006|12:27] C:\DOCUME~1\lomig\APPLIC~1\Sonic
[17/09/2006|20:02] C:\DOCUME~1\lomig\APPLIC~1\Sun
[05/11/2007|21:22] C:\DOCUME~1\lomig\APPLIC~1\Symantec
[12/09/2007|17:27] C:\DOCUME~1\lomig\APPLIC~1\vlc
[28/09/2007|20:11] C:\DOCUME~1\lomig\APPLIC~1\Windows Desktop Search
[16/12/2006|13:22] C:\DOCUME~1\lomig\APPLIC~1\Xfire
[26/01/2008|10:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[28/05/2008|14:29] C:\DOCUME~1\solenn\APPLIC~1\Adobe
[08/11/2006|11:11] C:\DOCUME~1\solenn\APPLIC~1\AdobeUM
[24/05/2008|22:53] C:\DOCUME~1\solenn\APPLIC~1\Apple Computer
[07/11/2006|19:49] C:\DOCUME~1\solenn\APPLIC~1\Creative
[08/11/2006|10:39] C:\DOCUME~1\solenn\APPLIC~1\CyberLink
[23/11/2004|17:13] C:\DOCUME~1\solenn\APPLIC~1\desktop.ini
[15/06/2007|21:04] C:\DOCUME~1\solenn\APPLIC~1\DivX
[08/12/2007|16:29] C:\DOCUME~1\solenn\APPLIC~1\EPSON
[23/08/2008|20:22] C:\DOCUME~1\solenn\APPLIC~1\Fit3DLive
[28/02/2007|13:27] C:\DOCUME~1\solenn\APPLIC~1\GDIPFONTCACHEV1.DAT
[15/09/2007|12:50] C:\DOCUME~1\solenn\APPLIC~1\Google
[03/11/2007|20:29] C:\DOCUME~1\solenn\APPLIC~1\Help
[16/10/2006|22:41] C:\DOCUME~1\solenn\APPLIC~1\HotSync
[24/05/2008|18:39] C:\DOCUME~1\solenn\APPLIC~1\HP
[02/11/2006|18:55] C:\DOCUME~1\solenn\APPLIC~1\HPQ
[07/05/2008|20:28] C:\DOCUME~1\solenn\APPLIC~1\ICQ
[31/01/2008|16:00] C:\DOCUME~1\solenn\APPLIC~1\ICQ Toolbar
[27/10/2005|00:34] C:\DOCUME~1\solenn\APPLIC~1\Identities
[01/09/2007|10:50] C:\DOCUME~1\solenn\APPLIC~1\Leadertech
[24/08/2008|13:09] C:\DOCUME~1\solenn\APPLIC~1\LimeWire
[16/10/2006|22:48] C:\DOCUME~1\solenn\APPLIC~1\Macromedia
[06/06/2008|19:14] C:\DOCUME~1\solenn\APPLIC~1\Microsoft
[18/11/2007|20:15] C:\DOCUME~1\solenn\APPLIC~1\Mozilla
[21/11/2006|18:48] C:\DOCUME~1\solenn\APPLIC~1\Real
[01/09/2007|10:50] C:\DOCUME~1\solenn\APPLIC~1\Sonic
[02/11/2006|13:37] C:\DOCUME~1\solenn\APPLIC~1\Sun
[05/11/2007|13:51] C:\DOCUME~1\solenn\APPLIC~1\Symantec
[22/09/2007|16:47] C:\DOCUME~1\solenn\APPLIC~1\vlc
[28/09/2007|17:37] C:\DOCUME~1\solenn\APPLIC~1\Windows Desktop Search
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/08/2008 23:41][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Compaq_Propri‚taire.job
[23/08/2008 15:29][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[28/08/2008 21:23][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[27/08/2008 16:36][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
[28/08/2008 08:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ MsgPlus SPONSOR INSTALLED !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"SponsorInstalled"=dword:00000000
--------------------\\ Listing des dossiers dans C:\Program Files
[22/10/2007|20:34] C:\Program Files\Adobe
[02/09/2006|16:38] C:\Program Files\Alice
[07/11/2007|19:35] C:\Program Files\Asthme Academy
[21/01/2007|15:00] C:\Program Files\Audacity
[09/11/2007|18:59] C:\Program Files\Audible
[30/04/2008|18:55] C:\Program Files\CDBreton
[20/10/2005|21:06] C:\Program Files\ComPlus Applications
[19/02/2007|21:07] C:\Program Files\Core Design
[19/02/2007|18:19] C:\Program Files\Creative
[22/09/2006|19:13] C:\Program Files\Creative Installation Information
[03/01/2006|03:27] C:\Program Files\CyberLink
[02/12/2006|13:01] C:\Program Files\directx
[02/06/2008|20:21] C:\Program Files\DivX
[13/09/2006|18:02] C:\Program Files\Documents To Go
[21/04/2008|17:42] C:\Program Files\Droppix
[02/09/2006|17:17] C:\Program Files\EPSON
[05/06/2008|16:34] C:\Program Files\Fichiers communs
[22/09/2007|11:26] C:\Program Files\Fight for Kisses
[13/09/2006|18:57] C:\Program Files\FunWebProducts
[13/09/2007|18:07] C:\Program Files\Google
[03/01/2006|03:37] C:\Program Files\Hewlett-Packard
[04/06/2008|13:45] C:\Program Files\Hip Interactive
[03/01/2006|03:26] C:\Program Files\HP
[27/08/2008|19:42] C:\Program Files\ICQ6
[04/04/2008|18:35] C:\Program Files\ICQToolbar
[21/04/2008|17:48] C:\Program Files\illiminable
[26/08/2008|13:48] C:\Program Files\IncrediMail
[20/07/2008|19:09] C:\Program Files\InstallShield Installation Information
[22/08/2008|16:05] C:\Program Files\Internet Explorer
[08/03/2008|17:01] C:\Program Files\iPod
[08/03/2008|17:01] C:\Program Files\iTunes
[25/10/2007|14:36] C:\Program Files\Java
[17/05/2008|13:48] C:\Program Files\JS World
[25/09/2006|20:15] C:\Program Files\Kodak
[01/08/2008|13:45] C:\Program Files\LimeWire
[03/09/2006|11:19] C:\Program Files\Logitech
[22/08/2008|16:06] C:\Program Files\Messenger
[01/08/2008|11:37] C:\Program Files\Messenger Plus! Live
[01/08/2008|11:28] C:\Program Files\MessengerPlus! 3
[29/08/2007|22:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[11/09/2006|19:35] C:\Program Files\microsoft frontpage
[11/09/2006|19:36] C:\Program Files\Microsoft Office
[24/01/2007|09:17] C:\Program Files\Microsoft Picture It! PhotoPub
[27/09/2007|19:36] C:\Program Files\Microsoft SQL Server Compact Edition
[03/01/2006|03:29] C:\Program Files\Microsoft Works
[27/10/2005|00:36] C:\Program Files\Movie Maker
[28/08/2008|19:33] C:\Program Files\Mozilla Firefox
[04/09/2006|19:44] C:\Program Files\MSN
[27/10/2005|00:36] C:\Program Files\MSN Gaming Zone
[01/08/2008|11:37] C:\Program Files\MSN Messenger
[19/11/2006|04:01] C:\Program Files\MSXML 4.0
[06/02/2008|14:40] C:\Program Files\MyEstate
[20/07/2008|20:53] C:\Program Files\NCH Swift Sound
[25/08/2008|15:51] C:\Program Files\NEC
[23/06/2007|16:25] C:\Program Files\NetMeeting
[05/06/2008|16:35] C:\Program Files\Norton Internet Security
[25/05/2007|19:18] C:\Program Files\Oberon Media
[27/10/2005|00:36] C:\Program Files\Online Services
[13/06/2007|23:30] C:\Program Files\Outlook Express
[13/09/2006|18:30] C:\Program Files\palmOne
[03/01/2006|03:35] C:\Program Files\PC-Doctor 5 for Windows
[20/03/2008|18:07] C:\Program Files\QuickTime
[03/01/2006|03:24] C:\Program Files\Real
[20/07/2008|19:08] C:\Program Files\Samsung
[03/01/2006|03:39] C:\Program Files\Services en ligne
[02/01/2007|14:12] C:\Program Files\Skype
[03/01/2006|03:25] C:\Program Files\Sonic
[21/06/2007|19:56] C:\Program Files\Spybot - Search & Destroy
[05/06/2008|16:35] C:\Program Files\Symantec
[02/09/2006|16:38] C:\Program Files\TechCity Solutions
[15/07/2008|13:02] C:\Program Files\TmNationsForever
[28/08/2008|09:56] C:\Program Files\Trend Micro
[22/06/2007|18:30] C:\Program Files\TryMedia
[20/10/2005|21:06] C:\Program Files\Uninstall Information
[12/09/2007|17:26] C:\Program Files\VideoLAN
[10/07/2007|11:30] C:\Program Files\warcraft iii
[27/09/2007|19:36] C:\Program Files\Windows Desktop Search
[28/02/2008|01:35] C:\Program Files\Windows Live
[02/11/2007|23:53] C:\Program Files\Windows Live Toolbar
[09/03/2007|20:15] C:\Program Files\Windows Media Connect 2
[07/02/2008|16:40] C:\Program Files\Windows Media Player
[27/10/2005|00:36] C:\Program Files\Windows NT
[05/06/2008|16:34] C:\Program Files\Windows Sidebar
[20/10/2005|21:05] C:\Program Files\WindowsUpdate
[22/10/2007|20:33] C:\Program Files\WinRAR
[27/10/2005|00:37] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/10/2007|20:34] C:\Program Files\Fichiers communs\Adobe
[06/12/2007|19:26] C:\Program Files\Fichiers communs\Apple
[21/09/2006|18:50] C:\Program Files\Fichiers communs\Creative
[13/09/2006|17:50] C:\Program Files\Fichiers communs\DataViz
[11/09/2006|19:31] C:\Program Files\Fichiers communs\Designer
[21/04/2008|17:47] C:\Program Files\Fichiers communs\Droppix
[03/01/2006|03:20] C:\Program Files\Fichiers communs\HP
[02/09/2006|17:15] C:\Program Files\Fichiers communs\InstallShield
[03/01/2006|03:05] C:\Program Files\Fichiers communs\Java
[25/09/2006|20:15] C:\Program Files\Fichiers communs\KODAK
[03/09/2006|11:18] C:\Program Files\Fichiers communs\Labtec
[21/04/2008|17:46] C:\Program Files\Fichiers communs\LightScribe
[11/06/2008|17:59] C:\Program Files\Fichiers communs\Microsoft Shared
[27/10/2005|00:35] C:\Program Files\Fichiers communs\MSSoap
[19/05/2007|13:34] C:\Program Files\Fichiers communs\Oberon Media
[27/10/2005|00:35] C:\Program Files\Fichiers communs\ODBC
[03/01/2006|03:24] C:\Program Files\Fichiers communs\Real
[27/10/2005|00:35] C:\Program Files\Fichiers communs\Services
[02/01/2007|14:12] C:\Program Files\Fichiers communs\Skype
[03/01/2006|03:24] C:\Program Files\Fichiers communs\Sonic Shared
[27/10/2005|00:35] C:\Program Files\Fichiers communs\SpeechEngines
[03/01/2006|03:25] C:\Program Files\Fichiers communs\SureThing Shared
[16/12/2006|10:01] C:\Program Files\Fichiers communs\SWF Studio
[28/08/2008|17:07] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|23:30] C:\Program Files\Fichiers communs\System
[03/01/2006|03:25] C:\Program Files\Fichiers communs\TiVo Shared
[17/11/2007|11:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/01/2006|03:24] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 80 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-28 21:31:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 9
--------------------\\ Recherche d'autres infections
C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf
C:\WINDOWS\System32\rldzdfy.dat
C:\WINDOWS\System32\rldzdfy_nav.dat
C:\WINDOWS\System32\rldzdfy_navps.dat
==> EGDACCESS <==
[F:1926][D:161]-> C:\DOCUME~1\lomig\LOCALS~1\Temp
[F:106][D:0]-> C:\DOCUME~1\lomig\Cookies
[F:3161][D:7]-> C:\DOCUME~1\lomig\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 21:32:53
Re,
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 4 puis valide.
Il va te demander de saisir le nom de fichier. Saisie ce qui est en gras ci-dessous et rien d'autre puis valide :
rldzdfy
Retape le nom de fichier quand cela te sera demandé.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Répondre à Angeldark
bonjour
depuis hier mon ordi marche mieu merci encore
voila le rapport navilog:
Clean Navipromo version 3.6.5 commencé le 29/08/2008 à 14:02:47,10
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "lomig"
Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Mode suppression par méthode manuelle
Nom du fichier saisi : rldzdfy
Nettoyage exécuté au redémarrage de l'ordinateur
*** Recherche, création sauvegardes et suppression ***
* Suppression dans "C:\WINDOWS\system32" *
rldzdfy.dat trouvé !
Copie rldzdfy.dat réalisée avec succès !
rldzdfy.dat supprimé !
rldzdfy_nav.dat trouvé !
Copie rldzdfy_nav.dat réalisée avec succès !
rldzdfy_nav.dat supprimé !
rldzdfy_navps.dat trouvé !
Copie rldzdfy_navps.dat réalisée avec succès !
rldzdfy_navps.dat supprimé !
* Suppression dans "C:\Documents and Settings\lomig\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\COMPAQ~1\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\solenn\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\lomig\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\COMPAQ~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\solenn\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\lomig\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\COMPAQ~1\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\solenn\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\lomig\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\COMPAQ~1\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\solenn\menudm~1\progra~1" ***
*** Suppression fichiers ***
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\lomig\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
* Dans "C:\Documents and Settings\lomig\locals~1\applic~1" *
* Dans "C:\DOCUME~1\COMPAQ~1\locals~1\applic~1" *
* Dans "C:\DOCUME~1\solenn\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 29/08/2008 à 14:07:32,92 ***
puis le rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:07, on 29/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\NOTEPAD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] xmk879YYFR
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/s [...] Plugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: crawley - {8bbe40fd-0416-4c3f-80ea-0c7ad5fb1aab} - C:\WINDOWS\system32\igpfced.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 14791 bytes
Re,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
- Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
- Afin de lancer la recherche, clic sur"Rechercher".
- Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
AIDE : Tuto en images sur MBAM
Message édité par Angeldark le 30-08-2008 à 15:18:27
Répondre à Angeldark
voici le rapport malware desolé pour l'attente mais j'ai du m'absenter...
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1094
Windows 5.1.2600 Service Pack 2
20:26:01 29/08/2008
mbam-log-08-29-2008 (20-26-01).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 191469
Temps écoulé: 2 hour(s), 22 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 44
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 21
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8bbe40fd-0416-4c3f-80ea-0c7ad5fb1aab} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Security Plug-in (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Messenger Service (Trojan.Zlob) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\user32.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Cache\0004E2FA.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\0002C74D.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\0004E200.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\003950E9.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\0044EF95.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\00CCD4B4.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\0197E449.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\f3wallpp.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\wrkparam.lst (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MySignatureInsertBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MySignaturePreviewBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Favoris\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.
Reposte un rapport Hijackthis.
Répondre à Angeldark
vola
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:21:20, on 30/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/s [...] Plugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: crawley - {8bbe40fd-0416-4c3f-80ea-0c7ad5fb1aab} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 14825 bytes
bonne journée
Ton pc se comporte mieux ?
Répondre à Angeldark
oui c'est beaucoup mieux :il n'y a plus de fenetre internet recalcitrentes
et il est plus vif je pence que le probleme est resolu
merci enormement pour le temp que tu a consacré a mon problemme
Message édité par lom_07 le 30-08-2008 à 15:41:55
De rien 
Répondre à Angeldark
est ce que tu sais d'ou venai le problemme?
Plusieurs sources possibles : certaines programmes types MyWebSearch, cracks, XXX & co.
Répondre à Angeldark
ouai ok bein merci beaucoup
Il y a 2269 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
