Pub intempestives et +
Dernière réponse : dans Sécurité
Bonsoir,
J'ai des pubs intempestives (mozilla et internet explorer) et une alerte sécurité windows : impossible d'activer les mises à jour automatiques. J'ai fait un scan ad-aware et spybot mais rien n'y fait.
Voici donc mon rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:39, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Documents and Settings\Propriétaire\lsass.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [msig] C:\WINDOWS\diskk.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Propriétaire\lsass.exe
O4 - HKLM\..\Run: [a8e66432] rundll32.exe "C:\WINDOWS\system32\qtosshvk.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: pmhtcj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 10147 bytes
Merci d'avance et bonne soirée.
J'ai des pubs intempestives (mozilla et internet explorer) et une alerte sécurité windows : impossible d'activer les mises à jour automatiques. J'ai fait un scan ad-aware et spybot mais rien n'y fait.
Voici donc mon rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:39, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Documents and Settings\Propriétaire\lsass.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [msig] C:\WINDOWS\diskk.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Propriétaire\lsass.exe
O4 - HKLM\..\Run: [a8e66432] rundll32.exe "C:\WINDOWS\system32\qtosshvk.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: pmhtcj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 10147 bytes
Merci d'avance et bonne soirée.
Autres pages sur : pub intempestives
Lassé par la pub ? Créez un compte
Bonjour,
[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
Bonjour,
Voici le rapport ComboFix, à noter je ne suis pas arriver à désactiver mon antivirus (impossible de l'ouvrir) :
ComboFix 08-10-12.01 - Propriétaire 2008-10-14 16:46:22.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.620 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Propriétaire\lsass.exe
C:\Program Files\winpop
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\system32\awtqqqrO.dll
C:\WINDOWS\system32\bybpugou.dll
C:\WINDOWS\system32\ddcDuTNe.dll
C:\WINDOWS\system32\eNTuDcdd.ini
C:\WINDOWS\system32\eNTuDcdd.ini2
C:\WINDOWS\system32\hgGaxyAs.dll
C:\WINDOWS\system32\hgGvtULf.dll
C:\WINDOWS\system32\ioysdr.dll
C:\WINDOWS\system32\kvhssotq.ini
C:\WINDOWS\system32\mlJCSjki.dll
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pmhtcj.dll
C:\WINDOWS\system32\qtosshvk.dll
C:\WINDOWS\system32\sqmmdrva.ini
C:\WINDOWS\system32\ytewgatg.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-14 au 2008-10-14 ))))))))))))))))))))))))))))))))))))
.
2008-10-13 21:41 . 2008-10-13 21:41 <REP> d-------- C:\Program Files\Trend Micro
2008-10-13 13:13 . 2008-10-13 20:37 <REP> d--hs---- C:\WINDOWS\UHJvcHJp6XRhaXJl
2008-10-13 13:13 . 2008-10-13 13:13 <REP> d-------- C:\WINDOWS\system32\zp
2008-10-13 13:13 . 2008-10-13 20:37 <REP> d-------- C:\WINDOWS\system32\mci
2008-10-13 13:12 . 2008-10-13 13:12 <REP> d-------- C:\WINDOWS\system32\EV02
2008-10-13 13:12 . 2008-10-13 13:12 <REP> d-------- C:\Temp\xp34
2008-10-12 12:58 . 2008-10-12 13:20 4,681,504,768 --a------ C:\SAV_2.ISO
2008-10-12 12:56 . 2008-10-12 12:56 <REP> d-------- C:\Program Files\DVD Shrink
2008-10-12 12:56 . 2008-10-12 12:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-14 14:15 --------- d-----w C:\Program Files\lx_cats
2008-10-13 20:44 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\vmntoolbar
2008-10-12 11:41 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\dvdcss
2008-10-10 05:10 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-10-09 14:36 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\SolidWorks
2008-09-09 16:25 --------- d-----w C:\Program Files\Free Audio Pack
2008-09-02 15:07 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\FileZilla
2008-08-18 09:10 --------- d-----w C:\Program Files\SolidWorks
2008-08-14 19:00 --------- d-----w C:\Program Files\PokerStars
2008-01-12 18:51 2,395 ----a-w C:\Documents and Settings\Propriétaire\Application Data\SAS7_000.DAT
2006-12-26 19:29 23,488,648 ----a-w C:\Program Files\AdbeRdr708_fr_FR.exe
2007-03-08 07:46 88 --sh--r C:\WINDOWS\system32\6273CCC898.sys
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-03-08 07:51 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2005-07-29 14:24 472 --sha-r C:\WINDOWS\UHJvcHJp6XRhaXJl\oJLSwJLDdrl1urL5.vbs
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 7110656]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-08-02 86016]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2002-09-13 212992]
"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2004-10-04 1196032]
"SSC_UserPrompt"="C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-10 218240]
"EPSON Stylus CX6400"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE" [2003-09-12 99840]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2006-04-04 71304]
"IS CfgWiz"="C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe" [2003-09-09 125784]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe" [2004-01-27 70760]
"Advanced Tools Check"="C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE" [2003-08-20 74896]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2006-12-24 100056]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 282624]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-12-31 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 200704]
"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [2007-01-11 291760]
"EzPrint"="C:\Program Files\Lexmark 2400 Series\ezprint.exe" [2006-12-11 82864]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2006-12-11 295856]
"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-11-21 106496]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2005-08-02 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"= 1 (0x1)
"AllowUnhashedWebView"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=pmhtcj.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Ask Harrap's Shorter.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Ask Harrap's Shorter.lnk
backup=C:\WINDOWS\pss\Ask Harrap's Shorter.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Register.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Register.lnk
backup=C:\WINDOWS\pss\Register.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Wallpaper Changer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wallpaper Changer.lnk
backup=C:\WINDOWS\pss\Wallpaper Changer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^MagicDisc.lnk]
path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\MagicDisc.lnk
backup=C:\WINDOWS\pss\MagicDisc.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2006-10-30 10:36 256576 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odebit Multimedia V3]
--a------ 2007-02-04 20:58 1833984 C:\Program Files\Odebit Multimédia\V3\Odebit.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odebit Multimedia V3 - Services]
--a------ 2007-02-04 20:58 1833984 C:\Program Files\Odebit Multimédia\V3\Odebit.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2007-06-18 15:10 271360 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe"=
"C:\\Valve\\Steam\\steamapps\\clemxxm\\counter-strike\\hl.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Valve\\Steam\\steamapps\\clemxxm\\condition zero\\hl.exe"=
"C:\\Program Files\\Odebit Multimédia\\V3\\Odebit.exe"=
"C:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe"=
"C:\\WINDOWS\\system32\\lxcrcoms.exe"=
"C:\\Program Files\\Codemasters\\Race Driver 3\\RD3.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\FileZilla Client\\filezilla.exe"=
"C:\\Program Files\\TmNationsForever\\TmForever.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 35328]
S3 USBVSP;USBVSP;C:\WINDOWS\system32\drivers\Usbvsp.sys [2002-11-11 89856]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42ac6baa-9aa6-11db-bab1-0013d4585249}]
\Shell\Auto\command - M:\Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df8d5556-de1c-11db-990a-0013d4585249}]
\Shell\Auto\command - fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe
.
Contenu du dossier 'Tâches planifiées'
2008-10-14 C:\WINDOWS\Tasks\Symantec NetDetect.job
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{0A43AB64-3AB7-46C5-9FF5-5F718367B9E3} - C:\WINDOWS\system32\hgGaxyAs.dll
BHO-{2759601F-B194-4E8A-8579-05DB7FE721E4} - C:\WINDOWS\system32\ddcDuTNe.dll
BHO-{a11f0221-322c-4cd3-a9b1-b0eca99635e9} - C:\WINDOWS\system32\pmhtcj.dll
HKLM-Run-a8e66432 - C:\WINDOWS\system32\qtosshvk.dll
HKLM-Run-POEngine - (no file)
ShellExecuteHooks-{0A43AB64-3AB7-46C5-9FF5-5F718367B9E3} - C:\WINDOWS\system32\hgGaxyAs.dll
Notify-WgaLogon - (no file)
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\63pft1yl.default\
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-14 16:54:09
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Fichiers communs\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCPROXY.EXE
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NAVAPSVC.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dwwin.exe
.
**************************************************************************
.
Heure de fin: 2008-10-14 17:12:52 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-14 15:12:50
Avant-CF: 45 293 416 448 octets libres
Après-CF: 49,294,082,048 octets libres
246 --- E O F --- 2008-10-14 15:04:55
Merci d'avance et bonne soirée.
Voici le rapport ComboFix, à noter je ne suis pas arriver à désactiver mon antivirus (impossible de l'ouvrir) :
ComboFix 08-10-12.01 - Propriétaire 2008-10-14 16:46:22.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.620 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Propriétaire\lsass.exe
C:\Program Files\winpop
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\system32\awtqqqrO.dll
C:\WINDOWS\system32\bybpugou.dll
C:\WINDOWS\system32\ddcDuTNe.dll
C:\WINDOWS\system32\eNTuDcdd.ini
C:\WINDOWS\system32\eNTuDcdd.ini2
C:\WINDOWS\system32\hgGaxyAs.dll
C:\WINDOWS\system32\hgGvtULf.dll
C:\WINDOWS\system32\ioysdr.dll
C:\WINDOWS\system32\kvhssotq.ini
C:\WINDOWS\system32\mlJCSjki.dll
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pmhtcj.dll
C:\WINDOWS\system32\qtosshvk.dll
C:\WINDOWS\system32\sqmmdrva.ini
C:\WINDOWS\system32\ytewgatg.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-14 au 2008-10-14 ))))))))))))))))))))))))))))))))))))
.
2008-10-13 21:41 . 2008-10-13 21:41 <REP> d-------- C:\Program Files\Trend Micro
2008-10-13 13:13 . 2008-10-13 20:37 <REP> d--hs---- C:\WINDOWS\UHJvcHJp6XRhaXJl
2008-10-13 13:13 . 2008-10-13 13:13 <REP> d-------- C:\WINDOWS\system32\zp
2008-10-13 13:13 . 2008-10-13 20:37 <REP> d-------- C:\WINDOWS\system32\mci
2008-10-13 13:12 . 2008-10-13 13:12 <REP> d-------- C:\WINDOWS\system32\EV02
2008-10-13 13:12 . 2008-10-13 13:12 <REP> d-------- C:\Temp\xp34
2008-10-12 12:58 . 2008-10-12 13:20 4,681,504,768 --a------ C:\SAV_2.ISO
2008-10-12 12:56 . 2008-10-12 12:56 <REP> d-------- C:\Program Files\DVD Shrink
2008-10-12 12:56 . 2008-10-12 12:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-14 14:15 --------- d-----w C:\Program Files\lx_cats
2008-10-13 20:44 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\vmntoolbar
2008-10-12 11:41 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\dvdcss
2008-10-10 05:10 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-10-09 14:36 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\SolidWorks
2008-09-09 16:25 --------- d-----w C:\Program Files\Free Audio Pack
2008-09-02 15:07 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\FileZilla
2008-08-18 09:10 --------- d-----w C:\Program Files\SolidWorks
2008-08-14 19:00 --------- d-----w C:\Program Files\PokerStars
2008-01-12 18:51 2,395 ----a-w C:\Documents and Settings\Propriétaire\Application Data\SAS7_000.DAT
2006-12-26 19:29 23,488,648 ----a-w C:\Program Files\AdbeRdr708_fr_FR.exe
2007-03-08 07:46 88 --sh--r C:\WINDOWS\system32\6273CCC898.sys
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-03-08 07:51 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2005-07-29 14:24 472 --sha-r C:\WINDOWS\UHJvcHJp6XRhaXJl\oJLSwJLDdrl1urL5.vbs
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 7110656]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-08-02 86016]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2002-09-13 212992]
"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2004-10-04 1196032]
"SSC_UserPrompt"="C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-10 218240]
"EPSON Stylus CX6400"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE" [2003-09-12 99840]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2006-04-04 71304]
"IS CfgWiz"="C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe" [2003-09-09 125784]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe" [2004-01-27 70760]
"Advanced Tools Check"="C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE" [2003-08-20 74896]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2006-12-24 100056]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 282624]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-12-31 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 200704]
"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [2007-01-11 291760]
"EzPrint"="C:\Program Files\Lexmark 2400 Series\ezprint.exe" [2006-12-11 82864]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2006-12-11 295856]
"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-11-21 106496]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2005-08-02 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"= 1 (0x1)
"AllowUnhashedWebView"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=pmhtcj.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Ask Harrap's Shorter.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Ask Harrap's Shorter.lnk
backup=C:\WINDOWS\pss\Ask Harrap's Shorter.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Register.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Register.lnk
backup=C:\WINDOWS\pss\Register.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Wallpaper Changer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wallpaper Changer.lnk
backup=C:\WINDOWS\pss\Wallpaper Changer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^MagicDisc.lnk]
path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\MagicDisc.lnk
backup=C:\WINDOWS\pss\MagicDisc.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2006-10-30 10:36 256576 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odebit Multimedia V3]
--a------ 2007-02-04 20:58 1833984 C:\Program Files\Odebit Multimédia\V3\Odebit.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odebit Multimedia V3 - Services]
--a------ 2007-02-04 20:58 1833984 C:\Program Files\Odebit Multimédia\V3\Odebit.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2007-06-18 15:10 271360 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe"=
"C:\\Valve\\Steam\\steamapps\\clemxxm\\counter-strike\\hl.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Valve\\Steam\\steamapps\\clemxxm\\condition zero\\hl.exe"=
"C:\\Program Files\\Odebit Multimédia\\V3\\Odebit.exe"=
"C:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe"=
"C:\\WINDOWS\\system32\\lxcrcoms.exe"=
"C:\\Program Files\\Codemasters\\Race Driver 3\\RD3.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\FileZilla Client\\filezilla.exe"=
"C:\\Program Files\\TmNationsForever\\TmForever.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 35328]
S3 USBVSP;USBVSP;C:\WINDOWS\system32\drivers\Usbvsp.sys [2002-11-11 89856]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42ac6baa-9aa6-11db-bab1-0013d4585249}]
\Shell\Auto\command - M:\Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df8d5556-de1c-11db-990a-0013d4585249}]
\Shell\Auto\command - fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe
.
Contenu du dossier 'Tâches planifiées'
2008-10-14 C:\WINDOWS\Tasks\Symantec NetDetect.job
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{0A43AB64-3AB7-46C5-9FF5-5F718367B9E3} - C:\WINDOWS\system32\hgGaxyAs.dll
BHO-{2759601F-B194-4E8A-8579-05DB7FE721E4} - C:\WINDOWS\system32\ddcDuTNe.dll
BHO-{a11f0221-322c-4cd3-a9b1-b0eca99635e9} - C:\WINDOWS\system32\pmhtcj.dll
HKLM-Run-a8e66432 - C:\WINDOWS\system32\qtosshvk.dll
HKLM-Run-POEngine - (no file)
ShellExecuteHooks-{0A43AB64-3AB7-46C5-9FF5-5F718367B9E3} - C:\WINDOWS\system32\hgGaxyAs.dll
Notify-WgaLogon - (no file)
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\63pft1yl.default\
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-14 16:54:09
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Fichiers communs\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCPROXY.EXE
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NAVAPSVC.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dwwin.exe
.
**************************************************************************
.
Heure de fin: 2008-10-14 17:12:52 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-14 15:12:50
Avant-CF: 45 293 416 448 octets libres
Après-CF: 49,294,082,048 octets libres
246 --- E O F --- 2008-10-14 15:04:55
Merci d'avance et bonne soirée.
Re,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Bonsoir, merci pour votre aide.
Voici le rapport, j'ai supprimer du log les 3000 fichiers infectés par un casino, voici le reste du rapport :
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1268
Windows 5.1.2600 Service Pack 2
14/10/2008 19:29:55
mbam-log-2008-10-14 (19-29-49).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 223638
Temps écoulé: 1 hour(s), 4 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 432
Fichier(s) infecté(s): 3566
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\WINDOWS\system32\bybpugou.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ioysdr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\pmhtcj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\qtosshvk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ytewgatg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP911\A0202480.dll (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP911\A0202482.exe (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP911\A0202483.exe (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0204980.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0204995.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0204996.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205006.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205007.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205030.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205031.dll (Adware.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205032.exe (Adware.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205074.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205078.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205081.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205082.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205084.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zp\ZPU560I.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
Merci d'avance et bonne soirée.
Voici le rapport, j'ai supprimer du log les 3000 fichiers infectés par un casino, voici le reste du rapport :
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1268
Windows 5.1.2600 Service Pack 2
14/10/2008 19:29:55
mbam-log-2008-10-14 (19-29-49).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 223638
Temps écoulé: 1 hour(s), 4 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 432
Fichier(s) infecté(s): 3566
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\WINDOWS\system32\bybpugou.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ioysdr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\pmhtcj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\qtosshvk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ytewgatg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP911\A0202480.dll (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP911\A0202482.exe (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP911\A0202483.exe (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0204980.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0204995.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0204996.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205006.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205007.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205030.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205031.dll (Adware.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP989\A0205032.exe (Adware.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205074.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205078.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205081.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205082.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66B27AFA-1DD5-482A-8E3B-FFD6BB9D3FC4}\RP990\A0205084.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zp\ZPU560I.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
Merci d'avance et bonne soirée.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:57:56, on 14/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: pmhtcj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 9890 bytes
Scan saved at 19:57:56, on 14/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: pmhtcj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 9890 bytes
Re,
Télécharge Toolbar-S&D ([#ff0000]Team IDN[/#ff]) sur ton Bureau.
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de Toolbar-S&D.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré. (C:\TB.txt)
Télécharge Toolbar-S&D ([#ff0000]Team IDN[/#ff]) sur ton Bureau.
Re,
-----------\\ ToolBar S&D 1.2.2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3700+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 2004 (Not Activated)
Firewall : Norton Internet Security Professional 2004 (Not Activated)
C:\ (Local Disk) - NTFS - Total : 182 Go Free : 46 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go
J:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go
K:\ (CD or DVD)
L:\ (USB)
"C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
Option : [1] ( 14/10/2008|20:45 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_dark.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_green.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_white.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_red.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_red2.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\background2.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bgmeteo_results.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_close.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_minus.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_moreforecast.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab1_7.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab1_7b.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\img1_6.cfg
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt10628609
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1099265
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1152921
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt11680796
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt12852078
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt13709281
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt14468375
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt164484
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt17704765
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt17910359
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1812531
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt18375546
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt20058109
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt20973968
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt217578
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt22037390
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt23517890
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt25121218
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt25904140
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt3095171
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt31398453
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt32368734
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34066515
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34566703
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt3814015
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt4448546
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt47331921
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt47413656
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt48437843
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt533859
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt5968078
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt6188125
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7015671
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7826234
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7989906
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt861656
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt9336968
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt935562
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt9955984
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rssmenu1_6.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo1.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo10.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo11.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo12.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo13.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo14.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo15.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo16.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo17.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo18.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo19.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo2.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo20.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo3.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo4.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo5.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo6.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo7.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo8.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo9.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabdata.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Thumbs.db
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\userbadsites.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\yahoo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\zoom.bmp
C:\Program Files\VMNToolbar
C:\Program Files\VMNToolbar\install.ico
C:\Program Files\VMNToolbar\toolbar.ini
C:\Program Files\VMNToolbar\uninstall.exe
C:\Program Files\VMNToolbar\vmntoolbar.dll
C:\WINDOWS\iun6002.exe
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 14/10/2008|20:46 - Option : [1]
-----------\\ Fin du rapport a 20:46:58,53
-----------\\ ToolBar S&D 1.2.2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3700+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 2004 (Not Activated)
Firewall : Norton Internet Security Professional 2004 (Not Activated)
C:\ (Local Disk) - NTFS - Total : 182 Go Free : 46 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go
J:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go
K:\ (CD or DVD)
L:\ (USB)
"C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
Option : [1] ( 14/10/2008|20:45 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_dark.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_green.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_white.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_red.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_red2.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\background2.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bgmeteo_results.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_close.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_minus.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_moreforecast.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab1_7.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab1_7b.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\img1_6.cfg
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt10628609
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1099265
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1152921
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt11680796
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt12852078
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt13709281
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt14468375
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt164484
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt17704765
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt17910359
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1812531
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt18375546
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt20058109
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt20973968
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt217578
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt22037390
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt23517890
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt25121218
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt25904140
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt3095171
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt31398453
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt32368734
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34066515
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34566703
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt3814015
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt4448546
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt47331921
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt47413656
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt48437843
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt533859
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt5968078
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt6188125
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7015671
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7826234
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7989906
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt861656
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt9336968
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt935562
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt9955984
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rssmenu1_6.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo1.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo10.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo11.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo12.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo13.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo14.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo15.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo16.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo17.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo18.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo19.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo2.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo20.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo3.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo4.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo5.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo6.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo7.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo8.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo9.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabdata.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Thumbs.db
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\userbadsites.txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\yahoo.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\zoom.bmp
C:\Program Files\VMNToolbar
C:\Program Files\VMNToolbar\install.ico
C:\Program Files\VMNToolbar\toolbar.ini
C:\Program Files\VMNToolbar\uninstall.exe
C:\Program Files\VMNToolbar\vmntoolbar.dll
C:\WINDOWS\iun6002.exe
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 14/10/2008|20:46 - Option : [1]
-----------\\ Fin du rapport a 20:46:58,53
Re,
-----------\\ ToolBar S&D 1.2.2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3700+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 2004 (Not Activated)
Firewall : Norton Internet Security Professional 2004 (Not Activated)
C:\ (Local Disk) - NTFS - Total : 182 Go Free : 46 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go
J:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go
K:\ (CD or DVD)
L:\ (USB)
"C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
Option : [2] ( 14/10/2008|21:02 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_dark.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_green.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_white.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_red.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_red2.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\background2.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bgmeteo_results.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_close.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_minus.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_moreforecast.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab1_7.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\img1_6.cfg
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt10628609
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1099265
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1152921
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt11680796
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt12852078
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt13709281
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt14468375
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt164484
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt17704765
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt17910359
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1812531
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt18375546
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt20058109
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt20973968
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt217578
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt22037390
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt23517890
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt25121218
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt25904140
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt3095171
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt31398453
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt32368734
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34066515
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34566703
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt3814015
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt4448546
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt47331921
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt47413656
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt48437843
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt533859
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt5968078
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt6188125
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7015671
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7826234
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7989906
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt861656
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt9336968
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt935562
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt9955984
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rssmenu1_6.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo1.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo10.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo11.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo12.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo13.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo14.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo15.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo16.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo17.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo18.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo19.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo2.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo20.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo3.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo4.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo5.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo6.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo7.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo8.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo9.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabdata.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Thumbs.db
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\userbadsites.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\yahoo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\Program Files\VMNToolbar\install.ico
Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
Supprime! - C:\Program Files\VMNToolbar\vmntoolbar.dll
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar
Supprime! - C:\Program Files\VMNToolbar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 14/10/2008|20:46 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 14/10/2008|21:09 - Option : [2]
-----------\\ Fin du rapport a 21:09:39,64
-----------\\ ToolBar S&D 1.2.2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3700+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 2004 (Not Activated)
Firewall : Norton Internet Security Professional 2004 (Not Activated)
C:\ (Local Disk) - NTFS - Total : 182 Go Free : 46 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go
J:\ (CD or DVD) - UDF - Total : 4 Go Free : 0 Go
K:\ (CD or DVD)
L:\ (USB)
"C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
Option : [2] ( 14/10/2008|21:02 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_dark.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_green.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\1px_white.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_red.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_red2.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\background2.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bgmeteo_results.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_close.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_minus.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\btn_moreforecast.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab1_7.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\img1_6.cfg
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt10628609
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1099265
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1152921
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt11680796
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt12852078
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt13709281
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt14468375
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt164484
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt17704765
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt17910359
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt1812531
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt18375546
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt20058109
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt20973968
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt217578
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt22037390
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt23517890
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt25121218
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt25904140
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt3095171
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt31398453
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt32368734
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34066515
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34566703
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt3814015
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt4448546
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt47331921
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt47413656
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt48437843
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt533859
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt5968078
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt6188125
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7015671
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7826234
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt7989906
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt861656
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt9336968
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt935562
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt9955984
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rssmenu1_6.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo1.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo10.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo11.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo12.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo13.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo14.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo15.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo16.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo17.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo18.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo19.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo2.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo20.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo3.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo4.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo5.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo6.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo7.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo8.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Sinfo9.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabdata.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\Thumbs.db
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\userbadsites.txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\yahoo.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\Program Files\VMNToolbar\install.ico
Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
Supprime! - C:\Program Files\VMNToolbar\vmntoolbar.dll
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\VMNToolbar
Supprime! - C:\Program Files\VMNToolbar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 14/10/2008|20:46 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 14/10/2008|21:09 - Option : [2]
-----------\\ Fin du rapport a 21:09:39,64
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:57, on 14/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: pmhtcj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 9575 bytes
Scan saved at 21:36:57, on 14/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: pmhtcj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 9575 bytes
Ton pc se comporte mieux ?
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Bonjour,
Le problème a disparu.
Merci beaucoup pour l'aide et le temps passé.
Bonne journée.
Rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:19:00, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: pmhtcj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 10203 bytes
Le problème a disparu.
Merci beaucoup pour l'aide et le temps passé.
Bonne journée.
Rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:19:00, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: pmhtcj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 10203 bytes
Ok.
Fix la ligne dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
Fix la ligne dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
O20 - AppInit_DLLs: pmhtcj.dll
Re,
C'est fait.
Nouveau rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:50, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 10124 bytes
C'est fait.
Nouveau rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:50, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 10124 bytes
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumSpy secureet pub intempestives
- ForumPub intempestives inter.explo vista
- ForumOnglets de pub intempestives sur chrome
- ForumPub intempestives avec mozilla
- ForumOuvertures de page de pub intempestives
- ForumPub intempestives mozilla firefox
- ForumPub intempestives pub sonore virus
- articlesPub intempestives mozilla
- ForumOuverture fenetre pub intempestives
- ForumFirefox fenetres pub intempestives
- Voir plus
