un virus sûr, mais comment l'enlever [Resolu ]
Forum Sécurité - Virus : un virus sûr, mais comment l'enlever [Resolu ]
Salut voila je suis en plein réparation d'un pc viruser seulement je ne vois pas quoi y faire car je suis que novice dans cette discipline voilà un rapport hijackthis qui pourras certainement vous aider ( j'ai passer un coup de CCcleaner avant le rappor) .
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:05:20, on 28/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Labtec\Keyboard\V5.1\kbdap32a.exe
C:\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\lphcjcnj0e1e7.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Documents and Settings\BARRIE\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [OFFICEKB] C:\Labtec\Keyboard\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [RemoteControl] C:\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Frag Ooze Cash Scr] C:\Documents and Settings\All Users\Application Data\close poke frag ooze\play drive.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [lphcjcnj0e1e7] C:\WINDOWS\system32\lphcjcnj0e1e7.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 2657450718
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 9931 bytes
_____________________________________________________
S'il vous plait aidez moi merci
Message édité par PaRoLe-SaGe le 05-12-2008 à 13:34:00
Bonjour,
! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !
- Télécharge ComboFix (sUBs) sur ton Bureau.
- Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
- Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
Répondre à Angeldark
ComboFix 08-10-28.01 - BARRIE 2008-10-28 19:43:14.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.475 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\BARRIE\Bureau\ComboFix.exe
[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\blphcjcnj0e1e7.scr
C:\WINDOWS\system32\lphcjcnj0e1e7.exe
C:\WINDOWS\system32\phcjcnj0e1e7.bmp
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-28 ))))))))))))))))))))))))))))))))))))
.
2008-10-28 19:04 . 2008-10-28 19:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-10-28 19:01 . 2008-10-28 19:01 <REP> d-------- C:\Program Files\Yahoo!
2008-10-28 19:01 . 2008-10-28 19:01 <REP> d-------- C:\Program Files\CCleaner
2008-10-28 18:46 . 2008-10-28 18:46 <REP> d-------- C:\WINDOWS\system32\AlertModule
2008-10-28 18:46 . 2003-08-04 14:22 94,208 --a------ C:\WINDOWS\system32\W32n50.dll
2008-10-28 18:46 . 2004-08-23 14:49 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2008-10-28 18:46 . 2005-10-06 14:55 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2008-10-28 18:46 . 2004-08-23 14:50 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
2008-10-28 18:46 . 2003-08-04 14:22 16,128 --------- C:\WINDOWS\system32\PCANDIS5.SYS
2008-10-28 18:45 . 2008-10-28 18:50 <REP> d-------- C:\Program Files\Wanadoo
2008-10-28 18:43 . 2008-10-28 18:43 <REP> d-------- C:\Program Files\Securitoo
2008-10-28 18:43 . 2008-10-28 18:43 <REP> d-------- C:\Program Files\Inventel
2008-10-25 12:09 . 2008-10-28 09:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-25 12:09 . 2008-10-25 12:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-28 15:20 . 2004-08-03 22:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-09-28 15:20 . 2004-08-03 22:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-09-28 14:34 . 2008-09-28 14:34 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-09-28 14:34 . 2008-09-28 14:34 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-14 17:08 --------- d-----w C:\Documents and Settings\BARRIE\Application Data\cashuploadpoll
2008-10-08 16:00 --------- d-----w C:\Documents and Settings\BARRIE\Application Data\U3
2008-09-14 12:07 --------- d-----w C:\Program Files\eMule
2001-03-28 11:02 122,880 ----a-w C:\WINDOWS\inf\Agfa\message.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-16 68856]
"OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-02-08 95800]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OFFICEKB"="C:\Labtec\Keyboard\V5.1\kbdap32a.exe" [2008-02-11 387584]
"RemoteControl"="C:\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="C:\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 282624]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"Frag Ooze Cash Scr"="C:\Documents and Settings\All Users\Application Data\close poke frag ooze\play drive.exe" [2008-10-28 9882112]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 266497]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2006-04-20 421888]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
Microsoft Office.lnk - C:\Microsoft Office\Office\OSA9.EXE [2000-01-21 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18aa8764-ea97-11dc-9e47-001a9272adb0}]
\shell\Setup\command - setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18aa8765-ea97-11dc-9e47-001a9272adb0}]
\Shell\AutoRun\command - I:\start.exe
\Shell\FramaKey\command - I:\start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{61525d4a-8245-11dd-9f0e-001a9272adb0}]
\Shell\AutoRun\command - I:\start.exe
\Shell\FramaKey\command - I:\start.exe
*Newly Created Service* - PROCEXP90
*Newly Created Service* - RASAUTO
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {AF4B5161-1572-D354-812F-9B3D64DA203F} /qb
.
Contenu du dossier 'Tâches planifiées'
2008-10-28 C:\WINDOWS\Tasks\A7F69587919909B7.job
- c:\docume~1\barrie\applic~1\cashup~1\bendthirdbat.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-lphcjcnj0e1e7 - C:\WINDOWS\system32\lphcjcnj0e1e7.exe
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\BARRIE\Application Data\Mozilla\Firefox\Profiles\8n4kr8tt.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.orange.fr
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 19:44:05
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-10-28 19:44:45
ComboFix-quarantined-files.txt 2008-10-28 18:44:42
Avant-CF: 50,047,467,520 octets libres
Après-CF: 50,176,815,104 octets libres
120
Je suis rassurer il n'y a plus le probleme que sa leur faisais (un fond d'écran izard) a toi de me dire si c'est fini 
merci pour les réponses aussi rapide c'est super cool
Reposte un rapport Hijackthis.
Répondre à Angeldark
yeah j'aime bien ça en principe c'est que sa sent la fin je te fait sa sur le pc qui déconne et je te l'envoie merci encore
*****************************************************
Voilà le raport :
********************************************************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:23, on 28/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Labtec\Keyboard\V5.1\kbdap32a.exe
C:\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\BARRIE\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [OFFICEKB] C:\Labtec\Keyboard\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [RemoteControl] C:\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Frag Ooze Cash Scr] C:\Documents and Settings\All Users\Application Data\close poke frag ooze\play drive.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 2657450718
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 9728 bytes
Message édité par PaRoLe-SaGe le 28-10-2008 à 23:21:02
Répondre à PaRoLe-SaGe
Encore des soucis ?
Répondre à Angeldark
non sa a pas l'aire
Des questions ?
Répondre à Angeldark
tu pense que je devrais faire un scan en mode sans echec avec antivir ou est ce inutile??
Pas utile
Répondre à Angeldark
donc j'ai fini ok merci mec !!!!!!!!!!!!!!
toolcleaner pourrais servir a supprimer hijack et combofix ou inutile?? (c'est pas mon pc alors je veux leur rendre comme il été)
Ouaip c'est utile là.
Répondre à Angeldark
ok merci encore
je suis têtu et j'ai quand même fait un scan et antivir ma trouver un autre virus est ce grave??
Rapport ?
Répondre à Angeldark
tu veux un autre rapport hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:47:52, on 29/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Labtec\Keyboard\V5.1\kbdap32a.exe
C:\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\BARRIE\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [OFFICEKB] C:\Labtec\Keyboard\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [RemoteControl] C:\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Frag Ooze Cash Scr] C:\Documents and Settings\All Users\Application Data\close poke frag ooze\play drive.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 2657450718
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AE70E15-B988-42D5-8AE1-898E8C4B3B8D}: NameServer = 193.252.19.3,193.252.19.4
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 9698 bytes
Message édité par PaRoLe-SaGe le 29-10-2008 à 13:49:42
Répondre à PaRoLe-SaGe
Non le rapport AntiVir.
Répondre à Angeldark
ok je l'ai pas grarde mais pas grave sa le fait plus par contre ma cousqine son pc rame voila un rapport hijack si tu peu m'aider
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:29:59, on 29/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\WhenUSearch\Search.exe
C:\Program Files\WhenUSearch\whse.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Orange\LiveAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\journal\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b57176.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 11821 bytes
Re,
Télécharge Lop S&D.exe (Eric_71) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de LopS&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré (C:\lopR.txt*)
Répondre à Angeldark
ok je te ferais sa la prochaine foi
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : journal ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.7.1098 [VPS 081031-1] 4.7.1098 (Not Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 24/11/2008|18:22 )
--------------------\\ Listing des dossiers dans APPLIC~1
[28/10/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/08/2007|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[01/01/2004|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[31/08/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[20/07/2008|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
[23/11/2008|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[01/01/2004|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[01/01/2004|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[29/03/2008|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[08/08/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/02/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/04/2008|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[12/12/2004|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[17/05/2005|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2004|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[27/02/2005|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[08/08/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[18/06/2005|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[21/03/2007|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[09/08/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/02/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/01/2004|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[11/08/2008|09:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/01/2004|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/12/2004|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[09/02/2005|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[07/05/2007|14:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[08/12/2004|17:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[01/01/2004|14:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[20/02/2005|15:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
[16/12/2004|18:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[28/11/2004|10:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[30/07/2006|12:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[27/02/2005|18:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
[05/12/2004|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
[01/01/2004|18:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[16/12/2004|18:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[01/01/2004|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[17/01/2005|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[18/06/2005|13:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems
[06/09/2008|16:50] C:\DOCUME~1\journal\APPLIC~1\Adobe
[25/12/2006|01:36] C:\DOCUME~1\journal\APPLIC~1\AdobeUM
[09/11/2005|12:47] C:\DOCUME~1\journal\APPLIC~1\Alive! Jigsaw
[25/02/2007|14:18] C:\DOCUME~1\journal\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\journal\APPLIC~1\Apple Computer
[21/03/2008|21:05] C:\DOCUME~1\journal\APPLIC~1\Google
[24/08/2005|09:44] C:\DOCUME~1\journal\APPLIC~1\Help
[01/01/2004|14:06] C:\DOCUME~1\journal\APPLIC~1\Identities
[06/11/2005|10:36] C:\DOCUME~1\journal\APPLIC~1\InstallShield
[20/08/2005|11:19] C:\DOCUME~1\journal\APPLIC~1\Intervideo
[11/10/2006|20:48] C:\DOCUME~1\journal\APPLIC~1\Leadertech
[15/11/2008|12:22] C:\DOCUME~1\journal\APPLIC~1\LimeWire
[14/01/2007|11:55] C:\DOCUME~1\journal\APPLIC~1\Macromedia
[08/08/2007|13:01] C:\DOCUME~1\journal\APPLIC~1\Microsoft
[22/04/2008|17:36] C:\DOCUME~1\journal\APPLIC~1\Motive
[30/08/2008|10:50] C:\DOCUME~1\journal\APPLIC~1\Mozilla
[23/11/2008|14:50] C:\DOCUME~1\journal\APPLIC~1\OpenOffice.org2
[18/11/2007|19:19] C:\DOCUME~1\journal\APPLIC~1\Real
[01/01/2004|18:12] C:\DOCUME~1\journal\APPLIC~1\SampleView
[18/09/2005|18:39] C:\DOCUME~1\journal\APPLIC~1\Sonic
[01/01/2004|15:07] C:\DOCUME~1\journal\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\journal\APPLIC~1\Symantec
[20/07/2008|21:30] C:\DOCUME~1\journal\APPLIC~1\the send type
[07/11/2006|18:41] C:\DOCUME~1\journal\APPLIC~1\Ulead Systems
[17/02/2008|15:39] C:\DOCUME~1\journal\APPLIC~1\vlc
[21/03/2007|14:47] C:\DOCUME~1\journal\APPLIC~1\You've Got Pictures Screensaver
[09/08/2007|10:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2004|14:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[31/08/2008|15:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\Adobe
[01/04/2007|09:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\SANDRI~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\SANDRI~1\APPLIC~1\Intervideo
[13/08/2007|11:33] C:\DOCUME~1\SANDRI~1\APPLIC~1\Macromedia
[17/04/2008|11:27] C:\DOCUME~1\SANDRI~1\APPLIC~1\Microsoft
[17/06/2008|15:54] C:\DOCUME~1\SANDRI~1\APPLIC~1\Motive
[13/08/2007|11:28] C:\DOCUME~1\SANDRI~1\APPLIC~1\Mozilla
[01/01/2004|18:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\SANDRI~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\Symantec
[31/08/2008|15:00] C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/11/2008 18:44][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1102268630.job
[05/08/2004 11:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
[01/01/2004 21:08][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[24/11/2008 17:56][--ah-----] C:\WINDOWS\tasks\SA.DAT
--------------------\\ Listing des dossiers dans C:\Program Files
[06/11/2005|11:55] C:\Program Files\123 Free Puzzle
[28/10/2008|19:08] C:\Program Files\Adobe
[18/11/2007|19:20] C:\Program Files\AirStrike3D DEMO
[09/11/2005|12:48] C:\Program Files\All Ages Software
[08/08/2007|13:50] C:\Program Files\Alwil Software
[29/01/2006|18:10] C:\Program Files\Anuman Interactive
[18/11/2007|19:18] C:\Program Files\AOL 9.0
[18/11/2007|19:18] C:\Program Files\Blastorama Demo
[18/11/2007|11:16] C:\Program Files\BoundAround_Demo
[09/07/2007|20:19] C:\Program Files\Boxen 2 DEMO
[18/11/2007|11:16] C:\Program Files\BrickShooter Jr
[18/11/2007|19:19] C:\Program Files\Brossard
[26/11/2006|15:52] C:\Program Files\Bubble Frenzy
[25/12/2004|13:50] C:\Program Files\Canon
[18/11/2007|19:18] C:\Program Files\Car Thief
[18/11/2007|19:20] C:\Program Files\Controle Parental
[18/11/2007|19:16] C:\Program Files\Controle Parental(3)
[18/11/2007|19:03] C:\Program Files\Controle Parental(4)
[18/11/2007|11:16] C:\Program Files\cw3d
[28/11/2006|19:35] C:\Program Files\DigiFUN
[25/08/2008|11:35] C:\Program Files\directx
[18/11/2007|19:18] C:\Program Files\DreamQuest
[06/11/2005|19:08] C:\Program Files\EA GAMES
[08/08/2007|15:55] C:\Program Files\Easy Internet signup
[09/07/2007|20:11] C:\Program Files\EduProfix
[18/11/2007|19:18] C:\Program Files\ElastoMania111
[18/11/2007|19:17] C:\Program Files\Fashion Cents
[31/08/2006|12:56] C:\Program Files\FaxTools
[25/08/2008|11:37] C:\Program Files\Fichiers communs
[31/01/2006|19:20] C:\Program Files\Firaxis Games
[18/11/2007|19:20] C:\Program Files\GALLIMARD
[28/10/2008|19:11] C:\Program Files\Google
[11/11/2007|11:30] C:\Program Files\GrayMatter Innovations
[01/01/2004|17:57] C:\Program Files\Help and Support Additions
[01/01/2004|15:51] C:\Program Files\Hewlett-Packard
[25/01/2006|14:12] C:\Program Files\Homebrew Software
[01/01/2004|17:25] C:\Program Files\HP
[21/02/2008|15:11] C:\Program Files\id Software
[23/03/2008|12:37] C:\Program Files\IncrediMail
[18/11/2007|19:21] C:\Program Files\InetGet2
[19/01/2008|11:33] C:\Program Files\Insider
[28/10/2008|19:15] C:\Program Files\InstallShield Installation Information
[28/10/2008|19:14] C:\Program Files\InterActual
[02/09/2008|11:28] C:\Program Files\Internet Explorer
[07/08/2007|19:50] C:\Program Files\Inventel
[02/09/2008|11:07] C:\Program Files\Java
[23/03/2008|12:35] C:\Program Files\Jeune Styliste
[23/03/2008|12:36] C:\Program Files\Jeune Styliste 2
[18/11/2007|19:18] C:\Program Files\Jollyware
[18/11/2007|19:19] C:\Program Files\JrVetDemo
[23/03/2008|12:36] C:\Program Files\JS FashionMaker
[25/11/2006|14:55] C:\Program Files\Leeds Learning Color and Shapes
[22/11/2008|11:06] C:\Program Files\Lexmark X1100 Series
[19/09/2008|19:03] C:\Program Files\LimeWire
[29/03/2008|13:56] C:\Program Files\Logitech
[19/08/2007|20:40] C:\Program Files\Macrogaming
[06/11/2005|13:36] C:\Program Files\Maxis
[02/09/2008|11:35] C:\Program Files\Messenger
[22/12/2007|11:57] C:\Program Files\Messenger Plus! Live
[06/11/2005|19:28] C:\Program Files\Micro Application
[31/12/2004|15:23] C:\Program Files\Microsoft AutoRoute
[28/02/2008|13:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[18/11/2007|19:16] C:\Program Files\Microsoft Encarta
[01/01/2004|14:06] C:\Program Files\microsoft frontpage
[31/12/2004|15:22] C:\Program Files\Microsoft Money
[27/02/2005|18:41] C:\Program Files\Microsoft Office
[23/08/2007|22:03] C:\Program Files\Microsoft Picture It! 9
[31/12/2004|15:18] C:\Program Files\Microsoft Works
[28/12/2004|20:20] C:\Program Files\Microsoft Works Suite 2004
[02/09/2008|11:28] C:\Program Files\Movie Maker
[24/11/2008|18:16] C:\Program Files\Mozilla Firefox
[30/07/2006|12:54] C:\Program Files\MP3 Player Utilities
[25/11/2006|18:41] C:\Program Files\mpegable AVI
[26/08/2005|17:52] C:\Program Files\MSN
[01/01/2004|14:03] C:\Program Files\MSN Gaming Zone
[27/02/2008|11:15] C:\Program Files\MSN Messenger
[18/11/2007|19:19] C:\Program Files\MSXML 4.0
[23/03/2008|12:32] C:\Program Files\Musicmatch
[28/11/2006|19:32] C:\Program Files\MyABCD
[02/09/2008|11:24] C:\Program Files\NetMeeting
[01/01/2004|14:03] C:\Program Files\Online Services
[25/08/2007|13:40] C:\Program Files\OpenOffice.org 2.0
[22/04/2008|17:35] C:\Program Files\Orange
[22/04/2008|17:29] C:\Program Files\OrangeHSS
[03/09/2008|10:24] C:\Program Files\Outlook Express
[01/01/2004|17:58] C:\Program Files\PC-Doctor for Windows
[10/02/2007|17:31] C:\Program Files\Personal Strip Poker
[18/11/2007|19:16] C:\Program Files\QuickTime
[18/11/2007|19:19] C:\Program Files\Quiz
[21/03/2007|14:44] C:\Program Files\Real
[25/01/2006|14:15] C:\Program Files\Realore
[18/11/2007|19:18] C:\Program Files\Save
[18/11/2007|20:30] C:\Program Files\Securitoo
[01/01/2004|18:06] C:\Program Files\Services en ligne
[02/01/2004|06:00] C:\Program Files\SiS VGA Utilities V3.59e
[27/02/2005|18:41] C:\Program Files\Snapshot Viewer
[18/11/2007|19:15] C:\Program Files\Solsoft
[08/08/2007|13:29] C:\Program Files\Symantec
[18/11/2007|19:21] C:\Program Files\Temporary
[29/06/2008|20:38] C:\Program Files\the send type
[25/12/2006|01:33] C:\Program Files\Thomson
[18/11/2007|19:18] C:\Program Files\TikGames
[26/03/2005|19:16] C:\Program Files\TLC-Edusoft
[04/01/2007|19:52] C:\Program Files\TLKGAMES
[18/11/2007|11:16] C:\Program Files\Tomato Catcher
[04/01/2007|19:57] C:\Program Files\Trymedia
[18/11/2007|19:20] C:\Program Files\Ulead Systems
[17/02/2008|15:27] C:\Program Files\VideoLAN
[21/03/2007|14:47] C:\Program Files\Viewpoint
[24/11/2008|18:16] C:\Program Files\Wanadoo
[23/07/2008|13:40] C:\Program Files\WhenUSearch
[18/11/2007|19:21] C:\Program Files\WinAble
[27/02/2008|11:11] C:\Program Files\Windows Live
[08/08/2007|20:58] C:\Program Files\Windows Media Connect 2
[02/09/2008|11:23] C:\Program Files\Windows Media Player
[02/09/2008|11:23] C:\Program Files\Windows NT
[01/01/2004|14:06] C:\Program Files\xerox
[28/11/2006|19:37] C:\Program Files\zippy
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[28/10/2008|19:08] C:\Program Files\Fichiers communs\Adobe
[08/08/2007|09:52] C:\Program Files\Fichiers communs\AOL
[21/03/2007|14:52] C:\Program Files\Fichiers communs\aolback
[10/11/2007|19:01] C:\Program Files\Fichiers communs\Carlson
[31/12/2004|15:17] C:\Program Files\Fichiers communs\Designer
[25/08/2008|11:37] C:\Program Files\Fichiers communs\DirectX
[22/04/2008|17:25] C:\Program Files\Fichiers communs\France Telecom
[01/01/2004|15:41] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2004|05:59] C:\Program Files\Fichiers communs\InstallShield
[24/03/2008|13:42] C:\Program Files\Fichiers communs\Java
[29/03/2008|14:11] C:\Program Files\Fichiers communs\LogiShrd
[27/02/2008|11:13] C:\Program Files\Fichiers communs\Microsoft Shared
[22/04/2008|17:34] C:\Program Files\Fichiers communs\Motive
[01/01/2004|14:04] C:\Program Files\Fichiers communs\MSSoap
[21/03/2007|14:45] C:\Program Files\Fichiers communs\Nullsoft
[18/11/2007|19:19] C:\Program Files\Fichiers communs\Real
[31/12/2004|19:32] C:\Program Files\Fichiers communs\Services
[01/01/2004|14:59] C:\Program Files\Fichiers communs\SpeechEngines
[02/09/2008|11:23] C:\Program Files\Fichiers communs\System
[18/06/2005|13:30] C:\Program Files\Fichiers communs\Ulead Systems
[27/02/2008|11:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 58 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\journal\LOCALS~1\Temp\bis3E5.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Boob Byte.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\For Cake.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Ooze slow.exe
C:\DOCUME~1\journal\LOCALS~1\Temp\nsd314.tmp
C:\DOCUME~1\journal\LOCALS~1\Temp\nse40E.tmp
C:\DOCUME~1\journal\LOCALS~1\Temp\nsf31D.tmp
C:\DOCUME~1\journal\LOCALS~1\Temp\nsi53E.tmp
C:\DOCUME~1\journal\LOCALS~1\Temp\nsp320.tmp
C:\DOCUME~1\journal\LOCALS~1\Temp\nss32E.tmp
C:\DOCUME~1\journal\Cookies\journal@advertstream[1].txt
C:\DOCUME~1\journal\Cookies\journal@www.adserver5[2].txt
C:\DOCUME~1\journal\Cookies\journal@adultfriendfinder[1].txt
C:\DOCUME~1\journal\Cookies\journal@advertising[2].txt
C:\DOCUME~1\journal\Cookies\journal@adin.bigpoint[2].txt
C:\DOCUME~1\journal\Cookies\journal@bigpoint[1].txt
C:\DOCUME~1\journal\Cookies\journal@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\journal\Cookies\journal@banner.casinoking[2].txt
C:\DOCUME~1\journal\Cookies\journal@casinoking[1].txt
C:\DOCUME~1\journal\Cookies\journal@cotedazurpalace[1].txt
C:\DOCUME~1\journal\Cookies\journal@adopt.euroclick[2].txt
C:\DOCUME~1\journal\Cookies\journal@pacificpoker[2].txt
C:\DOCUME~1\journal\Cookies\journal@partygaming.122.2o7[1].txt
C:\DOCUME~1\journal\Cookies\journal@partypoker[1].txt
C:\DOCUME~1\journal\Cookies\journal@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\journal\Cookies\journal@vegas-millions[1].txt
C:\DOCUME~1\journal\Cookies\journal@www.lop[2].txt
C:\DOCUME~1\journal\Cookies\journal@www.2xmoinscher[1].txt
C:\DOCUME~1\journal\Cookies\journal@888[1].txt
C:\DOCUME~1\journal\Cookies\journal@888[3].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-24 18:23:37
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 525
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:9388][D:1833]-> C:\DOCUME~1\journal\LOCALS~1\Temp
[F:351][D:0]-> C:\DOCUME~1\journal\Cookies
[F:627][D:4]-> C:\DOCUME~1\journal\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|18:27 - Option : [1]
--------------------\\ Fin du rapport a 18:27:34
voila dsl du retard
C'est un autre pc ?
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
Répondre à Angeldark
OUI ENFIN NON EN FAI C'EST LE PC DE MA COUSINE
| Citation : "ok je l'ai pas grarde mais pas grave sa le fait plus par contre ma cousqine son pc rame voila un rapport hijack si tu peu m'aider" |
************************************************************
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : journal ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 24/11/2008|20:07 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Boob Byte.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\For Cake.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Ooze slow.exe
Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nsd314.tmp
Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nse40E.tmp
Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nsf31D.tmp
Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nsi53E.tmp
Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nsp320.tmp
Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\nss32E.tmp
Supprime! - C:\DOCUME~1\journal\Cookies\journal@advertstream[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@www.adserver5[2].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@advertising[2].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@bigpoint[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@casinoking[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@partygaming.122.2o7[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@partypoker[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@vegas-millions[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@www.lop[2].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@888[1].txt
Supprime! - C:\DOCUME~1\journal\Cookies\journal@888[3].txt
Supprime! - C:\DOCUME~1\journal\LOCALS~1\Temp\bis3E5.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[28/10/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/08/2007|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[01/01/2004|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[31/08/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[24/11/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[01/01/2004|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[01/01/2004|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[29/03/2008|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[08/08/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/02/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/04/2008|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[12/12/2004|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[17/05/2005|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2004|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[27/02/2005|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[08/08/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[18/06/2005|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[09/08/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/02/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/01/2004|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[11/08/2008|09:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/01/2004|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/12/2004|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[09/02/2005|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[07/05/2007|14:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[08/12/2004|17:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[01/01/2004|14:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[20/02/2005|15:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
[16/12/2004|18:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[28/11/2004|10:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[30/07/2006|12:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[27/02/2005|18:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
[05/12/2004|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
[01/01/2004|18:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[16/12/2004|18:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[01/01/2004|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[17/01/2005|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[18/06/2005|13:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems
[06/09/2008|16:50] C:\DOCUME~1\journal\APPLIC~1\Adobe
[25/12/2006|01:36] C:\DOCUME~1\journal\APPLIC~1\AdobeUM
[09/11/2005|12:47] C:\DOCUME~1\journal\APPLIC~1\Alive! Jigsaw
[25/02/2007|14:18] C:\DOCUME~1\journal\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\journal\APPLIC~1\Apple Computer
[21/03/2008|21:05] C:\DOCUME~1\journal\APPLIC~1\Google
[24/08/2005|09:44] C:\DOCUME~1\journal\APPLIC~1\Help
[01/01/2004|14:06] C:\DOCUME~1\journal\APPLIC~1\Identities
[06/11/2005|10:36] C:\DOCUME~1\journal\APPLIC~1\InstallShield
[20/08/2005|11:19] C:\DOCUME~1\journal\APPLIC~1\Intervideo
[11/10/2006|20:48] C:\DOCUME~1\journal\APPLIC~1\Leadertech
[15/11/2008|12:22] C:\DOCUME~1\journal\APPLIC~1\LimeWire
[14/01/2007|11:55] C:\DOCUME~1\journal\APPLIC~1\Macromedia
[08/08/2007|13:01] C:\DOCUME~1\journal\APPLIC~1\Microsoft
[22/04/2008|17:36] C:\DOCUME~1\journal\APPLIC~1\Motive
[30/08/2008|10:50] C:\DOCUME~1\journal\APPLIC~1\Mozilla
[23/11/2008|15:13] C:\DOCUME~1\journal\APPLIC~1\OpenOffice.org2
[18/11/2007|19:19] C:\DOCUME~1\journal\APPLIC~1\Real
[01/01/2004|18:12] C:\DOCUME~1\journal\APPLIC~1\SampleView
[18/09/2005|18:39] C:\DOCUME~1\journal\APPLIC~1\Sonic
[01/01/2004|15:07] C:\DOCUME~1\journal\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\journal\APPLIC~1\Symantec
[20/07/2008|21:30] C:\DOCUME~1\journal\APPLIC~1\the send type
[07/11/2006|18:41] C:\DOCUME~1\journal\APPLIC~1\Ulead Systems
[17/02/2008|15:39] C:\DOCUME~1\journal\APPLIC~1\vlc
[21/03/2007|14:47] C:\DOCUME~1\journal\APPLIC~1\You've Got Pictures Screensaver
[09/08/2007|10:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2004|14:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[31/08/2008|15:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\Adobe
[01/04/2007|09:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\SANDRI~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\SANDRI~1\APPLIC~1\Intervideo
[13/08/2007|11:33] C:\DOCUME~1\SANDRI~1\APPLIC~1\Macromedia
[17/04/2008|11:27] C:\DOCUME~1\SANDRI~1\APPLIC~1\Microsoft
[17/06/2008|15:54] C:\DOCUME~1\SANDRI~1\APPLIC~1\Motive
[13/08/2007|11:28] C:\DOCUME~1\SANDRI~1\APPLIC~1\Mozilla
[01/01/2004|18:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\SANDRI~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\Symantec
[31/08/2008|15:00] C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/11/2008 18:44][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1102268630.job
[05/08/2004 11:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
[01/01/2004 21:08][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[24/11/2008 18:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
--------------------\\ Listing des dossiers dans C:\Program Files
[06/11/2005|11:55] C:\Program Files\123 Free Puzzle
[28/10/2008|19:08] C:\Program Files\Adobe
[18/11/2007|19:20] C:\Program Files\AirStrike3D DEMO
[09/11/2005|12:48] C:\Program Files\All Ages Software
[08/08/2007|13:50] C:\Program Files\Alwil Software
[29/01/2006|18:10] C:\Program Files\Anuman Interactive
[18/11/2007|19:18] C:\Program Files\AOL 9.0
[18/11/2007|19:18] C:\Program Files\Blastorama Demo
[18/11/2007|11:16] C:\Program Files\BoundAround_Demo
[09/07/2007|20:19] C:\Program Files\Boxen 2 DEMO
[18/11/2007|11:16] C:\Program Files\BrickShooter Jr
[18/11/2007|19:19] C:\Program Files\Brossard
[26/11/2006|15:52] C:\Program Files\Bubble Frenzy
[25/12/2004|13:50] C:\Program Files\Canon
[18/11/2007|19:18] C:\Program Files\Car Thief
[18/11/2007|19:20] C:\Program Files\Controle Parental
[18/11/2007|19:16] C:\Program Files\Controle Parental(3)
[18/11/2007|19:03] C:\Program Files\Controle Parental(4)
[18/11/2007|11:16] C:\Program Files\cw3d
[28/11/2006|19:35] C:\Program Files\DigiFUN
[25/08/2008|11:35] C:\Program Files\directx
[18/11/2007|19:18] C:\Program Files\DreamQuest
[06/11/2005|19:08] C:\Program Files\EA GAMES
[08/08/2007|15:55] C:\Program Files\Easy Internet signup
[09/07/2007|20:11] C:\Program Files\EduProfix
[18/11/2007|19:18] C:\Program Files\ElastoMania111
[18/11/2007|19:17] C:\Program Files\Fashion Cents
[31/08/2006|12:56] C:\Program Files\FaxTools
[25/08/2008|11:37] C:\Program Files\Fichiers communs
[31/01/2006|19:20] C:\Program Files\Firaxis Games
[18/11/2007|19:20] C:\Program Files\GALLIMARD
[28/10/2008|19:11] C:\Program Files\Google
[11/11/2007|11:30] C:\Program Files\GrayMatter Innovations
[01/01/2004|17:57] C:\Program Files\Help and Support Additions
[01/01/2004|15:51] C:\Program Files\Hewlett-Packard
[25/01/2006|14:12] C:\Program Files\Homebrew Software
[01/01/2004|17:25] C:\Program Files\HP
[21/02/2008|15:11] C:\Program Files\id Software
[23/03/2008|12:37] C:\Program Files\IncrediMail
[18/11/2007|19:21] C:\Program Files\InetGet2
[19/01/2008|11:33] C:\Program Files\Insider
[28/10/2008|19:15] C:\Program Files\InstallShield Installation Information
[28/10/2008|19:14] C:\Program Files\InterActual
[02/09/2008|11:28] C:\Program Files\Internet Explorer
[07/08/2007|19:50] C:\Program Files\Inventel
[02/09/2008|11:07] C:\Program Files\Java
[23/03/2008|12:35] C:\Program Files\Jeune Styliste
[23/03/2008|12:36] C:\Program Files\Jeune Styliste 2
[18/11/2007|19:18] C:\Program Files\Jollyware
[18/11/2007|19:19] C:\Program Files\JrVetDemo
[23/03/2008|12:36] C:\Program Files\JS FashionMaker
[25/11/2006|14:55] C:\Program Files\Leeds Learning Color and Shapes
[22/11/2008|11:06] C:\Program Files\Lexmark X1100 Series
[19/09/2008|19:03] C:\Program Files\LimeWire
[29/03/2008|13:56] C:\Program Files\Logitech
[19/08/2007|20:40] C:\Program Files\Macrogaming
[06/11/2005|13:36] C:\Program Files\Maxis
[02/09/2008|11:35] C:\Program Files\Messenger
[22/12/2007|11:57] C:\Program Files\Messenger Plus! Live
[06/11/2005|19:28] C:\Program Files\Micro Application
[31/12/2004|15:23] C:\Program Files\Microsoft AutoRoute
[28/02/2008|13:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[18/11/2007|19:16] C:\Program Files\Microsoft Encarta
[01/01/2004|14:06] C:\Program Files\microsoft frontpage
[31/12/2004|15:22] C:\Program Files\Microsoft Money
[27/02/2005|18:41] C:\Program Files\Microsoft Office
[23/08/2007|22:03] C:\Program Files\Microsoft Picture It! 9
[31/12/2004|15:18] C:\Program Files\Microsoft Works
[28/12/2004|20:20] C:\Program Files\Microsoft Works Suite 2004
[02/09/2008|11:28] C:\Program Files\Movie Maker
[24/11/2008|18:39] C:\Program Files\Mozilla Firefox
[30/07/2006|12:54] C:\Program Files\MP3 Player Utilities
[25/11/2006|18:41] C:\Program Files\mpegable AVI
[26/08/2005|17:52] C:\Program Files\MSN
[01/01/2004|14:03] C:\Program Files\MSN Gaming Zone
[27/02/2008|11:15] C:\Program Files\MSN Messenger
[18/11/2007|19:19] C:\Program Files\MSXML 4.0
[23/03/2008|12:32] C:\Program Files\Musicmatch
[28/11/2006|19:32] C:\Program Files\MyABCD
[02/09/2008|11:24] C:\Program Files\NetMeeting
[01/01/2004|14:03] C:\Program Files\Online Services
[25/08/2007|13:40] C:\Program Files\OpenOffice.org 2.0
[22/04/2008|17:35] C:\Program Files\Orange
[22/04/2008|17:29] C:\Program Files\OrangeHSS
[03/09/2008|10:24] C:\Program Files\Outlook Express
[01/01/2004|17:58] C:\Program Files\PC-Doctor for Windows
[10/02/2007|17:31] C:\Program Files\Personal Strip Poker
[18/11/2007|19:16] C:\Program Files\QuickTime
[18/11/2007|19:19] C:\Program Files\Quiz
[21/03/2007|14:44] C:\Program Files\Real
[25/01/2006|14:15] C:\Program Files\Realore
[18/11/2007|19:18] C:\Program Files\Save
[18/11/2007|20:30] C:\Program Files\Securitoo
[01/01/2004|18:06] C:\Program Files\Services en ligne
[02/01/2004|06:00] C:\Program Files\SiS VGA Utilities V3.59e
[27/02/2005|18:41] C:\Program Files\Snapshot Viewer
[18/11/2007|19:15] C:\Program Files\Solsoft
[08/08/2007|13:29] C:\Program Files\Symantec
[18/11/2007|19:21] C:\Program Files\Temporary
[29/06/2008|20:38] C:\Program Files\the send type
[25/12/2006|01:33] C:\Program Files\Thomson
[18/11/2007|19:18] C:\Program Files\TikGames
[26/03/2005|19:16] C:\Program Files\TLC-Edusoft
[04/01/2007|19:52] C:\Program Files\TLKGAMES
[18/11/2007|11:16] C:\Program Files\Tomato Catcher
[04/01/2007|19:57] C:\Program Files\Trymedia
[18/11/2007|19:20] C:\Program Files\Ulead Systems
[17/02/2008|15:27] C:\Program Files\VideoLAN
[24/11/2008|18:16] C:\Program Files\Wanadoo
[23/07/2008|13:40] C:\Program Files\WhenUSearch
[18/11/2007|19:21] C:\Program Files\WinAble
[27/02/2008|11:11] C:\Program Files\Windows Live
[08/08/2007|20:58] C:\Program Files\Windows Media Connect 2
[02/09/2008|11:23] C:\Program Files\Windows Media Player
[02/09/2008|11:23] C:\Program Files\Windows NT
[01/01/2004|14:06] C:\Program Files\xerox
[28/11/2006|19:37] C:\Program Files\zippy
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[28/10/2008|19:08] C:\Program Files\Fichiers communs\Adobe
[08/08/2007|09:52] C:\Program Files\Fichiers communs\AOL
[21/03/2007|14:52] C:\Program Files\Fichiers communs\aolback
[10/11/2007|19:01] C:\Program Files\Fichiers communs\Carlson
[31/12/2004|15:17] C:\Program Files\Fichiers communs\Designer
[25/08/2008|11:37] C:\Program Files\Fichiers communs\DirectX
[22/04/2008|17:25] C:\Program Files\Fichiers communs\France Telecom
[01/01/2004|15:41] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2004|05:59] C:\Program Files\Fichiers communs\InstallShield
[24/03/2008|13:42] C:\Program Files\Fichiers communs\Java
[29/03/2008|14:11] C:\Program Files\Fichiers communs\LogiShrd
[27/02/2008|11:13] C:\Program Files\Fichiers communs\Microsoft Shared
[22/04/2008|17:34] C:\Program Files\Fichiers communs\Motive
[01/01/2004|14:04] C:\Program Files\Fichiers communs\MSSoap
[21/03/2007|14:45] C:\Program Files\Fichiers communs\Nullsoft
[18/11/2007|19:19] C:\Program Files\Fichiers communs\Real
[31/12/2004|19:32] C:\Program Files\Fichiers communs\Services
[01/01/2004|14:59] C:\Program Files\Fichiers communs\SpeechEngines
[02/09/2008|11:23] C:\Program Files\Fichiers communs\System
[18/06/2005|13:30] C:\Program Files\Fichiers communs\Ulead Systems
[27/02/2008|11:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 54 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-24 20:09:40
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 525
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:9383][D:1828]-> C:\DOCUME~1\journal\LOCALS~1\Temp
[F:332][D:0]-> C:\DOCUME~1\journal\Cookies
[F:627][D:4]-> C:\DOCUME~1\journal\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|18:27 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 24/11/2008|20:11 - Option : [2]
--------------------\\ Fin du rapport a 20:11:38
Message édité par PaRoLe-SaGe le 24-11-2008 à 20:26:06
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:01:18, on 25/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\WhenUSearch\Search.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\WhenUSearch\whse.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Orange\LiveAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Documents and Settings\journal\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O15 - Trusted Zone: http://pfttbc.ft.motive.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b57176.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 10779 bytes
Re,
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de Toolbar-S&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré. (C:\TB.txt)
Répondre à Angeldark
-----------\\ ToolBar S&D 1.2.5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : journal ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [1] ( 25/11/2008|18:54 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\WinAble
C:\WINDOWS\iun6002.exe
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
"Default_Search_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
"Search Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
"Start Page"="http://home.sweetim.com"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 25/11/2008|19:00 - Option : [1]
-----------\\ Fin du rapport a 19:00:18,14
Message édité par PaRoLe-SaGe le 25-11-2008 à 19:02:03
| Citation : -----------\\ Recherche de Fichiers / Dossiers ...
|
tous sa c'est des infections?
Pas tout.
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
Répondre à Angeldark
-----------\\ ToolBar S&D 1.2.5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : journal ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [2] ( 26/11/2008|21:40 )
-----------\\ SUPPRESSION
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\Program Files\WinAble
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
"Default_Search_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
"Search Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 25/11/2008|19:00 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 26/11/2008|21:44 - Option : [2]
-----------\\ Fin du rapport a 21:44:11,14
Reposte un rapport Hijackthis.
Répondre à Angeldark
Je remplace avast par antivir avant (j'esper que sa va pas tout faussé)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:06:46, on 27/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\WhenUSearch\Search.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\WhenUSearch\whse.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Orange\LiveAssistant.exe
C:\WINDOWS\system32\lexpps.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe
C:\Documents and Settings\journal\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O15 - Trusted Zone: http://pfttbc.ft.motive.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b57176.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 10844 bytes
Re,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
- Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
- Afin de lancer la recherche, clic sur"Rechercher".
- Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
AIDE : Tuto en images sur MBAM
Répondre à Angeldark
Bon il est a un objet infecté pour le moment bizarement je m'en douter bon je te post dés que c'est fini
Ok 
Répondre à Angeldark
Malwarebytes' Anti-Malware 1.30
Database version: 1430
Windows 5.1.2600 Service Pack 3
27/11/2008 22:26:56
mbam-log-2008-11-27 (22-26-56).txt
Scan type: Full Scan (C:\|)
Objects scanned: 181449
Time elapsed: 2 hour(s), 9 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 5
Files Infected: 17
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Carlson (Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Carlson (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
Files Infected:
C:\Documents and Settings\journal\Local Settings\Temp\camg-77798.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\journal\Local Settings\Temp\MBDownloader_876923.exe (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\WINDOWS\b147.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\mrofinu1148.exe.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\InetGet2\emg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Save\ReadMe.txt (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\save.htm (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\SaveUninst.exe (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Carlson\carlton (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Temporary\wininstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\WINDOWS\b111.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\b122.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\b128.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ossproxy.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\carlton (Dialer) -> Quarantined and deleted successfully.
je l'ai fait via l'administrateur c'est pas grave? en tout cas il a trouver 27 objet infecté enfin a toi de me dire merci encore
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:49:45, on 01/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\WhenUSearch\Search.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\WhenUSearch\whse.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Orange\LiveAssistant.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Documents and Settings\journal\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O15 - Trusted Zone: http://pfttbc.ft.motive.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b57176.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 11108 bytes
Refais un scan Lop-SD option 1, on va terminer.
Répondre à Angeldark
euh on va terminer? mais il est toujours aussi lent bon je t'envoie sa merci beaucoup
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : journal ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 02/12/2008|13:10 )
--------------------\\ Listing des dossiers dans APPLIC~1
[01/01/2004|17:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intervideo
[11/08/2008|09:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[27/11/2008|20:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[01/01/2004|14:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2004|18:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[28/10/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/08/2007|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[01/01/2004|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[27/11/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[31/08/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[30/11/2008|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[01/01/2004|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[01/01/2004|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[29/03/2008|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[27/11/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[08/08/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/02/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/04/2008|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[12/12/2004|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[17/05/2005|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2004|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[27/02/2005|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[08/08/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[18/06/2005|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[09/08/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/02/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/01/2004|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[11/08/2008|09:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/01/2004|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/12/2004|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[09/02/2005|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[07/05/2007|14:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[08/12/2004|17:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[01/01/2004|14:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[20/02/2005|15:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
[16/12/2004|18:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[28/11/2004|10:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[30/07/2006|12:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[27/02/2005|18:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
[05/12/2004|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
[01/01/2004|18:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[16/12/2004|18:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[01/01/2004|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[17/01/2005|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[18/06/2005|13:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems
[06/09/2008|16:50] C:\DOCUME~1\journal\APPLIC~1\Adobe
[25/12/2006|01:36] C:\DOCUME~1\journal\APPLIC~1\AdobeUM
[09/11/2005|12:47] C:\DOCUME~1\journal\APPLIC~1\Alive! Jigsaw
[25/02/2007|14:18] C:\DOCUME~1\journal\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\journal\APPLIC~1\Apple Computer
[21/03/2008|21:05] C:\DOCUME~1\journal\APPLIC~1\Google
[24/08/2005|09:44] C:\DOCUME~1\journal\APPLIC~1\Help
[01/01/2004|14:06] C:\DOCUME~1\journal\APPLIC~1\Identities
[06/11/2005|10:36] C:\DOCUME~1\journal\APPLIC~1\InstallShield
[20/08/2005|11:19] C:\DOCUME~1\journal\APPLIC~1\Intervideo
[11/10/2006|20:48] C:\DOCUME~1\journal\APPLIC~1\Leadertech
[15/11/2008|12:22] C:\DOCUME~1\journal\APPLIC~1\LimeWire
[14/01/2007|11:55] C:\DOCUME~1\journal\APPLIC~1\Macromedia
[27/11/2008|19:49] C:\DOCUME~1\journal\APPLIC~1\Malwarebytes
[08/08/2007|13:01] C:\DOCUME~1\journal\APPLIC~1\Microsoft
[22/04/2008|17:36] C:\DOCUME~1\journal\APPLIC~1\Motive
[30/08/2008|10:50] C:\DOCUME~1\journal\APPLIC~1\Mozilla
[23/11/2008|15:13] C:\DOCUME~1\journal\APPLIC~1\OpenOffice.org2
[18/11/2007|19:19] C:\DOCUME~1\journal\APPLIC~1\Real
[01/01/2004|18:12] C:\DOCUME~1\journal\APPLIC~1\SampleView
[18/09/2005|18:39] C:\DOCUME~1\journal\APPLIC~1\Sonic
[01/01/2004|15:07] C:\DOCUME~1\journal\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\journal\APPLIC~1\Symantec
[20/07/2008|21:30] C:\DOCUME~1\journal\APPLIC~1\the send type
[07/11/2006|18:41] C:\DOCUME~1\journal\APPLIC~1\Ulead Systems
[17/02/2008|15:39] C:\DOCUME~1\journal\APPLIC~1\vlc
[21/03/2007|14:47] C:\DOCUME~1\journal\APPLIC~1\You've Got Pictures Screensaver
[09/08/2007|10:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2004|14:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[31/08/2008|15:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\Adobe
[01/04/2007|09:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\SANDRI~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\SANDRI~1\APPLIC~1\Intervideo
[13/08/2007|11:33] C:\DOCUME~1\SANDRI~1\APPLIC~1\Macromedia
[17/04/2008|11:27] C:\DOCUME~1\SANDRI~1\APPLIC~1\Microsoft
[17/06/2008|15:54] C:\DOCUME~1\SANDRI~1\APPLIC~1\Motive
[13/08/2007|11:28] C:\DOCUME~1\SANDRI~1\APPLIC~1\Mozilla
[01/01/2004|18:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\SANDRI~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\Symantec
[31/08/2008|15:00] C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[01/12/2008 18:44][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1102268630.job
[05/08/2004 11:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
[01/01/2004 21:08][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[02/12/2008 10:53][--ah-----] C:\WINDOWS\tasks\SA.DAT
--------------------\\ Listing des dossiers dans C:\Program Files
[06/11/2005|11:55] C:\Program Files\123 Free Puzzle
[28/10/2008|19:08] C:\Program Files\Adobe
[18/11/2007|19:20] C:\Program Files\AirStrike3D DEMO
[09/11/2005|12:48] C:\Program Files\All Ages Software
[08/08/2007|13:50] C:\Program Files\Alwil Software
[29/01/2006|18:10] C:\Program Files\Anuman Interactive
[18/11/2007|19:18] C:\Program Files\AOL 9.0
[27/11/2008|19:02] C:\Program Files\Avira
[18/11/2007|19:18] C:\Program Files\Blastorama Demo
[18/11/2007|11:16] C:\Program Files\BoundAround_Demo
[09/07/2007|20:19] C:\Program Files\Boxen 2 DEMO
[18/11/2007|11:16] C:\Program Files\BrickShooter Jr
[18/11/2007|19:19] C:\Program Files\Brossard
[26/11/2006|15:52] C:\Program Files\Bubble Frenzy
[25/12/2004|13:50] C:\Program Files\Canon
[18/11/2007|19:18] C:\Program Files\Car Thief
[18/11/2007|19:20] C:\Program Files\Controle Parental
[18/11/2007|19:16] C:\Program Files\Controle Parental(3)
[18/11/2007|19:03] C:\Program Files\Controle Parental(4)
[18/11/2007|11:16] C:\Program Files\cw3d
[28/11/2006|19:35] C:\Program Files\DigiFUN
[25/08/2008|11:35] C:\Program Files\directx
[18/11/2007|19:18] C:\Program Files\DreamQuest
[06/11/2005|19:08] C:\Program Files\EA GAMES
[08/08/2007|15:55] C:\Program Files\Easy Internet signup
[09/07/2007|20:11] C:\Program Files\EduProfix
[18/11/2007|19:18] C:\Program Files\ElastoMania111
[18/11/2007|19:17] C:\Program Files\Fashion Cents
[31/08/2006|12:56] C:\Program Files\FaxTools
[27/11/2008|22:26] C:\Program Files\Fichiers communs
[31/01/2006|19:20] C:\Program Files\Firaxis Games
[18/11/2007|19:20] C:\Program Files\GALLIMARD
[28/10/2008|19:11] C:\Program Files\Google
[11/11/2007|11:30] C:\Program Files\GrayMatter Innovations
[01/01/2004|17:57] C:\Program Files\Help and Support Additions
[01/01/2004|15:51] C:\Program Files\Hewlett-Packard
[25/01/2006|14:12] C:\Program Files\Homebrew Software
[01/01/2004|17:25] C:\Program Files\HP
[21/02/2008|15:11] C:\Program Files\id Software
[23/03/2008|12:37] C:\Program Files\IncrediMail
[28/10/2008|19:15] C:\Program Files\InstallShield Installation Information
[28/10/2008|19:14] C:\Program Files\InterActual
[02/09/2008|11:28] C:\Program Files\Internet Explorer
[07/08/2007|19:50] C:\Program Files\Inventel
[02/09/2008|11:07] C:\Program Files\Java
[23/03/2008|12:35] C:\Program Files\Jeune Styliste
[23/03/2008|12:36] C:\Program Files\Jeune Styliste 2
[18/11/2007|19:18] C:\Program Files\Jollyware
[18/11/2007|19:19] C:\Program Files\JrVetDemo
[23/03/2008|12:36] C:\Program Files\JS FashionMaker
[25/11/2006|14:55] C:\Program Files\Leeds Learning Color and Shapes
[22/11/2008|11:06] C:\Program Files\Lexmark X1100 Series
[19/09/2008|19:03] C:\Program Files\LimeWire
[29/03/2008|13:56] C:\Program Files\Logitech
[19/08/2007|20:40] C:\Program Files\Macrogaming
[27/11/2008|19:49] C:\Program Files\Malwarebytes' Anti-Malware
[06/11/2005|13:36] C:\Program Files\Maxis
[02/09/2008|11:35] C:\Program Files\Messenger
[22/12/2007|11:57] C:\Program Files\Messenger Plus! Live
[06/11/2005|19:28] C:\Program Files\Micro Application
[31/12/2004|15:23] C:\Program Files\Microsoft AutoRoute
[28/02/2008|13:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[18/11/2007|19:16] C:\Program Files\Microsoft Encarta
[01/01/2004|14:06] C:\Program Files\microsoft frontpage
[31/12/2004|15:22] C:\Program Files\Microsoft Money
[27/02/2005|18:41] C:\Program Files\Microsoft Office
[23/08/2007|22:03] C:\Program Files\Microsoft Picture It! 9
[31/12/2004|15:18] C:\Program Files\Microsoft Works
[28/12/2004|20:20] C:\Program Files\Microsoft Works Suite 2004
[02/09/2008|11:28] C:\Program Files\Movie Maker
[01/12/2008|17:50] C:\Program Files\Mozilla Firefox
[30/07/2006|12:54] C:\Program Files\MP3 Player Utilities
[25/11/2006|18:41] C:\Program Files\mpegable AVI
[26/08/2005|17:52] C:\Program Files\MSN
[01/01/2004|14:03] C:\Program Files\MSN Gaming Zone
[27/02/2008|11:15] C:\Program Files\MSN Messenger
[18/11/2007|19:19] C:\Program Files\MSXML 4.0
[23/03/2008|12:32] C:\Program Files\Musicmatch
[28/11/2006|19:32] C:\Program Files\MyABCD
[02/09/2008|11:24] C:\Program Files\NetMeeting
[01/01/2004|14:03] C:\Program Files\Online Services
[25/08/2007|13:40] C:\Program Files\OpenOffice.org 2.0
[27/11/2008|22:41] C:\Program Files\Orange
[22/04/2008|17:29] C:\Program Files\OrangeHSS
[03/09/2008|10:24] C:\Program Files\Outlook Express
[01/01/2004|17:58] C:\Program Files\PC-Doctor for Windows
[10/02/2007|17:31] C:\Program Files\Personal Strip Poker
[18/11/2007|19:16] C:\Program Files\QuickTime
[18/11/2007|19:19] C:\Program Files\Quiz
[21/03/2007|14:44] C:\Program Files\Real
[25/01/2006|14:15] C:\Program Files\Realore
[18/11/2007|20:30] C:\Program Files\Securitoo
[01/01/2004|18:06] C:\Program Files\Services en ligne
[02/01/2004|06:00] C:\Program Files\SiS VGA Utilities V3.59e
[27/02/2005|18:41] C:\Program Files\Snapshot Viewer
[18/11/2007|19:15] C:\Program Files\Solsoft
[08/08/2007|13:29] C:\Program Files\Symantec
[29/06/2008|20:38] C:\Program Files\the send type
[25/12/2006|01:33] C:\Program Files\Thomson
[18/11/2007|19:18] C:\Program Files\TikGames
[26/03/2005|19:16] C:\Program Files\TLC-Edusoft
[04/01/2007|19:52] C:\Program Files\TLKGAMES
[18/11/2007|11:16] C:\Program Files\Tomato Catcher
[04/01/2007|19:57] C:\Program Files\Trymedia
[18/11/2007|19:20] C:\Program Files\Ulead Systems
[17/02/2008|15:27] C:\Program Files\VideoLAN
[24/11/2008|18:16] C:\Program Files\Wanadoo
[23/07/2008|13:40] C:\Program Files\WhenUSearch
[27/02/2008|11:11] C:\Program Files\Windows Live
[08/08/2007|20:58] C:\Program Files\Windows Media Connect 2
[02/09/2008|11:23] C:\Program Files\Windows Media Player
[02/09/2008|11:23] C:\Program Files\Windows NT
[01/01/2004|14:06] C:\Program Files\xerox
[28/11/2006|19:37] C:\Program Files\zippy
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[28/10/2008|19:08] C:\Program Files\Fichiers communs\Adobe
[08/08/2007|09:52] C:\Program Files\Fichiers communs\AOL
[21/03/2007|14:52] C:\Program Files\Fichiers communs\aolback
[31/12/2004|15:17] C:\Program Files\Fichiers communs\Designer
[25/08/2008|11:37] C:\Program Files\Fichiers communs\DirectX
[22/04/2008|17:25] C:\Program Files\Fichiers communs\France Telecom
[01/01/2004|15:41] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2004|05:59] C:\Program Files\Fichiers communs\InstallShield
[24/03/2008|13:42] C:\Program Files\Fichiers communs\Java
[29/03/2008|14:11] C:\Program Files\Fichiers communs\LogiShrd
[27/02/2008|11:13] C:\Program Files\Fichiers communs\Microsoft Shared
[22/04/2008|17:34] C:\Program Files\Fichiers communs\Motive
[01/01/2004|14:04] C:\Program Files\Fichiers communs\MSSoap
[21/03/2007|14:45] C:\Program Files\Fichiers communs\Nullsoft
[18/11/2007|19:19] C:\Program Files\Fichiers communs\Real
[31/12/2004|19:32] C:\Program Files\Fichiers communs\Services
[01/01/2004|14:59] C:\Program Files\Fichiers communs\SpeechEngines
[02/09/2008|11:23] C:\Program Files\Fichiers communs\System
[18/06/2005|13:30] C:\Program Files\Fichiers communs\Ulead Systems
[27/02/2008|11:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 57 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\journal\Cookies\journal@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-02 13:12:11
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 525
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:9429][D:1841]-> C:\DOCUME~1\journal\LOCALS~1\Temp
[F:334][D:0]-> C:\DOCUME~1\journal\Cookies
[F:713][D:4]-> C:\DOCUME~1\journal\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|18:27 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 24/11/2008|20:11 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 02/12/2008|13:15 - Option : [1]
--------------------\\ Fin du rapport a 13:15:22
Message édité par PaRoLe-SaGe le 02-12-2008 à 13:17:11
Re,
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
C:\Program Files\the send type
|
- Relance Lop S&D.
- Choisis cette fois-ci l'option 4 (LopScript). Une page blanche va s'ouvrir, colle (Ctrl+V) le texte précedemment copié.
- Ferme cette page, il te sera demandé de l'enregistrer, accepte.
! Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Répondre à Angeldark
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Rev. 3.11
USER : journal ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:109 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [4] ( 03/12/2008| 9:51 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script
C:\Program Files\the send type
C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type
C:\DOCUME~1\journal\APPLIC~1\the send type
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\the send type
Supprime! - C:\DOCUME~1\SANDRI~1\APPLIC~1\the send type
Supprime! - C:\DOCUME~1\journal\APPLIC~1\the send type
Supprime! - C:\DOCUME~1\journal\Cookies\journal@advertising[2].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[01/01/2004|17:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intervideo
[11/08/2008|09:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[27/11/2008|20:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[01/01/2004|14:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2004|18:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[28/10/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/08/2007|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[01/01/2004|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[27/11/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[31/08/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[01/12/2008|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[01/01/2004|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[01/01/2004|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[29/03/2008|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[27/11/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[08/08/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/02/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/04/2008|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[12/12/2004|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[17/05/2005|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2004|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[27/02/2005|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[08/08/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[18/06/2005|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[09/08/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/02/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/01/2004|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[11/08/2008|09:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/01/2004|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/12/2004|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[09/02/2005|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[07/05/2007|14:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[08/12/2004|17:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[01/01/2004|14:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[20/02/2005|15:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
[16/12/2004|18:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[28/11/2004|10:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[30/07/2006|12:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[27/02/2005|18:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
[05/12/2004|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
[01/01/2004|18:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[16/12/2004|18:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[01/01/2004|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[17/01/2005|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[18/06/2005|13:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems
[06/09/2008|16:50] C:\DOCUME~1\journal\APPLIC~1\Adobe
[25/12/2006|01:36] C:\DOCUME~1\journal\APPLIC~1\AdobeUM
[09/11/2005|12:47] C:\DOCUME~1\journal\APPLIC~1\Alive! Jigsaw
[25/02/2007|14:18] C:\DOCUME~1\journal\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\journal\APPLIC~1\Apple Computer
[21/03/2008|21:05] C:\DOCUME~1\journal\APPLIC~1\Google
[24/08/2005|09:44] C:\DOCUME~1\journal\APPLIC~1\Help
[01/01/2004|14:06] C:\DOCUME~1\journal\APPLIC~1\Identities
[06/11/2005|10:36] C:\DOCUME~1\journal\APPLIC~1\InstallShield
[20/08/2005|11:19] C:\DOCUME~1\journal\APPLIC~1\Intervideo
[11/10/2006|20:48] C:\DOCUME~1\journal\APPLIC~1\Leadertech
[15/11/2008|12:22] C:\DOCUME~1\journal\APPLIC~1\LimeWire
[14/01/2007|11:55] C:\DOCUME~1\journal\APPLIC~1\Macromedia
[27/11/2008|19:49] C:\DOCUME~1\journal\APPLIC~1\Malwarebytes
[08/08/2007|13:01] C:\DOCUME~1\journal\APPLIC~1\Microsoft
[22/04/2008|17:36] C:\DOCUME~1\journal\APPLIC~1\Motive
[30/08/2008|10:50] C:\DOCUME~1\journal\APPLIC~1\Mozilla
[23/11/2008|15:13] C:\DOCUME~1\journal\APPLIC~1\OpenOffice.org2
[18/11/2007|19:19] C:\DOCUME~1\journal\APPLIC~1\Real
[01/01/2004|18:12] C:\DOCUME~1\journal\APPLIC~1\SampleView
[18/09/2005|18:39] C:\DOCUME~1\journal\APPLIC~1\Sonic
[01/01/2004|15:07] C:\DOCUME~1\journal\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\journal\APPLIC~1\Symantec
[07/11/2006|18:41] C:\DOCUME~1\journal\APPLIC~1\Ulead Systems
[17/02/2008|15:39] C:\DOCUME~1\journal\APPLIC~1\vlc
[21/03/2007|14:47] C:\DOCUME~1\journal\APPLIC~1\You've Got Pictures Screensaver
[09/08/2007|10:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2004|14:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[31/08/2008|15:51] C:\DOCUME~1\SANDRI~1\APPLIC~1\Adobe
[01/04/2007|09:40] C:\DOCUME~1\SANDRI~1\APPLIC~1\AOL
[01/01/2004|17:45] C:\DOCUME~1\SANDRI~1\APPLIC~1\Apple Computer
[01/01/2004|14:06] C:\DOCUME~1\SANDRI~1\APPLIC~1\Identities
[01/01/2004|17:36] C:\DOCUME~1\SANDRI~1\APPLIC~1\Intervideo
[13/08/2007|11:33] C:\DOCUME~1\SANDRI~1\APPLIC~1\Macromedia
[17/04/2008|11:27] C:\DOCUME~1\SANDRI~1\APPLIC~1\Microsoft
[17/06/2008|15:54] C:\DOCUME~1\SANDRI~1\APPLIC~1\Motive
[13/08/2007|11:28] C:\DOCUME~1\SANDRI~1\APPLIC~1\Mozilla
[01/01/2004|18:12] C:\DOCUME~1\SANDRI~1\APPLIC~1\SampleView
[01/01/2004|15:07] C:\DOCUME~1\SANDRI~1\APPLIC~1\Sun
[01/01/2004|21:04] C:\DOCUME~1\SANDRI~1\APPLIC~1\Symantec
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[02/12/2008 18:44][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1102268630.job
[05/08/2004 11:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
[01/01/2004 21:08][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[03/12/2008 09:40][--ah-----] C:\WINDOWS\tasks\SA.DAT
--------------------\\ Listing des dossiers dans C:\Program Files
[06/11/2005|11:55] C:\Program Files\123 Free Puzzle
[28/10/2008|19:08] C:\Program Files\Adobe
[18/11/2007|19:20] C:\Program Files\AirStrike3D DEMO
[09/11/2005|12:48] C:\Program Files\All Ages Software
[08/08/2007|13:50] C:\Program Files\Alwil Software
[29/01/2006|18:10] C:\Program Files\Anuman Interactive
[18/11/2007|19:18] C:\Program Files\AOL 9.0
[27/11/2008|19:02] C:\Program Files\Avira
[18/11/2007|19:18] C:\Program Files\Blastorama Demo
[18/11/2007|11:16] C:\Program Files\BoundAround_Demo
[09/07/2007|20:19] C:\Program Files\Boxen 2 DEMO
[18/11/2007|11:16] C:\Program Files\BrickShooter Jr
[18/11/2007|19:19] C:\Program Files\Brossard
[26/11/2006|15:52] C:\Program Files\Bubble Frenzy
[25/12/2004|13:50] C:\Program Files\Canon
[18/11/2007|19:18] C:\Program Files\Car Thief
[18/11/2007|19:20] C:\Program Files\Controle Parental
[18/11/2007|19:16] C:\Program Files\Controle Parental(3)
[18/11/2007|19:03] C:\Program Files\Controle Parental(4)
[18/11/2007|11:16] C:\Program Files\cw3d
[28/11/2006|19:35] C:\Program Files\DigiFUN
[25/08/2008|11:35] C:\Program Files\directx
[18/11/2007|19:18] C:\Program Files\DreamQuest
[06/11/2005|19:08] C:\Program Files\EA GAMES
[08/08/2007|15:55] C:\Program Files\Easy Internet signup
[09/07/2007|20:11] C:\Program Files\EduProfix
[18/11/2007|19:18] C:\Program Files\ElastoMania111
[18/11/2007|19:17] C:\Program Files\Fashion Cents
[31/08/2006|12:56] C:\Program Files\FaxTools
[27/11/2008|22:26] C:\Program Files\Fichiers communs
[31/01/2006|19:20] C:\Program Files\Firaxis Games
[18/11/2007|19:20] C:\Program Files\GALLIMARD
[28/10/2008|19:11] C:\Program Files\Google
[11/11/2007|11:30] C:\Program Files\GrayMatter Innovations
[01/01/2004|17:57] C:\Program Files\Help and Support Additions
[01/01/2004|15:51] C:\Program Files\Hewlett-Packard
[25/01/2006|14:12] C:\Program Files\Homebrew Software
[01/01/2004|17:25] C:\Program Files\HP
[21/02/2008|15:11] C:\Program Files\id Software
[23/03/2008|12:37] C:\Program Files\IncrediMail
[28/10/2008|19:15] C:\Program Files\InstallShield Installation Information
[28/10/2008|19:14] C:\Program Files\InterActual
[02/09/2008|11:28] C:\Program Files\Internet Explorer
[07/08/2007|19:50] C:\Program Files\Inventel
[02/09/2008|11:07] C:\Program Files\Java
[23/03/2008|12:35] C:\Program Files\Jeune Styliste
[23/03/2008|12:36] C:\Program Files\Jeune Styliste 2
[18/11/2007|19:18] C:\Program Files\Jollyware
[18/11/2007|19:19] C:\Program Files\JrVetDemo
[23/03/2008|12:36] C:\Program Files\JS FashionMaker
[25/11/2006|14:55] C:\Program Files\Leeds Learning Color and Shapes
[22/11/2008|11:06] C:\Program Files\Lexmark X1100 Series
[19/09/2008|19:03] C:\Program Files\LimeWire
[29/03/2008|13:56] C:\Program Files\Logitech
[19/08/2007|20:40] C:\Program Files\Macrogaming
[27/11/2008|19:49] C:\Program Files\Malwarebytes' Anti-Malware
[06/11/2005|13:36] C:\Program Files\Maxis
[02/09/2008|11:35] C:\Program Files\Messenger
[22/12/2007|11:57] C:\Program Files\Messenger Plus! Live
[06/11/2005|19:28] C:\Program Files\Micro Application
[31/12/2004|15:23] C:\Program Files\Microsoft AutoRoute
[28/02/2008|13:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[18/11/2007|19:16] C:\Program Files\Microsoft Encarta
[01/01/2004|14:06] C:\Program Files\microsoft frontpage
[31/12/2004|15:22] C:\Program Files\Microsoft Money
[27/02/2005|18:41] C:\Program Files\Microsoft Office
[23/08/2007|22:03] C:\Program Files\Microsoft Picture It! 9
[31/12/2004|15:18] C:\Program Files\Microsoft Works
[28/12/2004|20:20] C:\Program Files\Microsoft Works Suite 2004
[02/09/2008|11:28] C:\Program Files\Movie Maker
[03/12/2008|09:45] C:\Program Files\Mozilla Firefox
[30/07/2006|12:54] C:\Program Files\MP3 Player Utilities
[25/11/2006|18:41] C:\Program Files\mpegable AVI
[26/08/2005|17:52] C:\Program Files\MSN
[01/01/2004|14:03] C:\Program Files\MSN Gaming Zone
[27/02/2008|11:15] C:\Program Files\MSN Messenger
[18/11/2007|19:19] C:\Program Files\MSXML 4.0
[23/03/2008|12:32] C:\Program Files\Musicmatch
[28/11/2006|19:32] C:\Program Files\MyABCD
[02/09/2008|11:24] C:\Program Files\NetMeeting
[01/01/2004|14:03] C:\Program Files\Online Services
[25/08/2007|13:40] C:\Program Files\OpenOffice.org 2.0
[27/11/2008|22:41] C:\Program Files\Orange
[22/04/2008|17:29] C:\Program Files\OrangeHSS
[03/09/2008|10:24] C:\Program Files\Outlook Express
[01/01/2004|17:58] C:\Program Files\PC-Doctor for Windows
[10/02/2007|17:31] C:\Program Files\Personal Strip Poker
[18/11/2007|19:16] C:\Program Files\QuickTime
[18/11/2007|19:19] C:\Program Files\Quiz
[21/03/2007|14:44] C:\Program Files\Real
[25/01/2006|14:15] C:\Program Files\Realore
[18/11/2007|20:30] C:\Program Files\Securitoo
[01/01/2004|18:06] C:\Program Files\Services en ligne
[02/01/2004|06:00] C:\Program Files\SiS VGA Utilities V3.59e
[27/02/2005|18:41] C:\Program Files\Snapshot Viewer
[18/11/2007|19:15] C:\Program Files\Solsoft
[08/08/2007|13:29] C:\Program Files\Symantec
[25/12/2006|01:33] C:\Program Files\Thomson
[18/11/2007|19:18] C:\Program Files\TikGames
[26/03/2005|19:16] C:\Program Files\TLC-Edusoft
[04/01/2007|19:52] C:\Program Files\TLKGAMES
[18/11/2007|11:16] C:\Program Files\Tomato Catcher
[04/01/2007|19:57] C:\Program Files\Trymedia
[18/11/2007|19:20] C:\Program Files\Ulead Systems
[17/02/2008|15:27] C:\Program Files\VideoLAN
[24/11/2008|18:16] C:\Program Files\Wanadoo
[23/07/2008|13:40] C:\Program Files\WhenUSearch
[27/02/2008|11:11] C:\Program Files\Windows Live
[08/08/2007|20:58] C:\Program Files\Windows Media Connect 2
[02/09/2008|11:23] C:\Program Files\Windows Media Player
[02/09/2008|11:23] C:\Program Files\Windows NT
[01/01/2004|14:06] C:\Program Files\xerox
[28/11/2006|19:37] C:\Program Files\zippy
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[28/10/2008|19:08] C:\Program Files\Fichiers communs\Adobe
[08/08/2007|09:52] C:\Program Files\Fichiers communs\AOL
[21/03/2007|14:52] C:\Program Files\Fichiers communs\aolback
[31/12/2004|15:17] C:\Program Files\Fichiers communs\Designer
[25/08/2008|11:37] C:\Program Files\Fichiers communs\DirectX
[22/04/2008|17:25] C:\Program Files\Fichiers communs\France Telecom
[01/01/2004|15:41] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2004|05:59] C:\Program Files\Fichiers communs\InstallShield
[24/03/2008|13:42] C:\Program Files\Fichiers communs\Java
[29/03/2008|14:11] C:\Program Files\Fichiers communs\LogiShrd
[27/02/2008|11:13] C:\Program Files\Fichiers communs\Microsoft Shared
[22/04/2008|17:34] C:\Program Files\Fichiers communs\Motive
[01/01/2004|14:04] C:\Program Files\Fichiers communs\MSSoap
[21/03/2007|14:45] C:\Program Files\Fichiers communs\Nullsoft
[18/11/2007|19:19] C:\Program Files\Fichiers communs\Real
[31/12/2004|19:32] C:\Program Files\Fichiers communs\Services
[01/01/2004|14:59] C:\Program Files\Fichiers communs\SpeechEngines
[02/09/2008|11:23] C:\Program Files\Fichiers communs\System
[18/06/2005|13:30] C:\Program Files\Fichiers communs\Ulead Systems
[27/02/2008|11:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 56 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-03 09:56:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 525
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:9434][D:1842]-> C:\DOCUME~1\journal\LOCALS~1\Temp
[F:333][D:0]-> C:\DOCUME~1\journal\Cookies
[F:713][D:4]-> C:\DOCUME~1\journal\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|18:27 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 24/11/2008|20:11 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 02/12/2008|13:15 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 03/12/2008|10:00 - Option : [4]
--------------------\\ Fin du rapport a 10:00:36
Je sais pas si c'est normal mais quand lop S&D faisais son travail antivir a trouver des trojan j'ai donc choisi l'option delete ais-jr birn fait?
Si cela venait d'AntiVir, il ne fallait pas delete. Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:21:18, on 03/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WhenUSearch\Search.exe
C:\Program Files\WhenUSearch\whse.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Orange\LiveAssistant.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Documents and Settings\journal\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/quicktime/buy/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe"
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Orange_McciTrayApp] C:\Program Files\Orange\LiveAssistant.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKCU\..\Run: [Onceelse] C:\DOCUME~1\journal\APPLIC~1\THESEN~1\Vc Bolt 16.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O15 - Trusted Zone: http://pfttbc.ft.motive.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b57176.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 11174 bytes
il fallait que je fasse quoi alors? pour les virus d'antivir?
Re,
Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
|
Supprime :
C:\Program Files\Save
C:\Program Files\WhenUSearch
Répondre à Angeldark
Ok c'est fait seulement je n'est pas trouver :
C:\Program Files\Save
Et :
C:\Program Files\WhenUSearch est désormer dans la corbeil
de plus quand j'ai fixé un dossier "Backup" est apparu sur le bureau voila le résultat de se que j'ai fait je suis a votre écoute
merci encore
Pas grave pour Save, tu peux virer le dossier Backups.
Reposte un rapport Hijackthis.
Répondre à Angeldark
Salut dit moi en attendant ta réponse j'ai lancer un scan antivir en mode sans échec et je suis a 13 détection je ne sais pas si j'ai bien fait ( sa peu pas lui faire de mal de toute façon) tu voudra le rapport antivir? aussi (il est pas fini encore mais il va pas tarder d'ici 30minutes tu a t'es deux rapport
Message édité par PaRoLe-SaGe le 04-12-2008 à 17:22:35
Yep balance le rapport
Répondre à Angeldark
Il y a 269 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
