antivirus non valide
Dernière réponse : dans Sécurité
bonjour
mon antivirus antivir n est plus valide
je suis allee sur le site pour le remettre on m a demande d'envoyer un sms pour avoir un code je l'ai fais j'ai rentre le code recu fini le téléchargement et la resultat mon antivir n est toujours pas valide
je ne sais plus comment faire aidez moi
de plus mon ordi rame
merci
mon antivirus antivir n est plus valide
je suis allee sur le site pour le remettre on m a demande d'envoyer un sms pour avoir un code je l'ai fais j'ai rentre le code recu fini le téléchargement et la resultat mon antivir n est toujours pas valide
je ne sais plus comment faire aidez moi
de plus mon ordi rame
merci
Autres pages sur : antivirus valide
Lassé par la pub ? Créez un compte
Le lien de Start ?
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
voici le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:38:13, on 05/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} - C:\WINDOWS\system32\hojubipa.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\for trust.exe
O4 - HKLM\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s
O4 - HKLM\..\Run: [CPMffa27c90] Rundll32.exe "c:\windows\system32\yekoyafa.dll",a
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Dash Regs] C:\DOCUME~1\mylene\APPLIC~1\DARTON~1\CityHelpPop.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\WINDOWS\system32\vavosiwo.dll c:\windows\system32\yekoyafa.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yekoyafa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yekoyafa.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 11236 bytes
merci de me dire quoi faire
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:38:13, on 05/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} - C:\WINDOWS\system32\hojubipa.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\for trust.exe
O4 - HKLM\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s
O4 - HKLM\..\Run: [CPMffa27c90] Rundll32.exe "c:\windows\system32\yekoyafa.dll",a
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Dash Regs] C:\DOCUME~1\mylene\APPLIC~1\DARTON~1\CityHelpPop.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\WINDOWS\system32\vavosiwo.dll c:\windows\system32\yekoyafa.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yekoyafa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yekoyafa.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 11236 bytes
merci de me dire quoi faire
J'aime quand on répond à mes questions ![:/]( ":/")
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
je me suis mis sur le l icone d antivir sart antivir et la tu as la validitee de l'antivirus a partir de la j ai cliquer sur le lien et je suis arrivée sur internet et les differents types d'antivir gratuit et payant
voivi le rapport
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1456
Windows 5.1.2600 Service Pack 3
06/12/2008 21:54:05
mbam-log-2008-12-06 (21-54-05).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 127701
Temps écoulé: 1 hour(s), 14 minute(s), 29 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 7
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 20
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\yekoyafa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\vavosiwo.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\kisijegu.dll (Trojan.BHO) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fc914f0c (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vusenosoto (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpmffa27c90 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bend logo clock film (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\yekoyafa.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\yekoyafa.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\vavosiwo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\vavosiwo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\vavosiwo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: c:\windows\system32\kisijegu.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: system32\kisijegu.dll -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Frag great bend logo (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\nogorike.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ekirogon.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tagetega.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\agetegat.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zahuzihi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ihizuhaz.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nojuvuva.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\yekoyafa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hojubipa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vavosiwo.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\kisijegu.dll (Trojan.BHO) -> Delete on reboot.
C:\Documents and Settings\mylene\Local Settings\Temporary Internet Files\Content.IE5\F1T7QRO8\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F600EB76-36C2-42A6-AEB9-4496F7A72FEE}\RP348\A0039982.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F600EB76-36C2-42A6-AEB9-4496F7A72FEE}\RP348\A0039983.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F600EB76-36C2-42A6-AEB9-4496F7A72FEE}\RP348\A0039984.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bulawasi.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lodivoyo.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\loyayono.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nonabefa.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Frag great bend logo\for trust.exe (Trojan.Agent) -> Quarantined and deleted successfully.
merci
voivi le rapport
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1456
Windows 5.1.2600 Service Pack 3
06/12/2008 21:54:05
mbam-log-2008-12-06 (21-54-05).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 127701
Temps écoulé: 1 hour(s), 14 minute(s), 29 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 7
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 20
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\yekoyafa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\vavosiwo.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\kisijegu.dll (Trojan.BHO) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fc914f0c (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vusenosoto (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpmffa27c90 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bend logo clock film (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\yekoyafa.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\yekoyafa.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\vavosiwo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\vavosiwo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\vavosiwo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: c:\windows\system32\kisijegu.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: system32\kisijegu.dll -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Frag great bend logo (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\nogorike.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ekirogon.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tagetega.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\agetegat.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zahuzihi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ihizuhaz.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nojuvuva.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\yekoyafa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hojubipa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vavosiwo.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\kisijegu.dll (Trojan.BHO) -> Delete on reboot.
C:\Documents and Settings\mylene\Local Settings\Temporary Internet Files\Content.IE5\F1T7QRO8\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F600EB76-36C2-42A6-AEB9-4496F7A72FEE}\RP348\A0039982.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F600EB76-36C2-42A6-AEB9-4496F7A72FEE}\RP348\A0039983.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F600EB76-36C2-42A6-AEB9-4496F7A72FEE}\RP348\A0039984.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bulawasi.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lodivoyo.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\loyayono.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nonabefa.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Frag great bend logo\for trust.exe (Trojan.Agent) -> Quarantined and deleted successfully.
merci
Voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:09:57, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Dash Regs] C:\DOCUME~1\mylene\APPLIC~1\DARTON~1\CityHelpPop.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs:
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 10609 bytes
Merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:09:57, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Dash Regs] C:\DOCUME~1\mylene\APPLIC~1\DARTON~1\CityHelpPop.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs:
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 10609 bytes
Merci
Re,
Télécharge FindAWF ([#ff0000]random/random & noahdfear[/#f])
Sauvegarde le fichier sur ton Bureau.
Double-clique sur l'icône FindAWF. Appuie sur une touche pour poursuivre le lancement de l'outil.
Si une alerte de sécurité apparait, autorise le programme à s'exécuter.
Comme indiqué, presse une touche pour continuer.
Choisis l'option suivante : Press 1 then Enter to scan for bak folders.
Le scan peut prendre un peu de temps, donc sois patient.
Quand il a fini, un rapport Find AWF report est généré.
Poste ce rapport Find AWF report dans ta prochaine réponse.
Télécharge FindAWF ([#ff0000]random/random & noahdfear[/#f])
Sauvegarde le fichier sur ton Bureau.
Double-clique sur l'icône FindAWF. Appuie sur une touche pour poursuivre le lancement de l'outil.
Si une alerte de sécurité apparait, autorise le programme à s'exécuter.
Comme indiqué, presse une touche pour continuer.
Choisis l'option suivante : Press 1 then Enter to scan for bak folders.
Le scan peut prendre un peu de temps, donc sois patient.
Quand il a fini, un rapport Find AWF report est généré.
Poste ce rapport Find AWF report dans ta prochaine réponse.
Re,
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de LopS&D.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré (C:\lopR.txt*)
* le nom de la partition peut changer
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
* le nom de la partition peut changer
voila le rapport
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
BIOS : BIOS Date: 02/17/05 15:21:41 Ver: 08.00.09
USER : mylene ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:129 Go)
D:\ (Local Disk) - FAT32 - Total:2 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 09/12/2008|18:51 )
--------------------\\ Listing des dossiers dans APPLIC~1
[12/05/2008|10:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[20/02/2005|23:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver
[30/06/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2005|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/11/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[28/05/2008|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[14/07/2007|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/05/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06/12/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/06/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/12/2008|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[15/02/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/04/2006|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[02/05/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/05/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/12/2007|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/02/2005|23:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[20/02/2005|23:51] C:\DOCUME~1\edmomd\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\edmomd\APPLIC~1\Identities
[02/05/2006|18:37] C:\DOCUME~1\edmomd\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\edmomd\APPLIC~1\You've Got Pictures Screensaver
[15/02/2005|06:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/09/2005|17:40] C:\DOCUME~1\mumu\APPLIC~1\Ahead
[20/02/2005|23:51] C:\DOCUME~1\mumu\APPLIC~1\AOL
[25/08/2007|19:04] C:\DOCUME~1\mumu\APPLIC~1\Google
[15/02/2005|06:42] C:\DOCUME~1\mumu\APPLIC~1\Identities
[04/05/2007|16:53] C:\DOCUME~1\mumu\APPLIC~1\Macromedia
[04/05/2007|16:54] C:\DOCUME~1\mumu\APPLIC~1\Microsoft
[02/08/2006|11:44] C:\DOCUME~1\mumu\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\mumu\APPLIC~1\You've Got Pictures Screensaver
[17/01/2008|19:32] C:\DOCUME~1\mylene\APPLIC~1\Adobe
[30/06/2008|18:56] C:\DOCUME~1\mylene\APPLIC~1\AdobeUM
[20/02/2005|23:51] C:\DOCUME~1\mylene\APPLIC~1\AOL
[03/05/2005|17:56] C:\DOCUME~1\mylene\APPLIC~1\ArcSoft
[11/12/2005|12:00] C:\DOCUME~1\mylene\APPLIC~1\CyberLink
[20/08/2008|18:31] C:\DOCUME~1\mylene\APPLIC~1\dart once user
[03/05/2007|17:53] C:\DOCUME~1\mylene\APPLIC~1\F-Secure
[04/05/2007|17:27] C:\DOCUME~1\mylene\APPLIC~1\Google
[11/05/2006|17:27] C:\DOCUME~1\mylene\APPLIC~1\Help
[15/02/2005|06:42] C:\DOCUME~1\mylene\APPLIC~1\Identities
[29/04/2005|18:22] C:\DOCUME~1\mylene\APPLIC~1\Macromedia
[06/12/2008|20:35] C:\DOCUME~1\mylene\APPLIC~1\Malwarebytes
[03/02/2008|20:00] C:\DOCUME~1\mylene\APPLIC~1\Microsoft
[02/05/2007|17:16] C:\DOCUME~1\mylene\APPLIC~1\MSNInstaller
[06/04/2006|18:49] C:\DOCUME~1\mylene\APPLIC~1\Ulead Systems
[10/09/2008|13:03] C:\DOCUME~1\mylene\APPLIC~1\Viewpoint
[20/02/2005|23:50] C:\DOCUME~1\mylene\APPLIC~1\You've Got Pictures Screensaver
[17/12/2005|10:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[29/04/2005|17:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08/12/2008 21:00][--ah-----] C:\WINDOWS\tasks\A8BB70BA9188EB9A.job
[08/12/2008 20:22][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[09/12/2008 18:38][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
( A8BB70BA9188EB9A.job )=( c:\docume~1\mylene\applic~1\darton~1\CORNFILEDELETE.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[20/08/2007|11:45] C:\Program Files\Adobe
[15/02/2005|23:22] C:\Program Files\Ahead
[04/05/2007|15:04] C:\Program Files\Alwil Software
[06/11/2007|13:12] C:\Program Files\AOL
[11/05/2006|17:28] C:\Program Files\AOL 9.0
[20/02/2005|23:50] C:\Program Files\AOL Compagnon
[01/05/2007|17:16] C:\Program Files\AOL Toolbar
[03/05/2005|17:53] C:\Program Files\ArcSoft
[28/05/2008|13:38] C:\Program Files\Avira
[15/02/2005|08:10] C:\Program Files\AvRack
[13/07/2008|13:23] C:\Program Files\Circle Developement
[15/02/2005|06:40] C:\Program Files\ComPlus Applications
[15/02/2005|08:13] C:\Program Files\CONEXANT
[20/02/2005|21:32] C:\Program Files\CyberLink
[01/08/2008|18:07] C:\Program Files\dart once user
[06/04/2006|18:02] C:\Program Files\Digital Camera
[15/02/2005|23:35] C:\Program Files\DivX
[20/07/2007|12:02] C:\Program Files\Empire Interactive
[15/02/2005|08:27] C:\Program Files\Encarta
[03/05/2008|18:59] C:\Program Files\Fichiers communs
[24/05/2008|13:07] C:\Program Files\Google
[08/05/2005|17:59] C:\Program Files\Hewlett-Packard
[16/02/2005|00:33] C:\Program Files\HighMAT CD Writing Wizard
[08/05/2005|18:00] C:\Program Files\hp deskjet 3820 series
[07/12/2008|18:43] C:\Program Files\InstallShield Installation Information
[14/10/2008|20:34] C:\Program Files\Internet Explorer
[03/05/2008|18:59] C:\Program Files\Lavasoft
[20/02/2005|23:50] C:\Program Files\Learn2.com
[06/12/2008|20:35] C:\Program Files\Malwarebytes' Anti-Malware
[25/03/2006|18:46] C:\Program Files\Maxis
[09/07/2005|09:34] C:\Program Files\Media Pocket
[17/08/2008|10:01] C:\Program Files\Messenger
[17/09/2008|19:11] C:\Program Files\Messenger Plus! Live
[15/02/2005|08:29] C:\Program Files\Microsoft AutoRoute
[15/02/2005|06:42] C:\Program Files\microsoft frontpage
[29/04/2005|17:52] C:\Program Files\Microsoft Money 2005
[25/03/2006|18:47] C:\Program Files\Microsoft Office
[21/12/2007|19:35] C:\Program Files\Microsoft SQL Server Compact Edition
[15/02/2005|08:21] C:\Program Files\Microsoft Works
[15/02/2005|08:16] C:\Program Files\Microsoft Works Suite 2005
[17/08/2008|09:34] C:\Program Files\Movie Maker
[15/12/2005|18:49] C:\Program Files\MP3 Player Utilities
[22/06/2005|11:57] C:\Program Files\MSN
[15/02/2005|06:39] C:\Program Files\MSN Gaming Zone
[02/05/2007|17:51] C:\Program Files\MSXML 4.0
[17/08/2008|09:31] C:\Program Files\NetMeeting
[18/04/2007|17:41] C:\Program Files\Neuf
[15/02/2005|06:39] C:\Program Files\Online Services
[17/08/2008|09:31] C:\Program Files\Outlook Express
[04/05/2007|17:17] C:\Program Files\Pack S‚curit‚
[24/10/2007|17:17] C:\Program Files\PC Inspector File Recovery
[03/03/2006|20:43] C:\Program Files\Picture It! Premium 10
[20/02/2005|23:50] C:\Program Files\QuickTime
[20/02/2005|23:49] C:\Program Files\Real
[15/02/2005|08:10] C:\Program Files\Realtek Sound Manager
[15/02/2005|08:08] C:\Program Files\S3Inc
[07/12/2008|18:43] C:\Program Files\Samsung
[15/02/2005|06:40] C:\Program Files\Services en ligne
[20/02/2005|23:48] C:\Program Files\TechCity Solutions
[14/05/2008|11:22] C:\Program Files\Trend Micro
[06/04/2006|18:00] C:\Program Files\Ulead Systems
[17/12/2005|09:18] C:\Program Files\Uninstall Information
[15/02/2005|08:13] C:\Program Files\USB Storage RW
[15/02/2005|08:07] C:\Program Files\VIA
[20/02/2005|23:50] C:\Program Files\Viewpoint
[15/02/2005|06:46] C:\Program Files\Windows Journal Viewer
[29/02/2008|18:26] C:\Program Files\Windows Live
[03/05/2007|18:36] C:\Program Files\Windows Live Favorites
[13/08/2007|17:46] C:\Program Files\Windows Live Safety Center
[30/11/2007|22:27] C:\Program Files\Windows Live Toolbar
[28/09/2007|15:04] C:\Program Files\Windows Media Connect
[28/09/2007|15:07] C:\Program Files\Windows Media Connect 2
[17/08/2008|09:31] C:\Program Files\Windows Media Player
[17/08/2008|09:31] C:\Program Files\Windows NT
[15/02/2005|06:40] C:\Program Files\WindowsUpdate
[15/02/2005|06:42] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[30/06/2008|18:58] C:\Program Files\Fichiers communs\Adobe
[15/02/2005|23:17] C:\Program Files\Fichiers communs\Ahead
[06/11/2007|13:19] C:\Program Files\Fichiers communs\AOL
[20/02/2005|23:51] C:\Program Files\Fichiers communs\aolback
[14/03/2005|08:07] C:\Program Files\Fichiers communs\aolshare
[15/02/2005|08:21] C:\Program Files\Fichiers communs\Designer
[16/12/2005|19:07] C:\Program Files\Fichiers communs\DirectX
[15/02/2005|08:12] C:\Program Files\Fichiers communs\InstallShield
[21/12/2007|19:32] C:\Program Files\Fichiers communs\Microsoft Shared
[15/02/2005|06:40] C:\Program Files\Fichiers communs\MSSoap
[15/02/2005|23:21] C:\Program Files\Fichiers communs\Nero
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Nullsoft
[15/02/2005|07:35] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Real
[15/02/2005|06:40] C:\Program Files\Fichiers communs\Services
[15/02/2005|07:35] C:\Program Files\Fichiers communs\SpeechEngines
[17/08/2008|09:31] C:\Program Files\Fichiers communs\System
[06/04/2006|17:58] C:\Program Files\Fichiers communs\Ulead Systems
[21/12/2007|19:31] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/05/2008|18:59] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 53 Processes )
IEXPLORE.EXE ~ [PID:452]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\mylene\LOCALS~1\Temp\bis2F.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\mylene\APPLIC~1\darton~1
C:\Program Files\darton~1
C:\Program Files\Circle Developement
C:\DOCUME~1\mylene\Cookies\mylene@advertstream[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@advertising[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@adin.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr.xblaster.bigpoint[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[3].txt
C:\DOCUME~1\mylene\Cookies\mylene@banner.cotedazurpalace[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@cotedazurpalace[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@www.cotedazurpalace[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@adopt.euroclick[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@pacificpoker[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@partypoker[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[3].txt
C:\DOCUME~1\mylene\Cookies\mylene@32vegas[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@banner.32vegas[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@www.lop[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@2xmoinscher[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@www.2xmoinscher[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@888[1].txt
C:\WINDOWS\Tasks\A8BB70BA9188EB9A.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dash Regs"="C:\\DOCUME~1\\mylene\\APPLIC~1\\DARTON~1\\CityHelpPop.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-09 18:52:23
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 111
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1420][D:14]-> C:\DOCUME~1\mylene\LOCALS~1\Temp
[F:1135][D:0]-> C:\DOCUME~1\mylene\Cookies
[F:16951][D:30]-> C:\DOCUME~1\mylene\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/12/2008|18:54 - Option : [1]
--------------------\\ Fin du rapport a 18:54:58
vu tout ce que tu me fait faire mon ordi est beaucoup malade!!!!! ou c est simplement une precaution avant de remettre l antivirus
merci
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
BIOS : BIOS Date: 02/17/05 15:21:41 Ver: 08.00.09
USER : mylene ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:129 Go)
D:\ (Local Disk) - FAT32 - Total:2 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 09/12/2008|18:51 )
--------------------\\ Listing des dossiers dans APPLIC~1
[12/05/2008|10:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[20/02/2005|23:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver
[30/06/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2005|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/11/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[28/05/2008|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[14/07/2007|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/05/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06/12/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/06/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/12/2008|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[15/02/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/04/2006|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[02/05/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/05/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/12/2007|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/02/2005|23:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[20/02/2005|23:51] C:\DOCUME~1\edmomd\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\edmomd\APPLIC~1\Identities
[02/05/2006|18:37] C:\DOCUME~1\edmomd\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\edmomd\APPLIC~1\You've Got Pictures Screensaver
[15/02/2005|06:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/09/2005|17:40] C:\DOCUME~1\mumu\APPLIC~1\Ahead
[20/02/2005|23:51] C:\DOCUME~1\mumu\APPLIC~1\AOL
[25/08/2007|19:04] C:\DOCUME~1\mumu\APPLIC~1\Google
[15/02/2005|06:42] C:\DOCUME~1\mumu\APPLIC~1\Identities
[04/05/2007|16:53] C:\DOCUME~1\mumu\APPLIC~1\Macromedia
[04/05/2007|16:54] C:\DOCUME~1\mumu\APPLIC~1\Microsoft
[02/08/2006|11:44] C:\DOCUME~1\mumu\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\mumu\APPLIC~1\You've Got Pictures Screensaver
[17/01/2008|19:32] C:\DOCUME~1\mylene\APPLIC~1\Adobe
[30/06/2008|18:56] C:\DOCUME~1\mylene\APPLIC~1\AdobeUM
[20/02/2005|23:51] C:\DOCUME~1\mylene\APPLIC~1\AOL
[03/05/2005|17:56] C:\DOCUME~1\mylene\APPLIC~1\ArcSoft
[11/12/2005|12:00] C:\DOCUME~1\mylene\APPLIC~1\CyberLink
[20/08/2008|18:31] C:\DOCUME~1\mylene\APPLIC~1\dart once user
[03/05/2007|17:53] C:\DOCUME~1\mylene\APPLIC~1\F-Secure
[04/05/2007|17:27] C:\DOCUME~1\mylene\APPLIC~1\Google
[11/05/2006|17:27] C:\DOCUME~1\mylene\APPLIC~1\Help
[15/02/2005|06:42] C:\DOCUME~1\mylene\APPLIC~1\Identities
[29/04/2005|18:22] C:\DOCUME~1\mylene\APPLIC~1\Macromedia
[06/12/2008|20:35] C:\DOCUME~1\mylene\APPLIC~1\Malwarebytes
[03/02/2008|20:00] C:\DOCUME~1\mylene\APPLIC~1\Microsoft
[02/05/2007|17:16] C:\DOCUME~1\mylene\APPLIC~1\MSNInstaller
[06/04/2006|18:49] C:\DOCUME~1\mylene\APPLIC~1\Ulead Systems
[10/09/2008|13:03] C:\DOCUME~1\mylene\APPLIC~1\Viewpoint
[20/02/2005|23:50] C:\DOCUME~1\mylene\APPLIC~1\You've Got Pictures Screensaver
[17/12/2005|10:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[29/04/2005|17:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08/12/2008 21:00][--ah-----] C:\WINDOWS\tasks\A8BB70BA9188EB9A.job
[08/12/2008 20:22][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[09/12/2008 18:38][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
( A8BB70BA9188EB9A.job )=( c:\docume~1\mylene\applic~1\darton~1\CORNFILEDELETE.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[20/08/2007|11:45] C:\Program Files\Adobe
[15/02/2005|23:22] C:\Program Files\Ahead
[04/05/2007|15:04] C:\Program Files\Alwil Software
[06/11/2007|13:12] C:\Program Files\AOL
[11/05/2006|17:28] C:\Program Files\AOL 9.0
[20/02/2005|23:50] C:\Program Files\AOL Compagnon
[01/05/2007|17:16] C:\Program Files\AOL Toolbar
[03/05/2005|17:53] C:\Program Files\ArcSoft
[28/05/2008|13:38] C:\Program Files\Avira
[15/02/2005|08:10] C:\Program Files\AvRack
[13/07/2008|13:23] C:\Program Files\Circle Developement
[15/02/2005|06:40] C:\Program Files\ComPlus Applications
[15/02/2005|08:13] C:\Program Files\CONEXANT
[20/02/2005|21:32] C:\Program Files\CyberLink
[01/08/2008|18:07] C:\Program Files\dart once user
[06/04/2006|18:02] C:\Program Files\Digital Camera
[15/02/2005|23:35] C:\Program Files\DivX
[20/07/2007|12:02] C:\Program Files\Empire Interactive
[15/02/2005|08:27] C:\Program Files\Encarta
[03/05/2008|18:59] C:\Program Files\Fichiers communs
[24/05/2008|13:07] C:\Program Files\Google
[08/05/2005|17:59] C:\Program Files\Hewlett-Packard
[16/02/2005|00:33] C:\Program Files\HighMAT CD Writing Wizard
[08/05/2005|18:00] C:\Program Files\hp deskjet 3820 series
[07/12/2008|18:43] C:\Program Files\InstallShield Installation Information
[14/10/2008|20:34] C:\Program Files\Internet Explorer
[03/05/2008|18:59] C:\Program Files\Lavasoft
[20/02/2005|23:50] C:\Program Files\Learn2.com
[06/12/2008|20:35] C:\Program Files\Malwarebytes' Anti-Malware
[25/03/2006|18:46] C:\Program Files\Maxis
[09/07/2005|09:34] C:\Program Files\Media Pocket
[17/08/2008|10:01] C:\Program Files\Messenger
[17/09/2008|19:11] C:\Program Files\Messenger Plus! Live
[15/02/2005|08:29] C:\Program Files\Microsoft AutoRoute
[15/02/2005|06:42] C:\Program Files\microsoft frontpage
[29/04/2005|17:52] C:\Program Files\Microsoft Money 2005
[25/03/2006|18:47] C:\Program Files\Microsoft Office
[21/12/2007|19:35] C:\Program Files\Microsoft SQL Server Compact Edition
[15/02/2005|08:21] C:\Program Files\Microsoft Works
[15/02/2005|08:16] C:\Program Files\Microsoft Works Suite 2005
[17/08/2008|09:34] C:\Program Files\Movie Maker
[15/12/2005|18:49] C:\Program Files\MP3 Player Utilities
[22/06/2005|11:57] C:\Program Files\MSN
[15/02/2005|06:39] C:\Program Files\MSN Gaming Zone
[02/05/2007|17:51] C:\Program Files\MSXML 4.0
[17/08/2008|09:31] C:\Program Files\NetMeeting
[18/04/2007|17:41] C:\Program Files\Neuf
[15/02/2005|06:39] C:\Program Files\Online Services
[17/08/2008|09:31] C:\Program Files\Outlook Express
[04/05/2007|17:17] C:\Program Files\Pack S‚curit‚
[24/10/2007|17:17] C:\Program Files\PC Inspector File Recovery
[03/03/2006|20:43] C:\Program Files\Picture It! Premium 10
[20/02/2005|23:50] C:\Program Files\QuickTime
[20/02/2005|23:49] C:\Program Files\Real
[15/02/2005|08:10] C:\Program Files\Realtek Sound Manager
[15/02/2005|08:08] C:\Program Files\S3Inc
[07/12/2008|18:43] C:\Program Files\Samsung
[15/02/2005|06:40] C:\Program Files\Services en ligne
[20/02/2005|23:48] C:\Program Files\TechCity Solutions
[14/05/2008|11:22] C:\Program Files\Trend Micro
[06/04/2006|18:00] C:\Program Files\Ulead Systems
[17/12/2005|09:18] C:\Program Files\Uninstall Information
[15/02/2005|08:13] C:\Program Files\USB Storage RW
[15/02/2005|08:07] C:\Program Files\VIA
[20/02/2005|23:50] C:\Program Files\Viewpoint
[15/02/2005|06:46] C:\Program Files\Windows Journal Viewer
[29/02/2008|18:26] C:\Program Files\Windows Live
[03/05/2007|18:36] C:\Program Files\Windows Live Favorites
[13/08/2007|17:46] C:\Program Files\Windows Live Safety Center
[30/11/2007|22:27] C:\Program Files\Windows Live Toolbar
[28/09/2007|15:04] C:\Program Files\Windows Media Connect
[28/09/2007|15:07] C:\Program Files\Windows Media Connect 2
[17/08/2008|09:31] C:\Program Files\Windows Media Player
[17/08/2008|09:31] C:\Program Files\Windows NT
[15/02/2005|06:40] C:\Program Files\WindowsUpdate
[15/02/2005|06:42] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[30/06/2008|18:58] C:\Program Files\Fichiers communs\Adobe
[15/02/2005|23:17] C:\Program Files\Fichiers communs\Ahead
[06/11/2007|13:19] C:\Program Files\Fichiers communs\AOL
[20/02/2005|23:51] C:\Program Files\Fichiers communs\aolback
[14/03/2005|08:07] C:\Program Files\Fichiers communs\aolshare
[15/02/2005|08:21] C:\Program Files\Fichiers communs\Designer
[16/12/2005|19:07] C:\Program Files\Fichiers communs\DirectX
[15/02/2005|08:12] C:\Program Files\Fichiers communs\InstallShield
[21/12/2007|19:32] C:\Program Files\Fichiers communs\Microsoft Shared
[15/02/2005|06:40] C:\Program Files\Fichiers communs\MSSoap
[15/02/2005|23:21] C:\Program Files\Fichiers communs\Nero
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Nullsoft
[15/02/2005|07:35] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Real
[15/02/2005|06:40] C:\Program Files\Fichiers communs\Services
[15/02/2005|07:35] C:\Program Files\Fichiers communs\SpeechEngines
[17/08/2008|09:31] C:\Program Files\Fichiers communs\System
[06/04/2006|17:58] C:\Program Files\Fichiers communs\Ulead Systems
[21/12/2007|19:31] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/05/2008|18:59] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 53 Processes )
IEXPLORE.EXE ~ [PID:452]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\mylene\LOCALS~1\Temp\bis2F.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\mylene\APPLIC~1\darton~1
C:\Program Files\darton~1
C:\Program Files\Circle Developement
C:\DOCUME~1\mylene\Cookies\mylene@advertstream[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@advertising[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@adin.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr.xblaster.bigpoint[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[3].txt
C:\DOCUME~1\mylene\Cookies\mylene@banner.cotedazurpalace[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@cotedazurpalace[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@www.cotedazurpalace[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@adopt.euroclick[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@pacificpoker[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@partypoker[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[3].txt
C:\DOCUME~1\mylene\Cookies\mylene@32vegas[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@banner.32vegas[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@www.lop[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@2xmoinscher[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@www.2xmoinscher[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@888[1].txt
C:\WINDOWS\Tasks\A8BB70BA9188EB9A.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dash Regs"="C:\\DOCUME~1\\mylene\\APPLIC~1\\DARTON~1\\CityHelpPop.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-09 18:52:23
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 111
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1420][D:14]-> C:\DOCUME~1\mylene\LOCALS~1\Temp
[F:1135][D:0]-> C:\DOCUME~1\mylene\Cookies
[F:16951][D:30]-> C:\DOCUME~1\mylene\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/12/2008|18:54 - Option : [1]
--------------------\\ Fin du rapport a 18:54:58
vu tout ce que tu me fait faire mon ordi est beaucoup malade!!!!! ou c est simplement une precaution avant de remettre l antivirus
merci
le rapport
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
BIOS : BIOS Date: 02/17/05 15:21:41 Ver: 08.00.09
USER : mylene ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:129 Go)
D:\ (Local Disk) - FAT32 - Total:2 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 10/12/2008|18:21 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr.thepimps.bigpoint[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr.xblaster.bigpoint[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[3].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@partypoker[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@32vegas[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@www.lop[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@888[1].txt
Supprime! - C:\WINDOWS\Tasks\A8BB70BA9188EB9A.job
Supprime! - C:\DOCUME~1\mylene\LOCALS~1\Temp\bis2F.exe
Supprime! - C:\DOCUME~1\mylene\APPLIC~1\darton~1
Supprime! - C:\Program Files\darton~1
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\mylene\APPLIC~1\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[12/05/2008|10:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[20/02/2005|23:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver
[30/06/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2005|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/11/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[28/05/2008|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[14/07/2007|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/05/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06/12/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/06/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/12/2008|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[15/02/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/04/2006|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[02/05/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/05/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/12/2007|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/02/2005|23:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[20/02/2005|23:51] C:\DOCUME~1\edmomd\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\edmomd\APPLIC~1\Identities
[02/05/2006|18:37] C:\DOCUME~1\edmomd\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\edmomd\APPLIC~1\You've Got Pictures Screensaver
[15/02/2005|06:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/09/2005|17:40] C:\DOCUME~1\mumu\APPLIC~1\Ahead
[20/02/2005|23:51] C:\DOCUME~1\mumu\APPLIC~1\AOL
[25/08/2007|19:04] C:\DOCUME~1\mumu\APPLIC~1\Google
[15/02/2005|06:42] C:\DOCUME~1\mumu\APPLIC~1\Identities
[04/05/2007|16:53] C:\DOCUME~1\mumu\APPLIC~1\Macromedia
[04/05/2007|16:54] C:\DOCUME~1\mumu\APPLIC~1\Microsoft
[02/08/2006|11:44] C:\DOCUME~1\mumu\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\mumu\APPLIC~1\You've Got Pictures Screensaver
[17/01/2008|19:32] C:\DOCUME~1\mylene\APPLIC~1\Adobe
[30/06/2008|18:56] C:\DOCUME~1\mylene\APPLIC~1\AdobeUM
[20/02/2005|23:51] C:\DOCUME~1\mylene\APPLIC~1\AOL
[03/05/2005|17:56] C:\DOCUME~1\mylene\APPLIC~1\ArcSoft
[11/12/2005|12:00] C:\DOCUME~1\mylene\APPLIC~1\CyberLink
[03/05/2007|17:53] C:\DOCUME~1\mylene\APPLIC~1\F-Secure
[04/05/2007|17:27] C:\DOCUME~1\mylene\APPLIC~1\Google
[11/05/2006|17:27] C:\DOCUME~1\mylene\APPLIC~1\Help
[15/02/2005|06:42] C:\DOCUME~1\mylene\APPLIC~1\Identities
[29/04/2005|18:22] C:\DOCUME~1\mylene\APPLIC~1\Macromedia
[06/12/2008|20:35] C:\DOCUME~1\mylene\APPLIC~1\Malwarebytes
[03/02/2008|20:00] C:\DOCUME~1\mylene\APPLIC~1\Microsoft
[02/05/2007|17:16] C:\DOCUME~1\mylene\APPLIC~1\MSNInstaller
[06/04/2006|18:49] C:\DOCUME~1\mylene\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\mylene\APPLIC~1\You've Got Pictures Screensaver
[17/12/2005|10:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[29/04/2005|17:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[10/12/2008 18:22][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[10/12/2008 15:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/08/2007|11:45] C:\Program Files\Adobe
[15/02/2005|23:22] C:\Program Files\Ahead
[04/05/2007|15:04] C:\Program Files\Alwil Software
[06/11/2007|13:12] C:\Program Files\AOL
[11/05/2006|17:28] C:\Program Files\AOL 9.0
[20/02/2005|23:50] C:\Program Files\AOL Compagnon
[01/05/2007|17:16] C:\Program Files\AOL Toolbar
[03/05/2005|17:53] C:\Program Files\ArcSoft
[28/05/2008|13:38] C:\Program Files\Avira
[15/02/2005|08:10] C:\Program Files\AvRack
[15/02/2005|06:40] C:\Program Files\ComPlus Applications
[15/02/2005|08:13] C:\Program Files\CONEXANT
[20/02/2005|21:32] C:\Program Files\CyberLink
[06/04/2006|18:02] C:\Program Files\Digital Camera
[15/02/2005|23:35] C:\Program Files\DivX
[20/07/2007|12:02] C:\Program Files\Empire Interactive
[15/02/2005|08:27] C:\Program Files\Encarta
[03/05/2008|18:59] C:\Program Files\Fichiers communs
[24/05/2008|13:07] C:\Program Files\Google
[08/05/2005|17:59] C:\Program Files\Hewlett-Packard
[16/02/2005|00:33] C:\Program Files\HighMAT CD Writing Wizard
[08/05/2005|18:00] C:\Program Files\hp deskjet 3820 series
[07/12/2008|18:43] C:\Program Files\InstallShield Installation Information
[14/10/2008|20:34] C:\Program Files\Internet Explorer
[03/05/2008|18:59] C:\Program Files\Lavasoft
[20/02/2005|23:50] C:\Program Files\Learn2.com
[06/12/2008|20:35] C:\Program Files\Malwarebytes' Anti-Malware
[25/03/2006|18:46] C:\Program Files\Maxis
[09/07/2005|09:34] C:\Program Files\Media Pocket
[17/08/2008|10:01] C:\Program Files\Messenger
[17/09/2008|19:11] C:\Program Files\Messenger Plus! Live
[15/02/2005|08:29] C:\Program Files\Microsoft AutoRoute
[15/02/2005|06:42] C:\Program Files\microsoft frontpage
[29/04/2005|17:52] C:\Program Files\Microsoft Money 2005
[25/03/2006|18:47] C:\Program Files\Microsoft Office
[21/12/2007|19:35] C:\Program Files\Microsoft SQL Server Compact Edition
[15/02/2005|08:21] C:\Program Files\Microsoft Works
[15/02/2005|08:16] C:\Program Files\Microsoft Works Suite 2005
[17/08/2008|09:34] C:\Program Files\Movie Maker
[15/12/2005|18:49] C:\Program Files\MP3 Player Utilities
[22/06/2005|11:57] C:\Program Files\MSN
[15/02/2005|06:39] C:\Program Files\MSN Gaming Zone
[02/05/2007|17:51] C:\Program Files\MSXML 4.0
[17/08/2008|09:31] C:\Program Files\NetMeeting
[18/04/2007|17:41] C:\Program Files\Neuf
[15/02/2005|06:39] C:\Program Files\Online Services
[17/08/2008|09:31] C:\Program Files\Outlook Express
[04/05/2007|17:17] C:\Program Files\Pack S‚curit‚
[24/10/2007|17:17] C:\Program Files\PC Inspector File Recovery
[03/03/2006|20:43] C:\Program Files\Picture It! Premium 10
[20/02/2005|23:50] C:\Program Files\QuickTime
[20/02/2005|23:49] C:\Program Files\Real
[15/02/2005|08:10] C:\Program Files\Realtek Sound Manager
[15/02/2005|08:08] C:\Program Files\S3Inc
[07/12/2008|18:43] C:\Program Files\Samsung
[15/02/2005|06:40] C:\Program Files\Services en ligne
[20/02/2005|23:48] C:\Program Files\TechCity Solutions
[14/05/2008|11:22] C:\Program Files\Trend Micro
[06/04/2006|18:00] C:\Program Files\Ulead Systems
[17/12/2005|09:18] C:\Program Files\Uninstall Information
[15/02/2005|08:13] C:\Program Files\USB Storage RW
[15/02/2005|08:07] C:\Program Files\VIA
[15/02/2005|06:46] C:\Program Files\Windows Journal Viewer
[29/02/2008|18:26] C:\Program Files\Windows Live
[03/05/2007|18:36] C:\Program Files\Windows Live Favorites
[13/08/2007|17:46] C:\Program Files\Windows Live Safety Center
[30/11/2007|22:27] C:\Program Files\Windows Live Toolbar
[28/09/2007|15:04] C:\Program Files\Windows Media Connect
[28/09/2007|15:07] C:\Program Files\Windows Media Connect 2
[17/08/2008|09:31] C:\Program Files\Windows Media Player
[17/08/2008|09:31] C:\Program Files\Windows NT
[15/02/2005|06:40] C:\Program Files\WindowsUpdate
[15/02/2005|06:42] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[30/06/2008|18:58] C:\Program Files\Fichiers communs\Adobe
[15/02/2005|23:17] C:\Program Files\Fichiers communs\Ahead
[06/11/2007|13:19] C:\Program Files\Fichiers communs\AOL
[20/02/2005|23:51] C:\Program Files\Fichiers communs\aolback
[14/03/2005|08:07] C:\Program Files\Fichiers communs\aolshare
[15/02/2005|08:21] C:\Program Files\Fichiers communs\Designer
[16/12/2005|19:07] C:\Program Files\Fichiers communs\DirectX
[15/02/2005|08:12] C:\Program Files\Fichiers communs\InstallShield
[21/12/2007|19:32] C:\Program Files\Fichiers communs\Microsoft Shared
[15/02/2005|06:40] C:\Program Files\Fichiers communs\MSSoap
[15/02/2005|23:21] C:\Program Files\Fichiers communs\Nero
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Nullsoft
[15/02/2005|07:35] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Real
[15/02/2005|06:40] C:\Program Files\Fichiers communs\Services
[15/02/2005|07:35] C:\Program Files\Fichiers communs\SpeechEngines
[17/08/2008|09:31] C:\Program Files\Fichiers communs\System
[06/04/2006|17:58] C:\Program Files\Fichiers communs\Ulead Systems
[21/12/2007|19:31] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/05/2008|18:59] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 50 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\mylene\Cookies\mylene@advertstream[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 18:23:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 111
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1424][D:14]-> C:\DOCUME~1\mylene\LOCALS~1\Temp
[F:1115][D:0]-> C:\DOCUME~1\mylene\Cookies
[F:18138][D:30]-> C:\DOCUME~1\mylene\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/12/2008|18:54 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 10/12/2008|18:25 - Option : [2]
--------------------\\ Fin du rapport a 18:25:37
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
BIOS : BIOS Date: 02/17/05 15:21:41 Ver: 08.00.09
USER : mylene ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:129 Go)
D:\ (Local Disk) - FAT32 - Total:2 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 10/12/2008|18:21 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr.thepimps.bigpoint[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr.xblaster.bigpoint[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[3].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@partypoker[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@32vegas[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@www.lop[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@888[1].txt
Supprime! - C:\WINDOWS\Tasks\A8BB70BA9188EB9A.job
Supprime! - C:\DOCUME~1\mylene\LOCALS~1\Temp\bis2F.exe
Supprime! - C:\DOCUME~1\mylene\APPLIC~1\darton~1
Supprime! - C:\Program Files\darton~1
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\mylene\APPLIC~1\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[12/05/2008|10:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[20/02/2005|23:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver
[30/06/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2005|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/11/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[28/05/2008|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[14/07/2007|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/05/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06/12/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/06/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/12/2008|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[15/02/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/04/2006|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[02/05/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/05/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/12/2007|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/02/2005|23:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[20/02/2005|23:51] C:\DOCUME~1\edmomd\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\edmomd\APPLIC~1\Identities
[02/05/2006|18:37] C:\DOCUME~1\edmomd\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\edmomd\APPLIC~1\You've Got Pictures Screensaver
[15/02/2005|06:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/09/2005|17:40] C:\DOCUME~1\mumu\APPLIC~1\Ahead
[20/02/2005|23:51] C:\DOCUME~1\mumu\APPLIC~1\AOL
[25/08/2007|19:04] C:\DOCUME~1\mumu\APPLIC~1\Google
[15/02/2005|06:42] C:\DOCUME~1\mumu\APPLIC~1\Identities
[04/05/2007|16:53] C:\DOCUME~1\mumu\APPLIC~1\Macromedia
[04/05/2007|16:54] C:\DOCUME~1\mumu\APPLIC~1\Microsoft
[02/08/2006|11:44] C:\DOCUME~1\mumu\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\mumu\APPLIC~1\You've Got Pictures Screensaver
[17/01/2008|19:32] C:\DOCUME~1\mylene\APPLIC~1\Adobe
[30/06/2008|18:56] C:\DOCUME~1\mylene\APPLIC~1\AdobeUM
[20/02/2005|23:51] C:\DOCUME~1\mylene\APPLIC~1\AOL
[03/05/2005|17:56] C:\DOCUME~1\mylene\APPLIC~1\ArcSoft
[11/12/2005|12:00] C:\DOCUME~1\mylene\APPLIC~1\CyberLink
[03/05/2007|17:53] C:\DOCUME~1\mylene\APPLIC~1\F-Secure
[04/05/2007|17:27] C:\DOCUME~1\mylene\APPLIC~1\Google
[11/05/2006|17:27] C:\DOCUME~1\mylene\APPLIC~1\Help
[15/02/2005|06:42] C:\DOCUME~1\mylene\APPLIC~1\Identities
[29/04/2005|18:22] C:\DOCUME~1\mylene\APPLIC~1\Macromedia
[06/12/2008|20:35] C:\DOCUME~1\mylene\APPLIC~1\Malwarebytes
[03/02/2008|20:00] C:\DOCUME~1\mylene\APPLIC~1\Microsoft
[02/05/2007|17:16] C:\DOCUME~1\mylene\APPLIC~1\MSNInstaller
[06/04/2006|18:49] C:\DOCUME~1\mylene\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\mylene\APPLIC~1\You've Got Pictures Screensaver
[17/12/2005|10:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[29/04/2005|17:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[10/12/2008 18:22][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[10/12/2008 15:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/08/2007|11:45] C:\Program Files\Adobe
[15/02/2005|23:22] C:\Program Files\Ahead
[04/05/2007|15:04] C:\Program Files\Alwil Software
[06/11/2007|13:12] C:\Program Files\AOL
[11/05/2006|17:28] C:\Program Files\AOL 9.0
[20/02/2005|23:50] C:\Program Files\AOL Compagnon
[01/05/2007|17:16] C:\Program Files\AOL Toolbar
[03/05/2005|17:53] C:\Program Files\ArcSoft
[28/05/2008|13:38] C:\Program Files\Avira
[15/02/2005|08:10] C:\Program Files\AvRack
[15/02/2005|06:40] C:\Program Files\ComPlus Applications
[15/02/2005|08:13] C:\Program Files\CONEXANT
[20/02/2005|21:32] C:\Program Files\CyberLink
[06/04/2006|18:02] C:\Program Files\Digital Camera
[15/02/2005|23:35] C:\Program Files\DivX
[20/07/2007|12:02] C:\Program Files\Empire Interactive
[15/02/2005|08:27] C:\Program Files\Encarta
[03/05/2008|18:59] C:\Program Files\Fichiers communs
[24/05/2008|13:07] C:\Program Files\Google
[08/05/2005|17:59] C:\Program Files\Hewlett-Packard
[16/02/2005|00:33] C:\Program Files\HighMAT CD Writing Wizard
[08/05/2005|18:00] C:\Program Files\hp deskjet 3820 series
[07/12/2008|18:43] C:\Program Files\InstallShield Installation Information
[14/10/2008|20:34] C:\Program Files\Internet Explorer
[03/05/2008|18:59] C:\Program Files\Lavasoft
[20/02/2005|23:50] C:\Program Files\Learn2.com
[06/12/2008|20:35] C:\Program Files\Malwarebytes' Anti-Malware
[25/03/2006|18:46] C:\Program Files\Maxis
[09/07/2005|09:34] C:\Program Files\Media Pocket
[17/08/2008|10:01] C:\Program Files\Messenger
[17/09/2008|19:11] C:\Program Files\Messenger Plus! Live
[15/02/2005|08:29] C:\Program Files\Microsoft AutoRoute
[15/02/2005|06:42] C:\Program Files\microsoft frontpage
[29/04/2005|17:52] C:\Program Files\Microsoft Money 2005
[25/03/2006|18:47] C:\Program Files\Microsoft Office
[21/12/2007|19:35] C:\Program Files\Microsoft SQL Server Compact Edition
[15/02/2005|08:21] C:\Program Files\Microsoft Works
[15/02/2005|08:16] C:\Program Files\Microsoft Works Suite 2005
[17/08/2008|09:34] C:\Program Files\Movie Maker
[15/12/2005|18:49] C:\Program Files\MP3 Player Utilities
[22/06/2005|11:57] C:\Program Files\MSN
[15/02/2005|06:39] C:\Program Files\MSN Gaming Zone
[02/05/2007|17:51] C:\Program Files\MSXML 4.0
[17/08/2008|09:31] C:\Program Files\NetMeeting
[18/04/2007|17:41] C:\Program Files\Neuf
[15/02/2005|06:39] C:\Program Files\Online Services
[17/08/2008|09:31] C:\Program Files\Outlook Express
[04/05/2007|17:17] C:\Program Files\Pack S‚curit‚
[24/10/2007|17:17] C:\Program Files\PC Inspector File Recovery
[03/03/2006|20:43] C:\Program Files\Picture It! Premium 10
[20/02/2005|23:50] C:\Program Files\QuickTime
[20/02/2005|23:49] C:\Program Files\Real
[15/02/2005|08:10] C:\Program Files\Realtek Sound Manager
[15/02/2005|08:08] C:\Program Files\S3Inc
[07/12/2008|18:43] C:\Program Files\Samsung
[15/02/2005|06:40] C:\Program Files\Services en ligne
[20/02/2005|23:48] C:\Program Files\TechCity Solutions
[14/05/2008|11:22] C:\Program Files\Trend Micro
[06/04/2006|18:00] C:\Program Files\Ulead Systems
[17/12/2005|09:18] C:\Program Files\Uninstall Information
[15/02/2005|08:13] C:\Program Files\USB Storage RW
[15/02/2005|08:07] C:\Program Files\VIA
[15/02/2005|06:46] C:\Program Files\Windows Journal Viewer
[29/02/2008|18:26] C:\Program Files\Windows Live
[03/05/2007|18:36] C:\Program Files\Windows Live Favorites
[13/08/2007|17:46] C:\Program Files\Windows Live Safety Center
[30/11/2007|22:27] C:\Program Files\Windows Live Toolbar
[28/09/2007|15:04] C:\Program Files\Windows Media Connect
[28/09/2007|15:07] C:\Program Files\Windows Media Connect 2
[17/08/2008|09:31] C:\Program Files\Windows Media Player
[17/08/2008|09:31] C:\Program Files\Windows NT
[15/02/2005|06:40] C:\Program Files\WindowsUpdate
[15/02/2005|06:42] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[30/06/2008|18:58] C:\Program Files\Fichiers communs\Adobe
[15/02/2005|23:17] C:\Program Files\Fichiers communs\Ahead
[06/11/2007|13:19] C:\Program Files\Fichiers communs\AOL
[20/02/2005|23:51] C:\Program Files\Fichiers communs\aolback
[14/03/2005|08:07] C:\Program Files\Fichiers communs\aolshare
[15/02/2005|08:21] C:\Program Files\Fichiers communs\Designer
[16/12/2005|19:07] C:\Program Files\Fichiers communs\DirectX
[15/02/2005|08:12] C:\Program Files\Fichiers communs\InstallShield
[21/12/2007|19:32] C:\Program Files\Fichiers communs\Microsoft Shared
[15/02/2005|06:40] C:\Program Files\Fichiers communs\MSSoap
[15/02/2005|23:21] C:\Program Files\Fichiers communs\Nero
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Nullsoft
[15/02/2005|07:35] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Real
[15/02/2005|06:40] C:\Program Files\Fichiers communs\Services
[15/02/2005|07:35] C:\Program Files\Fichiers communs\SpeechEngines
[17/08/2008|09:31] C:\Program Files\Fichiers communs\System
[06/04/2006|17:58] C:\Program Files\Fichiers communs\Ulead Systems
[21/12/2007|19:31] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/05/2008|18:59] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 50 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\mylene\Cookies\mylene@advertstream[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 18:23:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 111
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1424][D:14]-> C:\DOCUME~1\mylene\LOCALS~1\Temp
[F:1115][D:0]-> C:\DOCUME~1\mylene\Cookies
[F:18138][D:30]-> C:\DOCUME~1\mylene\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/12/2008|18:54 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 10/12/2008|18:25 - Option : [2]
--------------------\\ Fin du rapport a 18:25:37
voici le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:53, on 11/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs:
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 10602 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:53, on 11/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs:
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 10602 bytes
Re,
Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O20 - AppInit_DLLs:
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O20 - AppInit_DLLs:
je l ai fais et Reposte un rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:36, on 12/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 10094 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:36, on 12/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 10094 bytes
Lassé par la pub ? Créez un compte
