Win32 SillyFDC + Hacktool.rootkit [ résolu ] - Sécurité - Virus

TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !

FORUM Infos-du-Net

Sécurité - Virus

Win32 SillyFDC + Hacktool.rootkit [ résolu ]

Sujet auquel vous répondez
Sujet : Win32 SillyFDC + Hacktool.rootkit [ résolu ]
alpha0	Bonjour et merci d'avance... Mon pc est infecté par un win 32 SillyFDC depuis plusieurs jours cela a rendu mon norton inactif, de ce fait je l'ai désinstallé pour mieux le réinstallé et pas de chance il ne s'installe plus et aucun autre anti virus gratuit ne fonctionne: comme quoi ce n'est pas une application win32 valide... :heink: j'ai fait scanner mon pc en ligne et c'est là que je me suis rendu cpte que j'avais deux virus: le w32 + hacktool rootkit Je ne sais pas quoi faire, (symantec ne peut rien pour moi alors que je paye un abonnement :fou: ) si quelqu'un peut m'aider car là, je suis perdue...^^ A très bientôt je l'espère Je viens de télécharger HijackThis et, apparament, ce n'est pas non plus une application Win32 valide...Ca va être difficile de m'aider je pense...

Sujet auquel vous répondez

Sujet : Win32 SillyFDC + Hacktool.rootkit [ résolu ]

alpha0

Bonjour et merci d'avance...
Mon pc est infecté par un win 32 SillyFDC depuis plusieurs jours cela a rendu mon norton inactif, de ce fait je l'ai désinstallé pour mieux le réinstallé et pas de chance il ne s'installe plus et aucun autre anti virus gratuit ne fonctionne: comme quoi ce n'est pas une application win32 valide... :heink: j'ai fait scanner mon pc en ligne et c'est là que je me suis rendu cpte que j'avais deux virus: le w32 + hacktool rootkit
Je ne sais pas quoi faire, (symantec ne peut rien pour moi alors que je paye un abonnement :fou: ) si quelqu'un peut m'aider car là, je suis perdue...^^

A très bientôt je l'espère
Je viens de télécharger HijackThis et, apparament, ce n'est pas non plus une application Win32 valide...Ca va être difficile de m'aider je pense...

Votre réponse

Nom d'utilisateur

Pour poster, vous devez être inscrit sur ce forum .... si ce n'est pas le cas, cliquez ici !

Mot de passe

Vous avez perdu votre mot de passe ? Cliquez ici !

Le ton de votre message

Votre réponse

Smilies

Liste des smilies perso

Options

Activer votre signature
Désactiver les smilies
Activer la notification par email du sujet

Aperçu

Vous avez perdu votre mot de passe ?

Vue Rapide de la discussion

Sham_Rock

re

kaspersky est performant... mais SI tu l'achètes, si c'est un crack, tu vas te réinfecter. :)

Supprime tous les programmes installés pour la désinfection.

Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.

http://www.malekal.com/fichiers/pr [...] iniban.gif

Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.

:hello:

alpha0

Rebonjour Sham_Rock

Alors j'en conclus que tout est ok, c'est super, merci beaucoup :D
Je souhaite prendre kaspersky comme anti virus à la place de norton, qu'en pensez vous ??
Merciii beaucoup,
avant ce problème je ne savais pas que l'on pouvait trouver de l'aide en ligne c'est superrr
Je peux écrire RESOLU sur mon message ?

Sham_Rock

bonjour

d'autres soucis?

alpha0

Bonjour,
Je viens de faire l'analyse avec kaspersky, voici le rapport

KASPERSKY ON-LINE SCANNER REPORT
Saturday, May 24, 2008 2:40:12 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 24/05/2008
Enregistrements dans la base antivirus Kaspersky : 712737

Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\

Statistiques de l'analyse
Total d'objets analysés 141998
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:15:09

Nom de l'objet infecté Nom du virus Dernière action
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AGENT_LOG1.txt L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db-journal L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BINARY\CLML.db L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db-journal L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db-journal L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db-journal L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db-journal L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db-journal L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db L'objet est verrouillé ignoré

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db-journal L'objet est verrouillé ignoré

C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll L'objet est verrouillé ignoré

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP39\change.log L'objet est verrouillé ignoré

C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\EventCache\{091187CD-B36A-4F06-B591-71CE1C489316}.bin L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\fidbox.dat L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\fidbox.idx L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\fidbox2.dat L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\fidbox2.idx L'objet est verrouillé ignoré

C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\0324_AdBlocker_eventcritlog.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\0324_AdBlocker_eventlog.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\0328_popupchk_eventcritlog.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\0328_popupchk_eventlog.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\0331_File_Monitoring_eventlog.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\0334_Web_Monitoring_eventlog.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\0336_pdm_eventcritlog.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\0336_pdm_eventlog.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\detected.idx L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\detected.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\eventlog.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\report.rpt L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Cookies\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Messenger\anthonyboscher@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Messenger\anthonyboscher@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Messenger\anthonyboscher@hotmail.fr\SharingMetadata\Working\database_8EB8_8CE1_B88C_C963\dfsr.db L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Messenger\anthonyboscher@hotmail.fr\SharingMetadata\Working\database_8EB8_8CE1_B88C_C963\fsr.log L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Messenger\anthonyboscher@hotmail.fr\SharingMetadata\Working\database_8EB8_8CE1_B88C_C963\fsrtmp.log L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Messenger\anthonyboscher@hotmail.fr\SharingMetadata\Working\database_8EB8_8CE1_B88C_C963\tmp.edb L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Windows Live Contacts\anthonyboscher@hotmail.fr\real\members.stg L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Application Data\Microsoft\Windows Live Contacts\anthonyboscher@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Historique\History.IE5\MSHist012008052420080525\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Temp\fla3E35.tmp L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Temp\~DF84E7.tmp L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Temp\~DF879E.tmp L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Temp\~DF8A1E.tmp L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Temp\~DF8A66.tmp L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Temporary Internet Files\Content.IE5\AU0728XO\get_video[1] L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\ntuser.dat L'objet est verrouillé ignoré

D:\Documents and Settings\Benjamin Boscher\ntuser.dat.LOG L'objet est verrouillé ignoré

D:\Documents and Settings\LocalService.AUTORITE NT\Cookies\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

D:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

D:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\LocalService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré

D:\Documents and Settings\LocalService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré

D:\Documents and Settings\NetworkService.AUTORITE NT\Cookies\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

D:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

D:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

D:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré

D:\Documents and Settings\NetworkService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré

D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP39\change.log L'objet est verrouillé ignoré

Analyse terminée.

Sham_Rock

re

refais un scan en ligne stp

~Fais une analyse antivirus en ligne sur le site de Kaspersky
http://webscanner.kaspersky.fr/

~ Clique sur Online Scanner.
~Accepte l'installation du contrôle ActiveX en cliquant sur le bouton Install.

~Sélectionne le poste de travail comme analyse.

~Enregistre le rapport en cliquant sur le bouton "Enregistrer rapport sous". Nomme-le, tu feras un copier/coller dans ta prochaine réponse.

Tuto du scan en ligne

alpha0

re..

Deuxième rapport d'hijackthis...j'espère que tout va être OK... :)

Super, les 3 cracks ne sont plus dans l'utilitaire de configuration système :bounce:
MERCIIII !!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:54:43, on 23/05/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S118.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6 [...] vSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader4.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - http://c.voila.fr/V3/Icons/voila.gif

--
End of file - 9855 bytes

alpha0

Bonsoir,
Ci joint le rapport de hijackthis:

D:\DOCUME~1\BENJAM~1\APPLIC~1\REMOTE~1 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Shared moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\NPMDataStore moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\SYMTHM moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\SYMHTML moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\SPManfst moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Manifest moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget\frames moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget\buttons moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP\SUPPSOFT moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet\SymNet\Manifest moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet\SymNet\Drivers moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet\SymNet moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE\XP moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE\Vista moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\System32\Drivers moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\System32 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\SYMSHARE\SRTSP moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\SYMSHARE\Manifest moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\SYMSHARE moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\MANIFEST moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\LUpdate\LUMfests moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\LUpdate moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SEVINST moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\0c\01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\0c moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Remover moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\PreScan\0c\01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\PreScan\0c moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\PreScan moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\NISTools moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\MSI moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\SYSTEM32 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\SPMANI~1 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\HelpMSI\External\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\HelpMSI\External moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\HelpMSI moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF\cfCore\MANIFEST moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF\cfCore\CFMan moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF\cfCore moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\AppCore\AppCore moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\AppCore moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\NPC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget\frames moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget\buttons moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SymNet\SND_x64\Drivers moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SymNet\SND_x64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SymNet moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\System32\Drivers moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\System32 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\SYMSHARE\Manifest moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\SYMSHARE moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\SYMSHARE moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\LUpdate\LUMfests moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\LUpdate moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SEVINST moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\ccCommon\ccCmn64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\ccCommon moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\VAData\Dict moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\VAData moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SPBBC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SecHist moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\Options moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\ncwHyPEX moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\MANIFEST moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\IDS moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\CF\CFMan moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\CF moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\CCPD-LC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\HTEC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\Dist moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\CF moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\IDSDefs moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\MANIFEST moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\COL moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\Symantec\LUREGMAN moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\Symantec moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\InitDefs moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\drivers moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\VirusDef moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\VirusD64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\System32\COH64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\System32\COH32 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\System32 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\Symantec\NORTON\Tasks moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\Symantec\NORTON moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\Symantec moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\MUI\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\MUI moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\SPBBC moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\MANIFEST moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH32 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\0c01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\COH64 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\COH32 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Lang\0c\01 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Lang\0c moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Lang moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0 moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts moved successfully.
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec moved successfully.
File/Folder D:\Documents and Settings\Benjamin Boscher\Shared not found.
D:\Documents and Settings\All Users\Application Data\PROCNURBSKIPWMA moved successfully.
C:\Program Files\LphantBar moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 05232008_194611

maintenant je vais télécharger malware...encore merci

Sham_Rock

re
franchement, vu ta pratique du p2p, je me demande si un format du disque D ne t'aurait pas été plus bénéfique...
quand on ne veut pas dépenser d'argent pour les jeux comme les tiens, on joue à Wolfenstein Enemy Territory

1

~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.

R3 - URLSearchHook: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O2 - BHO: (no name) - {4B857FD8-EE58-4AFE-8975-A72BBB90E11B} - C:\WINDOWS\system32\mllmj.dll (file missing)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (file missing)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O4 - HKLM\..\Run: [Skipwmaadmin16] D:\Documents and Settings\All Users\Application Data\PROCNURBSKIPWMA\THAT CASH.exe
O4 - HKLM\..\Run: [Doom 3 NO CD Crack] D:\Documents and Settings\Benjamin Boscher\Shared\Doom 3 NO CD Crack.exe
O4 - HKLM\..\Run: [Battlefield 1942 no cd crack] D:\Documents and Settings\Benjamin Boscher\Shared\Battlefield 1942 no cd crack.exe
O4 - HKLM\..\Run: [Age Of Mythology - The Titans no cd crack] D:\Documents and Settings\Benjamin Boscher\Shared\Age Of Mythology - The Titans no cd crack.exe
O4 - HKLM\..\RunOnce: [SymLnch] "D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe" "D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe" "/REALUPREBOOT /temp /patched"
O4 - HKCU\..\Run: [copy bind] D:\DOCUME~1\BENJAM~1\APPLIC~1\REMOTE~1\support mfcd.exe

Clique sur Fix checked (en bas à gauche)

2
Sélectionne TOUS les emplacements en gras ci-dessous :

D:\DOCUME~1\BENJAM~1\APPLIC~1\REMOTE~1
D:\Documents and Settings\Benjamin Boscher\Shared
D:\Documents and Settings\Benjamin Boscher\Application Data\Symantec
D:\Documents and Settings\Benjamin Boscher\Shared
D:\Documents and Settings\All Users\Application Data\PROCNURBSKIPWMA
C:\Program Files\LphantBar

---> Clique-droit puis Copier (ou Ctrl+C)

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur MoveIt!

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

3

~télécharge ce fichier http://downloads.malwareremoval.com/Nel/FixP.zip
sur le bureau.

Extraie et double clique sur Fix_Protocol_zones_ranges.reg.

Accepte lorsqu'il te demande de fusionner avec le registre. poste ensuite un nouveau rapport hijackthis.

alpha0

Je viens de voir qu'il me reste 3 cracks en parcourant le rapport hijackthis, et j'ai remarqué qu'ils sont présents dans l'utilitaire de configuration système, dans l'onglet "démarrage"(démarrer\éxécuter\msconfig).
Ces cracks là ne se sont visiblement pas supprimés, comment en venir à bout ?

alpha0

re ! :)
voici le log hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:37:57, on 22/05/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\rundll32.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4B857FD8-EE58-4AFE-8975-A72BBB90E11B} - C:\WINDOWS\system32\mllmj.dll (file missing)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Skipwmaadmin16] D:\Documents and Settings\All Users\Application Data\PROCNURBSKIPWMA\THAT CASH.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [Doom 3 NO CD Crack] D:\Documents and Settings\Benjamin Boscher\Shared\Doom 3 NO CD Crack.exe
O4 - HKLM\..\Run: [Battlefield 1942 no cd crack] D:\Documents and Settings\Benjamin Boscher\Shared\Battlefield 1942 no cd crack.exe
O4 - HKLM\..\Run: [Age Of Mythology - The Titans no cd crack] D:\Documents and Settings\Benjamin Boscher\Shared\Age Of Mythology - The Titans no cd crack.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

Messages similaires

Dans l'actualité

Les pires virus de 2007

Le rootkit de Sony passé au peigne fin

Microsoft s'approprie Rootkit Revealer

McAfee déclare la guerre aux rootkits

Les téléchargements

Ressources relatives

Les derniers dossiers

Upgrader son portable en 9 leçons

Les logiciels indispensables après un formatage

Que choisir ? Home Cinema 5.1 ou projecteur de son ?

Test du Nokia N96 : la vie sans écran tactile

FORUM Infos-du-Net

Sécurité - Virus

Win32 SillyFDC + Hacktool.rootkit [ résolu ]