J'ai besoin d'aide pour pyagcore

Résolu
sylviesfr -  
kevin05 Messages postés 3814 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

J'ai besoin d'aide "pyagcore" qui je bloc internet explorer et les options MSN J'ai instaler "hijackthis" le bloc note m'a donner ce résulta

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:22:18, on 12/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\documents and settings\confo\local settings\application data\guimg.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\SeekeenSrch\seekeen.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_watchop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [guimg] "c:\documents and settings\confo\local settings\application data\guimg.exe" guimg
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\dwwnw64r.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Mindscape Website.url
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
O8 - Extra context menu item: &Search -
O8 - Extra context menu item: (PopUpCop) Allow images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/allowimages
O8 - Extra context menu item: (PopUpCop) Block images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/blockimages
O8 - Extra context menu item: (PopUpCop) Open In New Window - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/imagenew
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\WINDOWS\system32\controlkids2.dll
O20 - Winlogon Notify: Scryptnat - Scryptnat.dll (file missing)
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Contrôle Parental SFR (OPTENET_FILTER) - SFR - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SeekeenSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe

--
End of file - 17516 bytes

ça fait peur
aider moi
Avec des mot simple je ne suis pas très douer (ça ce voit)
merci

sylviesfr
Configuration: Windows XP
Firefox 3.0.7

35 réponses

  • 1
  • 2
Résumé de la discussion

Une installation Windows XP est fortement polluée par des modules indésirables et des barres d’outils détectées par un rapport HijackThis, affectant notamment Internet Explorer et MSN. Le diagnostic liste de nombreuses entrées au démarrage, barres d’outils et modules de navigateur devenus persistants, exigeant une désinfection avec rétablissement des paramètres et suppression des extensions malveillantes. Les conseils préconisent de générer un nouveau rapport HijackThis après nettoyage initial et de viser des suppressions ciblées des composants indésirables avant une vérification finale. En pratique, il est aussi recommandé d’utiliser un antivirus et un anti-malware mis à jour, puis de sauvegarder le système et de réinitialiser les paramètres réseau après avoir éliminé les menaces.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    Télécharge ToolBarSD (Team IDN) sur ton Bureau.

    * Lance l'installation du programme en exécutant le fichier téléchargé.
    * Double-clique maintenant sur le raccourci de Toolbar-S&D.
    * Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
    * Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
    * Poste le rapport généré. (C:\TB.txt)

    0
    1. sylviesfr
       
      bonsoir,

      merci de bien vouloir m'aider.
      voila j'ai fait comme tu a dit voici le rapport


      -----------\\ ToolBar S&D 1.2.8 XP/Vista

      Microsoft (R) Windows Script Host Version 5.7
      Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
      Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
      BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
      USER : confo ( Administrator )
      BOOT : Normal boot
      Antivirus : VirusKeeper 2009 Pro antivirus 9.0 (Activated)
      C:\ (Local Disk) - NTFS - Total:71 Go (Free:20 Go)
      D:\ (Local Disk) - FAT32 - Total:72 Go (Free:71 Go)
      E:\ (CD or DVD)
      G:\ (USB)
      H:\ (USB)
      I:\ (USB)
      J:\ (USB)

      "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
      Option : [1] ( 12/03/2009|19:52 )

      -----------\\ Recherche de Fichiers / Dossiers ...

      C:\Program Files\FunWebProducts
      C:\Program Files\FunWebProducts\ScreenSaver
      C:\Program Files\FunWebProducts\Shared
      C:\Program Files\FunWebProducts\ScreenSaver\Images
      C:\Program Files\FunWebProducts\ScreenSaver\Images\00346852.urr
      C:\Program Files\FunWebProducts\Shared\Cache
      C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
      C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\content_a.xml
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\content_ie.xml
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\content_m.xml
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\content_y.xml
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\logger.xml
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\toolbarIE.xml
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\toolbarIM_a.xml
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\toolbarIM_m.xml
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\toolbarIM_y.xml
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\allow.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\block.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\dontsend.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbardropdownmenu.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsHelprolloverbase.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsm1rolloverbase.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_bg.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_dp.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsm2rolloverbase.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarstextrollover.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\kiwee_iconX16.ico
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\kiwee_iconX48.ico
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\send.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_eg.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_emoticons.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_eyeglass.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_gear.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_images.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_kiwee.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_msnlogo.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_news.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_text.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_videos.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_webshots.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_winks.bmp
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\X.bmp
      C:\Program Files\Kiwee Toolbar
      C:\Program Files\Kiwee Toolbar\2.8.167
      C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\AolIMToolbar.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox
      C:\Program Files\Kiwee Toolbar\2.8.167\FlashCOM.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIMToolbar.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.tlb
      C:\Program Files\Kiwee Toolbar\2.8.167\kiweetoolbar.zip
      C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
      C:\Program Files\Kiwee Toolbar\2.8.167\mfc80u.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.CRT.manifest
      C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.MFC.manifest
      C:\Program Files\Kiwee Toolbar\2.8.167\msimg32.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\msvcp80.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\msvcr80.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\RemoteLib.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\Riched20.dll
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome.manifest
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\firefox.xpi
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\install.rdf
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome\kiweetoolbar.jar
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.js
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.xpt
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\KiweeSearchHistory.js
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.js
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.xpt
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences\defaults.js
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\manifest.mf
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.rsa
      C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.sf
      C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Kiwee Toolbar
      C:\Program Files\Multi_Media_France
      C:\Program Files\Multi_Media_France\INSTALL.LOG
      C:\Program Files\Multi_Media_France\Multi_Media_FranceToolbarHelper.exe
      C:\Program Files\Multi_Media_France\tbMult.dll
      C:\Program Files\Multi_Media_France\toolbar.cfg
      C:\Program Files\Multi_Media_France\UNWISE.EXE
      C:\Program Files\Multi_Media_France\UNWISE.INI
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\Config.xml
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\db
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\dwld
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\report
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\res2
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\db\Aliases.dbs
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\db\Sites.dbs
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\dwld\WhiteList.xip
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\report\aggr_storage.xml
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\report\send_storage.xml
      C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs\res2\WhiteList.dbs
      C:\Program Files\ShoppingReport
      C:\Program Files\ShoppingReport\Bin
      C:\Program Files\ShoppingReport\Uninst.exe
      C:\Program Files\ShoppingReport\Bin\2.5.0
      C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
      C:\Program Files\Internet Explorer\msimg32.dll
      C:\DOCUME~1\confo\LOCALS~1\Temp\nsg176.tmp
      C:\DOCUME~1\confo\LOCALS~1\Temp\nsw168.tmp
      C:\DOCUME~1\confo\LOCALS~1\Temp\nsx1EE.tmp

      -----------\\ Extensions

      (confo) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
      (confo) - {EEE6C361-6118-11DC-9C72-001320C79847} => sweetim-toolbar


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
      "Start Page"="https://home.sweetim.com/"
      "SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
      "Default_Page_URL"="https://www.msn.com/fr-fr"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Start Page"="https://home.sweetim.com/"


      --------------------\\ Recherche d'autres infections

      C:\WINDOWS\Pack.epk

      C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg.dat
      C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg.exe
      C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg_nav.dat
      C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg_navps.dat
      [b]==> EGDACCESS <==/b




      1 - "C:\ToolBar SD\TB_1.txt" - 12/03/2009|19:53 - Option : [1]

      -----------\\ Fin du rapport a 19:53:25,78
      0
  2. Utilisateur anonyme
     
    ps ca va prendre du temps de te desinfecter parceque que franchement
    des pc infectés comme le tien c'est pas souvent...
    c'est meme etonnant qu'il fonctionne encore (?)
    0
  3. Utilisateur anonyme
     
    t'en es ou ?
    parcequ'il est vraiment tant de faire quelquechose pour ton pc ;))
    0
  4. NicoIsAGeek Messages postés 23 Statut Membre
     
    Ton ordi a du voir un peu trop de film X... Sans rancune hein ? C'est juste pour la déconne ;). Bye !
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    nico is a gekk on se passe de commentaires ......

    sylviegr

    ta desinfection risque d'etre longue car tu es sur-multi-infectée et il va falloir faire plusieurs procedures, ne t'inquietes pas si je ne te reponds pas tout de suite, je ne t'oublies pas, au pire je reviens toujours plus tard ...!!!
    on a analysé (option 1)maintenant on va nettoyer(option2)...

    Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" (au lieu de 1)puis valide en appuyant sur "Entrée".

    ! Ne ferme pas la fenêtre lors de la suppression !

    Un rapport sera généré, poste son contenu ici.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.

    0
  7. kevin05 Messages postés 3814 Date d'inscription   Statut Contributeur sécurité Dernière intervention   147
     
    MOUARFFFFFF

    Jolie entre les toolbars infectés et tout le bordel

    Bonne chance neophyte ;-)
    0
  8. Utilisateur anonyme
     
    bonjour sylviefr

    alors tu en es ou ?
    tu a reussi a faire le post 6 ou tu a besoin d'aide ou de precisions ?

    on a analysé (option 1)maintenant on va nettoyer(option2)...

    Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" (au lieu de 1)puis valide en appuyant sur "Entrée".

    ! Ne ferme pas la fenêtre lors de la suppression !

    Un rapport sera généré, poste son contenu ici.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.

    0
    1. sylviesfr
       
      Bonjour

      merci de ta patience.
      je te donne le rapport n°2


      -----------\\ ToolBar S&D 1.2.8 XP/Vista

      Microsoft (R) Windows Script Host Version 5.7
      Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
      Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
      BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
      USER : confo ( Administrator )
      BOOT : Normal boot
      Antivirus : VirusKeeper 2009 Pro antivirus 9.0 (Activated)
      C:\ (Local Disk) - NTFS - Total:71 Go (Free:20 Go)
      D:\ (Local Disk) - FAT32 - Total:72 Go (Free:71 Go)
      E:\ (CD or DVD)
      G:\ (USB)
      H:\ (USB)
      I:\ (USB)
      J:\ (USB)

      "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
      Option : [2] ( 13/03/2009|15:07 )

      -----------\\ SUPPRESSION

      Supprime! - C:\Program Files\FunWebProducts\ScreenSaver
      Supprime! - C:\Program Files\FunWebProducts\Shared
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images
      Supprime! - C:\Program Files\Kiwee Toolbar\2.8.167
      Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Kiwee Toolbar
      Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG
      Supprime! - C:\Program Files\Multi_Media_France\Multi_Media_FranceToolbarHelper.exe
      Supprime! - C:\Program Files\Multi_Media_France\tbMult.dll
      Supprime! - C:\Program Files\Multi_Media_France\toolbar.cfg
      Supprime! - C:\Program Files\Multi_Media_France\UNWISE.EXE
      Supprime! - C:\Program Files\Multi_Media_France\UNWISE.INI
      Supprime! - C:\DOCUME~1\confo\APPLIC~1\ShoppingReport\cs
      Supprime! - C:\Program Files\ShoppingReport\Bin
      Supprime! - C:\Program Files\ShoppingReport\Uninst.exe
      Supprime! - C:\Program Files\Internet Explorer\msimg32.dll
      Supprime! - C:\DOCUME~1\confo\LOCALS~1\Temp\nsg176.tmp
      Supprime! - C:\DOCUME~1\confo\LOCALS~1\Temp\nsw168.tmp
      Supprime! - C:\DOCUME~1\confo\LOCALS~1\Temp\nsx1EE.tmp
      Supprime! - C:\Program Files\FunWebProducts
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar
      Supprime! - C:\Program Files\Kiwee Toolbar
      Supprime! - C:\Program Files\Multi_Media_France
      Supprime! - C:\DOCUME~1\confo\APPLIC~1\ShoppingReport
      Supprime! - C:\Program Files\ShoppingReport

      -----------\\ Recherche de Fichiers / Dossiers ...


      -----------\\ Extensions

      (confo) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
      (confo) - {EEE6C361-6118-11DC-9C72-001320C79847} => sweetim-toolbar


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
      "Start Page"="https://home.sweetim.com/"
      "SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
      "Default_Page_URL"="https://www.msn.com/fr-fr"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Start Page"="https://www.msn.com/fr-fr/"


      --------------------\\ Recherche d'autres infections

      C:\WINDOWS\Pack.epk

      C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg.dat
      C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg.exe
      C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg_nav.dat
      C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg_navps.dat
      [b]==> EGDACCESS <==/b




      1 - "C:\ToolBar SD\TB_1.txt" - 12/03/2009|19:53 - Option : [1]
      2 - "C:\ToolBar SD\TB_2.txt" - 13/03/2009|15:09 - Option : [2]

      -----------\\ Fin du rapport a 15:09:58,92

      moi j'y comprend rien.
      si toi oui c super.
      encore merci de m'aider.
      0
    2. sylviesfr
       
      merci merci

      c trop cool ça remarche.

      c super sympa d'avoir pris un moment pour m'aider.

      amicalement

      Sylviesfr
      0
    3. sylviesfr
       
      bonjour

      voilas le nouveau rapport (je pensé qu'il y en aurait moins)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 10:24:51, on 14/03/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16791)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\SYSTEM32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\ehome\ehtray.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
      C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\WINDOWS\system32\SysMonitor.exe
      C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
      C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
      C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
      C:\Program Files\SweetIM\Messenger\SweetIM.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\documents and settings\confo\local settings\application data\guimg.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
      C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
      C:\WINDOWS\eHome\ehSched.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\Windows Live\Family Safety\fsssvc.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
      C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe
      C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
      C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
      C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
      C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\WINDOWS\system32\msiexec.exe
      C:\WINDOWS\system32\wbem\wmiapsrv.exe
      C:\Program Files\SeekeenSrch\seekeen.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\eHome\ehmsas.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
      R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
      O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
      O2 - BHO: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
      O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
      O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
      O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll
      O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [LaunchApp] Alaunch
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
      O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
      O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
      O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
      O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
      O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
      O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
      O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
      O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
      O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [guimg] "c:\documents and settings\confo\local settings\application data\guimg.exe" guimg
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\dwwnw64r.exe
      O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
      O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
      O4 - Global Startup: Acer Empowering Technology.lnk = ?
      O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
      O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Mindscape Website.url
      O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
      O8 - Extra context menu item: (PopUpCop) Allow images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/allowimages
      O8 - Extra context menu item: (PopUpCop) Block images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/blockimages
      O8 - Extra context menu item: (PopUpCop) Open In New Window - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/imagenew
      O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
      O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
      O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
      O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
      O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\WINDOWS\system32\controlkids2.dll
      O20 - Winlogon Notify: Scryptnat - Scryptnat.dll (file missing)
      O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Contrôle Parental SFR (OPTENET_FILTER) - SFR - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
      O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: SeekeenSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
      O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe
      0
  9. Utilisateur anonyme
     
    slt *
    attention ca remarche comme tu dis mais c'est provisoire, si tu laisses les autres infections dans une semaine tu reviens...
    est ce qu'on continue et on remet ton pc a neuf ??? en tout cas je te le conseille fortement...;)

    et a la fin de la desinfection je te donnerais des conseils et astuces pour ne plus te prendre de virus !

    alors on continue ?
    0
    1. sylviesfr
       
      Salut
      alors on en a pas fini (c' était trop simple)
      dit moi ce qui serais bien de faire.
      pour avoir un super ordi super sur.
      merci

      sylviesfr
      0
  10. Utilisateur anonyme
     
    rassures toi on en a enlevé un gros morceau ;)

    maintenent peux tu reposter un nouveau rapport hijackthis comme tu as fais au 1 er post stp?

    0
  11. Utilisateur anonyme
     
    bon, le logiciel toolsbar sd n' a pas enlevé la totalité de ce qu'il aurait du !

    On va relancer toolsbar sd et encore l'option 2 mais cette fois en mode sans echec !
    je t'explique :

    pour cela tu dois redemarrer ton pc et juste avant le logo windows (des le debut),
    tu vas tapoter la touche F5 OU F8 selon les pc
    et tu vas tomber sur une fenetre bizarre ou avec les fleches haut/bas de ton clavier il faudra
    aller sur : demarrer sans echec (c'est un mode de diagnostic de windows qui utilise que le minimum vital de ton pc)

    ensuite ton bureau va apparaitre avec des couleurs et icones bizarres c'est normal !
    tu n'auras pas acces a internet !

    Relances toolsbar sd option 2

    redemarre en mode normal (c'est fait automatiquement) reconnectes toi et poste le rapport dans la prochaine reponse

    T'inquiete pas on va remettre ce pc a neuf ;)

    et ps: quand tu postes un message rends toi directement ds le cadre blanc en bas de la page (ne fais pas repondre a) sinon on va se perdre ;)
    0
  12. sylviesfr
     
    Voici le nouveau rapport

    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft (R) Windows Script Host Version 5.7
    Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : confo ( Administrator )
    BOOT : Fail-safe boot
    Antivirus : VirusKeeper 2009 Pro antivirus 9.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:71 Go (Free:22 Go)
    D:\ (Local Disk) - FAT32 - Total:72 Go (Free:71 Go)
    E:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( 14/03/2009|11:08 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ Extensions

    (confo) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
    (confo) - {EEE6C361-6118-11DC-9C72-001320C79847} => sweetim-toolbar

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://www.msn.com/fr-fr"
    "SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
    "Default_Page_URL"="https://www.msn.com/fr-fr"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Start Page"="https://www.msn.com/fr-fr/"

    --------------------\\ Recherche d'autres infections

    C:\WINDOWS\Pack.epk

    C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg.dat
    C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg.exe
    C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg_nav.dat
    C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg_navps.dat
    [b]==> EGDACCESS <==/b

    1 - "C:\ToolBar SD\TB_1.txt" - 12/03/2009|19:53 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 13/03/2009|15:09 - Option : [2]
    3 - "C:\ToolBar SD\TB_3.txt" - 14/03/2009|11:10 - Option : [2]

    -----------\\ Fin du rapport a 11:10:58,95
    0
  13. Utilisateur anonyme
     
    Télécharge Malwarebytes ICI

    Fais la mise à jour du logiciel (elle se fait normalement à l'installation)

    Lance une analyse complète en cliquant sur "Exécuter un examen complet"

    Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"

    L'analyse peut durer un bon moment.....

    Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"

    Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"

    Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum

    * Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
    0
  14. sylviesfr Messages postés 10 Statut Membre
     
    salut
    je suis trop bête j'ai cliquer sur redémarrer avant de copier le rapport je me souvient qu'il y avais 20 infections qu'il a effacer.
    désoler le week-end je doit être un peu mono-neurone. mais je suis sur que ça se soigne comme mon ordi (grace a toi)
    0
  15. sylviesfr Messages postés 10 Statut Membre
     
    Malwarebytes' Anti-Malware 1.34
    Version de la base de données: 1848
    Windows 5.1.2600 Service Pack 3

    14/03/2009 12:40:05
    mbam-log-2009-03-14 (12-40-05).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 243408
    Temps écoulé: 43 minute(s), 57 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 9
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 9

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fcaddc14-bd46-408a-9842-cdbe1c6d37eb} (Spyware.Banker) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\multi_media_france toolbar (Adware.Trace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\guimg (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Documents and Settings\confo\Local Settings\Application Data\guimg_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\confo\Local Settings\Application Data\guimg_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\confo\Local Settings\Application Data\guimg.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\confo\Local Settings\Application Data\guimg.exe (Adware.Navipromo.H) -> Delete on reboot.
    C:\ToolBar SD\Backup-TB\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Documents and Settings\confo\Local Settings\Temp\ShprInstaller.exe (Adware.Shopper) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP554\A0239431.dll (Adware.Shopper) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP554\A0239433.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> Quarantined and deleted successfully.
    0
  16. Utilisateur anonyme
     
    excellent
    il faudrait un nouveau rapport hijackthis stp (ca devrait etre le dernier je pense)
    0
  17. sylviesfr Messages postés 10 Statut Membre
     
    alors docteur il est sauver.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:58:32, on 14/03/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
    C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
    C:\Program Files\SweetIM\Messenger\SweetIM.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\SeekeenSrch\seekeen.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_watchop.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
    R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
    O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
    O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\dwwnw64r.exe
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Mindscape Website.url
    O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
    O8 - Extra context menu item: (PopUpCop) Allow images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/allowimages
    O8 - Extra context menu item: (PopUpCop) Block images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/blockimages
    O8 - Extra context menu item: (PopUpCop) Open In New Window - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/imagenew
    O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\WINDOWS\system32\controlkids2.dll
    O20 - Winlogon Notify: Scryptnat - Scryptnat.dll (file missing)
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Contrôle Parental SFR (OPTENET_FILTER) - SFR - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SeekeenSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
    O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe
    0
  18. Utilisateur anonyme
     
    Non pas encore sauvé, je t'avais prévenu que le tien etait un rapport hors du commun ;)
    t'inquietes pas , ca doit deja aller mieux la ?

    allez on continue :

    Télécharge et enregistre lopSD sur ton bureau

    Double-clic Lop S&D

    Fair l'installation

    Ferme toutes les applications

    Le lancer par un double-clic sur le raccourci qui est sur le bureau

    Taper F pour français , puis presser entrée

    Taper 1

    Presse Entrée

    Le PC va redémarrer

    * Note= si l'antivirus annonce une infection dans TEMP , l'ignorer

    Attendre l'apparition du rapport

    Copier le rapport et le coller dans la réponse

    * le rapport se trouve aussi à C:\lopR
    0
  19. sylviesfr Messages postés 10 Statut Membre
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft (R) Windows Script Host Version 5.7
    Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : confo ( Administrator )
    BOOT : Normal boot
    Antivirus : VirusKeeper 2009 Pro antivirus 9.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:71 Go (Free:20 Go)
    D:\ (Local Disk) - FAT32 - Total:72 Go (Free:71 Go)
    E:\ (CD or DVD)
    F:\ (USB) - FAT32 - Total:3824 Mo (Free:3 Go)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)
    L:\ (Local Disk) - NTFS - Total:465 Go (Free:128 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 14/03/2009|18:05 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
    [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [04/01/2009|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [24/07/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\agi
    [16/02/2007|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [30/08/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [10/11/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [04/12/2007|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
    [21/08/2007|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
    [11/11/2006|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [26/12/2006|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Disney Interactive
    [24/01/2009|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay
    [03/01/2009|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [12/11/2006|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [18/07/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
    [18/07/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
    [23/01/2007|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [05/11/2008|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar2
    [14/03/2009|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [08/02/2009|07:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [20/02/2009|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [05/01/2009|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
    [08/01/2007|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
    [28/10/2007|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [20/11/2006|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
    [15/08/2007|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
    [25/12/2006|01:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [05/03/2009|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekeenSrch
    [02/11/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
    [29/10/2008|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [21/07/2008|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
    [13/11/2006|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [22/11/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [07/02/2009|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
    [12/11/2008|07:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [16/02/2007|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [19/01/2009|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity
    [18/08/2008|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [20/07/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [12/11/2006|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [01/08/2008|06:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [16/08/2007|13:36] C:\DOCUME~1\confo\APPLIC~1\Ace
    [23/01/2009|14:46] C:\DOCUME~1\confo\APPLIC~1\Adobe
    [12/11/2006|15:12] C:\DOCUME~1\confo\APPLIC~1\AdobeUM
    [24/07/2008|20:52] C:\DOCUME~1\confo\APPLIC~1\agi
    [16/02/2007|11:31] C:\DOCUME~1\confo\APPLIC~1\AOL
    [31/10/2008|19:39] C:\DOCUME~1\confo\APPLIC~1\Apple Computer
    [01/12/2008|20:49] C:\DOCUME~1\confo\APPLIC~1\ArcSoft
    [12/11/2006|16:26] C:\DOCUME~1\confo\APPLIC~1\CyberLink
    [25/12/2007|09:29] C:\DOCUME~1\confo\APPLIC~1\Disney Interactive
    [22/01/2009|21:42] C:\DOCUME~1\confo\APPLIC~1\dvdcss
    [24/01/2009|18:36] C:\DOCUME~1\confo\APPLIC~1\eBay
    [04/02/2009|17:24] C:\DOCUME~1\confo\APPLIC~1\Google
    [11/11/2006|18:57] C:\DOCUME~1\confo\APPLIC~1\Help
    [29/10/2008|13:48] C:\DOCUME~1\confo\APPLIC~1\HP
    [06/10/2006|23:18] C:\DOCUME~1\confo\APPLIC~1\Identities
    [27/12/2008|12:01] C:\DOCUME~1\confo\APPLIC~1\InstallShield
    [14/08/2007|17:22] C:\DOCUME~1\confo\APPLIC~1\InterTrust
    [09/03/2009|11:26] C:\DOCUME~1\confo\APPLIC~1\LimeWire
    [19/05/2007|11:59] C:\DOCUME~1\confo\APPLIC~1\LiteOn
    [06/10/2006|23:18] C:\DOCUME~1\confo\APPLIC~1\Macromedia
    [14/03/2009|11:49] C:\DOCUME~1\confo\APPLIC~1\Malwarebytes
    [27/01/2007|15:00] C:\DOCUME~1\confo\APPLIC~1\Micro Application
    [13/01/2009|15:05] C:\DOCUME~1\confo\APPLIC~1\Microsoft
    [05/01/2009|10:48] C:\DOCUME~1\confo\APPLIC~1\Mozilla
    [20/07/2008|09:27] C:\DOCUME~1\confo\APPLIC~1\MSNInstaller
    [14/03/2009|12:48] C:\DOCUME~1\confo\APPLIC~1\OpenOffice.org2
    [20/11/2006|17:37] C:\DOCUME~1\confo\APPLIC~1\Otto
    [25/10/2008|16:32] C:\DOCUME~1\confo\APPLIC~1\PopupCop
    [26/09/2008|17:56] C:\DOCUME~1\confo\APPLIC~1\Samsung
    [23/03/2007|14:35] C:\DOCUME~1\confo\APPLIC~1\Sony Ericsson
    [12/11/2006|15:48] C:\DOCUME~1\confo\APPLIC~1\Sun
    [23/03/2007|14:43] C:\DOCUME~1\confo\APPLIC~1\Teleca
    [18/06/2008|15:57] C:\DOCUME~1\confo\APPLIC~1\tuxmath
    [15/08/2007|18:03] C:\DOCUME~1\confo\APPLIC~1\Ulead Systems
    [10/09/2008|06:23] C:\DOCUME~1\confo\APPLIC~1\Viewpoint
    [12/06/2007|11:46] C:\DOCUME~1\confo\APPLIC~1\vlc
    [16/02/2007|11:26] C:\DOCUME~1\confo\APPLIC~1\You've Got Pictures Screensaver

    [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [06/10/2006|23:18] C:\DOCUME~1\FRANOI~1\APPLIC~1\Macromedia
    [15/11/2007|17:08] C:\DOCUME~1\FRANOI~1\APPLIC~1\Microsoft

    [23/09/2007|15:16] C:\DOCUME~1\INVIT~1\APPLIC~1\Apple Computer
    [20/10/2007|14:56] C:\DOCUME~1\INVIT~1\APPLIC~1\CyberLink
    [22/10/2007|09:40] C:\DOCUME~1\INVIT~1\APPLIC~1\Help
    [06/10/2006|23:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [18/09/2007|09:45] C:\DOCUME~1\INVIT~1\APPLIC~1\LiteOn
    [06/10/2006|23:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
    [30/09/2007|10:25] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [29/09/2007|15:02] C:\DOCUME~1\INVIT~1\APPLIC~1\Ulead Systems
    [22/09/2007|17:36] C:\DOCUME~1\INVIT~1\APPLIC~1\vlc

    [24/07/2008|20:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
    [27/12/2007|18:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
    [06/10/2006|23:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [05/03/2009|14:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

    [10/11/2008|18:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\agi
    [06/10/2006|23:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [17/11/2007|12:06] C:\DOCUME~1\OUVERT~1\APPLIC~1\InstallShield
    [17/11/2007|12:06] C:\DOCUME~1\OUVERT~1\APPLIC~1\InstallShield Installation Information
    [06/10/2006|23:18] C:\DOCUME~1\OUVERT~1\APPLIC~1\Macromedia
    [06/02/2008|12:20] C:\DOCUME~1\OUVERT~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [09/03/2009 18:48][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [14/03/2009 12:41][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [10/08/2004 21:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [04/12/2007|17:13] C:\Program Files\AbiSuite2
    [06/10/2006|23:19] C:\Program Files\Acer WLAN 11g USB Dongle
    [04/01/2009|09:41] C:\Program Files\Adobe
    [05/11/2008|17:20] C:\Program Files\AGI
    [22/11/2008|16:29] C:\Program Files\Alwil Software
    [21/12/2008|18:20] C:\Program Files\AOL
    [02/09/2008|12:19] C:\Program Files\Apple Software Update
    [01/12/2008|20:47] C:\Program Files\ArcSoft
    [22/10/2007|16:43] C:\Program Files\Atout Clic CE1
    [02/09/2008|17:33] C:\Program Files\Atout Clic CP
    [04/01/2009|22:08] C:\Program Files\AxBx
    [10/11/2008|18:57] C:\Program Files\Bonjour
    [15/06/2008|18:55] C:\Program Files\Boonty
    [10/11/2008|18:12] C:\Program Files\BoontyGames
    [04/01/2009|22:05] C:\Program Files\CCleaner
    [12/11/2008|11:14] C:\Program Files\Come2PlayK2P
    [06/10/2006|23:19] C:\Program Files\commercial
    [12/11/2008|11:09] C:\Program Files\Conduit
    [15/11/2008|20:33] C:\Program Files\Control Kids
    [06/10/2006|23:19] C:\Program Files\CyberLink
    [20/11/2007|20:19] C:\Program Files\DeskPlayer
    [06/10/2006|23:19] C:\Program Files\DIFX
    [20/02/2009|20:09] C:\Program Files\Disney Interactive
    [25/06/2007|16:50] C:\Program Files\DV Cam
    [01/12/2008|21:14] C:\Program Files\DVBT Application
    [24/01/2009|18:36] C:\Program Files\eBay
    [27/09/2008|08:14] C:\Program Files\eMule
    [21/02/2009|20:41] C:\Program Files\FairUse Wizard 2
    [26/12/2008|18:47] C:\Program Files\Fichiers communs
    [02/11/2008|22:00] C:\Program Files\Freeze.com
    [06/10/2006|23:19] C:\Program Files\FrenchOtto
    [27/12/2008|11:55] C:\Program Files\Games
    [06/10/2006|23:19] C:\Program Files\GemMasterFrench
    [04/02/2009|17:31] C:\Program Files\Google
    [05/06/2007|07:37] C:\Program Files\GT Interactive
    [11/11/2006|18:56] C:\Program Files\Hachette Multim‚dia
    [02/09/2008|17:32] C:\Program Files\Happyneuron
    [29/10/2008|13:10] C:\Program Files\Hewlett-Packard
    [29/10/2008|13:42] C:\Program Files\HP
    [11/11/2008|19:40] C:\Program Files\IncrediMail
    [20/02/2009|20:09] C:\Program Files\InstallShield Installation Information
    [28/11/2008|14:20] C:\Program Files\Integard
    [12/11/2006|17:29] C:\Program Files\InterActual
    [13/03/2009|15:07] C:\Program Files\Internet Explorer
    [18/11/2008|13:11] C:\Program Files\iWizz
    [14/12/2008|21:29] C:\Program Files\Java
    [16/02/2007|11:26] C:\Program Files\Learn2.com
    [09/02/2009|17:56] C:\Program Files\LimeWire
    [08/09/2008|19:16] C:\Program Files\livetvbar
    [08/02/2009|21:53] C:\Program Files\McDonaldsDragons
    [30/09/2008|22:22] C:\Program Files\Messenger
    [08/02/2009|06:49] C:\Program Files\Messenger Plus! Live
    [26/09/2008|18:04] C:\Program Files\Micro Application
    [26/12/2008|19:07] C:\Program Files\Microsoft
    [20/07/2008|10:16] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [06/10/2006|23:19] C:\Program Files\microsoft frontpage
    [20/01/2008|14:27] C:\Program Files\Microsoft Office
    [27/02/2009|12:34] C:\Program Files\Microsoft Silverlight
    [20/07/2008|09:48] C:\Program Files\Microsoft SQL Server Compact Edition
    [26/12/2008|19:09] C:\Program Files\Microsoft Sync Framework
    [20/01/2008|14:54] C:\Program Files\Microsoft Works
    [24/01/2009|18:38] C:\Program Files\MINDSCAPE
    [05/06/2007|11:51] C:\Program Files\Mio Technology
    [28/07/2008|14:58] C:\Program Files\MiTAC Research (Shanghai) Ltd
    [15/06/2008|19:15] C:\Program Files\MOINS par MOINS
    [30/09/2008|05:12] C:\Program Files\Movie Maker
    [14/03/2009|18:02] C:\Program Files\Mozilla Firefox
    [28/06/2007|15:52] C:\Program Files\MSECache
    [22/07/2008|12:48] C:\Program Files\MSN
    [06/10/2006|23:19] C:\Program Files\MSN Gaming Zone
    [20/07/2008|19:21] C:\Program Files\MSN Messenger
    [21/08/2007|15:30] C:\Program Files\MSXML 4.0
    [30/09/2008|05:09] C:\Program Files\NetMeeting
    [06/10/2006|23:19] C:\Program Files\NewTech Infosystems
    [05/01/2009|10:01] C:\Program Files\NOS
    [18/09/2007|16:26] C:\Program Files\Novosoft International
    [06/10/2006|23:19] C:\Program Files\Oca History Tool
    [06/10/2006|23:19] C:\Program Files\Online Services
    [04/08/2008|19:47] C:\Program Files\OpenOffice.org 2.4
    [30/09/2008|05:09] C:\Program Files\Outlook Express
    [15/08/2007|17:51] C:\Program Files\Pinnacle
    [10/11/2008|18:56] C:\Program Files\QuickTime
    [06/10/2006|23:19] C:\Program Files\Realtek
    [24/07/2008|12:26] C:\Program Files\SDLL
    [05/03/2009|14:44] C:\Program Files\SeekeenSrch
    [06/10/2006|23:19] C:\Program Files\Services en ligne
    [21/12/2008|18:00] C:\Program Files\SFR
    [28/12/2008|17:14] C:\Program Files\SFR ADSL
    [24/03/2007|13:39] C:\Program Files\Sony Ericsson
    [02/03/2009|10:26] C:\Program Files\SweetIM
    [03/02/2007|14:43] C:\Program Files\System
    [17/12/2007|15:46] C:\Program Files\THQ
    [05/06/2007|06:50] C:\Program Files\TomTom DesktopSuite
    [21/08/2007|18:48] C:\Program Files\TomTom HOME
    [24/01/2009|18:35] C:\Program Files\Ubisoft
    [15/08/2007|18:01] C:\Program Files\Ulead Systems
    [03/02/2007|14:12] C:\Program Files\Uninstall Information
    [06/09/2007|19:05] C:\Program Files\ValuSoft
    [12/06/2007|11:44] C:\Program Files\VideoLAN
    [16/02/2007|11:26] C:\Program Files\Viewpoint
    [22/11/2008|17:08] C:\Program Files\Web Hottest Videos Personal Player
    [20/02/2009|07:58] C:\Program Files\Windows Live
    [26/12/2008|19:07] C:\Program Files\Windows Live SkyDrive
    [26/12/2008|19:09] C:\Program Files\Windows Live Toolbar
    [15/08/2007|18:02] C:\Program Files\Windows Media Components
    [18/08/2008|16:22] C:\Program Files\Windows Media Connect 2
    [18/08/2008|16:22] C:\Program Files\Windows Media Player
    [30/09/2008|05:09] C:\Program Files\Windows NT
    [15/11/2007|17:08] C:\Program Files\WinRAR
    [06/10/2006|23:19] C:\Program Files\xerox
    [08/11/2006|17:35] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [04/01/2009|09:41] C:\Program Files\Fichiers communs\Adobe
    [21/12/2008|18:20] C:\Program Files\Fichiers communs\AOL
    [16/02/2007|11:27] C:\Program Files\Fichiers communs\aolback
    [10/11/2008|18:55] C:\Program Files\Fichiers communs\Apple
    [23/05/2007|09:06] C:\Program Files\Fichiers communs\ArcSoft
    [15/11/2007|17:08] C:\Program Files\Fichiers communs\AVSMedia
    [12/11/2006|18:05] C:\Program Files\Fichiers communs\Hewlett-Packard
    [29/10/2008|13:34] C:\Program Files\Fichiers communs\HP
    [17/12/2007|15:32] C:\Program Files\Fichiers communs\InstallShield
    [08/11/2006|17:28] C:\Program Files\Fichiers communs\Java
    [06/10/2006|23:19] C:\Program Files\Fichiers communs\LightScribe
    [20/02/2009|07:55] C:\Program Files\Fichiers communs\Microsoft Shared
    [06/10/2006|23:19] C:\Program Files\Fichiers communs\MSSoap
    [06/10/2006|23:19] C:\Program Files\Fichiers communs\muvee Technologies
    [06/10/2006|23:19] C:\Program Files\Fichiers communs\NewTech Infosystems
    [16/02/2007|11:26] C:\Program Files\Fichiers communs\Nullsoft
    [06/06/2007|09:31] C:\Program Files\Fichiers communs\ODBC
    [22/11/2008|14:10] C:\Program Files\Fichiers communs\Panda Software
    [16/02/2007|11:29] C:\Program Files\Fichiers communs\Real
    [06/10/2006|23:19] C:\Program Files\Fichiers communs\Services
    [29/10/2008|13:34] C:\Program Files\Fichiers communs\Sonic Shared
    [06/10/2006|23:19] C:\Program Files\Fichiers communs\SpeechEngines
    [23/02/2007|15:29] C:\Program Files\Fichiers communs\Symantec Shared
    [30/09/2008|05:09] C:\Program Files\Fichiers communs\System
    [24/03/2007|13:39] C:\Program Files\Fichiers communs\Teleca Shared
    [26/12/2008|18:47] C:\Program Files\Fichiers communs\Windows Live
    [20/07/2008|09:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 64 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\confo\LOCALS~1\Temp\nse2D5.tmp
    C:\DOCUME~1\confo\LOCALS~1\Temp\nsf200.tmp
    C:\DOCUME~1\confo\LOCALS~1\Temp\nsh209.tmp
    C:\DOCUME~1\confo\Cookies\confo@advertising[1].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-03-14 18:06:08
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 5

    --------------------\\ Recherche d'autres infections

    C:\WINDOWS\Pack.epk
    [b]==> EGDACCESS <==/b

    [F:4717][D:291]-> C:\DOCUME~1\confo\LOCALS~1\Temp
    [F:129][D:0]-> C:\DOCUME~1\confo\Cookies
    [F:62675][D:35]-> C:\DOCUME~1\confo\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 14/03/2009|18:09 - Option : [1]

    --------------------\\ Fin du rapport a 18:09:55
    0
  20. Utilisateur anonyme
     
    Relance Lop S&D

    Choisis cette fois-ci l'option 2 (Suppression)

    Ne ferme pas la fenêtre lors de la suppression !

    Poste le rapport généré (C:\lopR.txt)

    * (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    0
  • 1
  • 2