Pc infecté
Fermé
cedric18om
Messages postés
237
Date d'inscription
samedi 23 août 2008
Statut
Membre
Dernière intervention
5 septembre 2010
-
2 avril 2009 à 15:37
cedric18om Messages postés 237 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 5 septembre 2010 - 2 avril 2009 à 17:04
cedric18om Messages postés 237 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 5 septembre 2010 - 2 avril 2009 à 17:04
A voir également:
- Pc infecté
- Benchmark pc - Guide
- Ecran noir pc - Guide
- Reinitialiser pc - Guide
- Pc lent - Guide
- Télécharger musique gratuitement sur pc - Télécharger - Conversion & Extraction
10 réponses
kevin05
Messages postés
3636
Date d'inscription
samedi 29 novembre 2008
Statut
Contributeur sécurité
Dernière intervention
13 mai 2010
147
2 avril 2009 à 16:02
2 avril 2009 à 16:02
Salut,
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
cedric18om
Messages postés
237
Date d'inscription
samedi 23 août 2008
Statut
Membre
Dernière intervention
5 septembre 2010
4
2 avril 2009 à 16:04
2 avril 2009 à 16:04
Logfile of random's system information tool 1.06 (written by random/random)
Run by perso at 2009-04-02 16:03:37
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 133 GB (85%) free of 157 GB
Total RAM: 1022 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:03:46, on 02/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\winsys2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\perso\Local Settings\Temporary Internet Files\Content.IE5\Y0GLUOV3\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\perso.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Run by perso at 2009-04-02 16:03:37
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 133 GB (85%) free of 157 GB
Total RAM: 1022 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:03:46, on 02/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\winsys2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\perso\Local Settings\Temporary Internet Files\Content.IE5\Y0GLUOV3\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\perso.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
cedric18om
Messages postés
237
Date d'inscription
samedi 23 août 2008
Statut
Membre
Dernière intervention
5 septembre 2010
4
2 avril 2009 à 16:05
2 avril 2009 à 16:05
Par contre je ne trouve pas l'autre rapport dans la barre des tâches.
kevin05
Messages postés
3636
Date d'inscription
samedi 29 novembre 2008
Statut
Contributeur sécurité
Dernière intervention
13 mai 2010
147
2 avril 2009 à 16:06
2 avril 2009 à 16:06
Ok c'est partit :
Télécharge Lop S&D.exe sur ton Bureau.
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Télécharge Lop S&D.exe sur ton Bureau.
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
cedric18om
Messages postés
237
Date d'inscription
samedi 23 août 2008
Statut
Membre
Dernière intervention
5 septembre 2010
4
2 avril 2009 à 16:30
2 avril 2009 à 16:30
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : perso ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:153 Go (Free:129 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/04/2009|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/12/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[17/12/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[20/02/2009|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Desperate Housewives
[17/12/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
[17/12/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[17/12/2008|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/12/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2009|21:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Age of Empires 3
[08/01/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[27/02/2009|22:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[13/02/2009|18:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[08/01/2009|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ma-config.com
[18/02/2009|17:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[19/03/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SUPERAntiSpyware.com
[10/02/2009|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Tarma Installer
[12/01/2009|19:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Desperate Housewives
[08/01/2009|17:44] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[17/12/2008|14:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[17/12/2008|14:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[17/12/2008|16:34] C:\DOCUME~1\P'TITC~1\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:24] C:\DOCUME~1\P'TITC~1\APPLIC~1\Identities
[17/12/2008|16:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\InstallShield
[17/12/2008|14:29] C:\DOCUME~1\P'TITC~1\APPLIC~1\Macromedia
[17/12/2008|19:33] C:\DOCUME~1\P'TITC~1\APPLIC~1\Microsoft
[17/12/2008|15:30] C:\DOCUME~1\P'TITC~1\APPLIC~1\Mozilla
[17/12/2008|22:11] C:\DOCUME~1\P'TITC~1\APPLIC~1\Skype
[17/12/2008|21:16] C:\DOCUME~1\P'TITC~1\APPLIC~1\skypePM
[17/12/2008|18:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\Sun
[17/12/2008|15:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Uniblue
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\perso\APPLIC~1\Desperate Housewives
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\dvdcss
[08/02/2009|20:57] C:\DOCUME~1\perso\APPLIC~1\Google
[08/01/2009|17:50] C:\DOCUME~1\perso\APPLIC~1\Identities
[08/01/2009|17:58] C:\DOCUME~1\perso\APPLIC~1\InstallShield
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Macromedia
[27/03/2009|08:10] C:\DOCUME~1\perso\APPLIC~1\Microsoft
[13/02/2009|16:16] C:\DOCUME~1\perso\APPLIC~1\Mozilla
[16/01/2009|22:18] C:\DOCUME~1\perso\APPLIC~1\Sun
[19/03/2009|18:51] C:\DOCUME~1\perso\APPLIC~1\SUPERAntiSpyware.com
[13/02/2009|20:00] C:\DOCUME~1\perso\APPLIC~1\U3
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[02/04/2009 15:17][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
[01/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[17/12/2008|14:45] C:\Program Files\Avira
[08/01/2009|17:53] C:\Program Files\Browser Configuration Utility
[20/02/2009|13:28] C:\Program Files\Buena Vista Games
[17/12/2008|14:10] C:\Program Files\ComPlus Applications
[13/02/2009|17:59] C:\Program Files\Fichiers communs
[28/02/2009|01:28] C:\Program Files\Google
[17/12/2008|16:26] C:\Program Files\Hercules
[17/12/2008|20:06] C:\Program Files\IDETOOL
[17/03/2009|19:28] C:\Program Files\InstallShield Installation Information
[08/01/2009|17:53] C:\Program Files\Intel
[11/02/2009|08:07] C:\Program Files\Internet Explorer
[21/02/2009|14:01] C:\Program Files\Java
[13/02/2009|17:59] C:\Program Files\Lavasoft
[08/01/2009|18:19] C:\Program Files\ma-config.com
[10/01/2009|04:00] C:\Program Files\Messenger
[17/12/2008|14:42] C:\Program Files\Microsoft
[17/12/2008|14:18] C:\Program Files\microsoft frontpage
[13/02/2009|18:26] C:\Program Files\Microsoft Games
[26/02/2009|16:57] C:\Program Files\Microsoft Silverlight
[18/02/2009|17:32] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:44] C:\Program Files\Microsoft Sync Framework
[08/01/2009|18:44] C:\Program Files\Movie Maker
[17/02/2009|19:41] C:\Program Files\Mozilla Firefox
[12/01/2009|19:57] C:\Program Files\MSN
[17/12/2008|14:10] C:\Program Files\MSN Gaming Zone
[15/02/2009|04:00] C:\Program Files\MSXML 4.0
[08/01/2009|18:42] C:\Program Files\NetMeeting
[17/12/2008|14:10] C:\Program Files\Online Services
[07/02/2009|18:18] C:\Program Files\OrangeHSS
[08/01/2009|18:42] C:\Program Files\Outlook Express
[08/01/2009|17:58] C:\Program Files\Realtek
[17/12/2008|14:27] C:\Program Files\Securitoo
[17/12/2008|14:12] C:\Program Files\Services en ligne
[17/12/2008|21:14] C:\Program Files\Skype
[27/03/2009|08:05] C:\Program Files\SUPERAntiSpyware
[08/01/2009|18:12] C:\Program Files\SystemRequirementsLab
[02/04/2009|15:50] C:\Program Files\trend micro
[17/12/2008|15:01] C:\Program Files\Uniblue
[17/12/2008|14:24] C:\Program Files\Uninstall Information
[27/02/2009|15:43] C:\Program Files\Utherverse Digital Inc
[17/12/2008|19:31] C:\Program Files\VIA
[06/03/2009|14:47] C:\Program Files\VideoLAN
[17/12/2008|14:47] C:\Program Files\Windows Live
[17/12/2008|14:42] C:\Program Files\Windows Live SkyDrive
[23/01/2009|23:05] C:\Program Files\Windows Media Connect 2
[23/01/2009|23:05] C:\Program Files\Windows Media Player
[08/01/2009|18:42] C:\Program Files\Windows NT
[17/12/2008|14:12] C:\Program Files\WindowsUpdate
[17/12/2008|14:18] C:\Program Files\xerox
[10/02/2009|18:12] C:\Program Files\Yontoo Layers Client for Internet Explorer
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/12/2008|14:26] C:\Program Files\Fichiers communs\France Telecom
[08/01/2009|17:52] C:\Program Files\Fichiers communs\InstallShield
[17/12/2008|14:16] C:\Program Files\Fichiers communs\Java
[17/12/2008|16:27] C:\Program Files\Fichiers communs\Microsoft Shared
[17/12/2008|14:11] C:\Program Files\Fichiers communs\MSSoap
[17/12/2008|15:03] C:\Program Files\Fichiers communs\ODBC
[17/12/2008|14:11] C:\Program Files\Fichiers communs\Services
[17/12/2008|21:14] C:\Program Files\Fichiers communs\Skype
[17/12/2008|15:03] C:\Program Files\Fichiers communs\SpeechEngines
[08/01/2009|18:42] C:\Program Files\Fichiers communs\System
[17/12/2008|14:32] C:\Program Files\Fichiers communs\Windows Live
[27/03/2009|08:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 38 Processes )
iexplore.exe ~ [PID:2436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\perso\Cookies\perso@advertstream[2].txt
C:\DOCUME~1\perso\Cookies\perso@advertising[1].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[4].txt
C:\DOCUME~1\perso\Cookies\perso@fr.darkorbit.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@int1.the-pimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@ssl.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@cotedazurpalace[1].txt
C:\DOCUME~1\perso\Cookies\perso@adopt.euroclick[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:25:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:312][D:237]-> C:\DOCUME~1\perso\LOCALS~1\Temp
[F:825][D:0]-> C:\DOCUME~1\perso\Cookies
[F:23171][D:56]-> C:\DOCUME~1\perso\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/04/2009|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:13
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : perso ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:153 Go (Free:129 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/04/2009|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/12/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[17/12/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[20/02/2009|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Desperate Housewives
[17/12/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
[17/12/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[17/12/2008|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/12/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2009|21:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Age of Empires 3
[08/01/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[27/02/2009|22:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[13/02/2009|18:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[08/01/2009|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ma-config.com
[18/02/2009|17:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[19/03/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SUPERAntiSpyware.com
[10/02/2009|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Tarma Installer
[12/01/2009|19:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Desperate Housewives
[08/01/2009|17:44] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[17/12/2008|14:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[17/12/2008|14:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[17/12/2008|16:34] C:\DOCUME~1\P'TITC~1\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:24] C:\DOCUME~1\P'TITC~1\APPLIC~1\Identities
[17/12/2008|16:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\InstallShield
[17/12/2008|14:29] C:\DOCUME~1\P'TITC~1\APPLIC~1\Macromedia
[17/12/2008|19:33] C:\DOCUME~1\P'TITC~1\APPLIC~1\Microsoft
[17/12/2008|15:30] C:\DOCUME~1\P'TITC~1\APPLIC~1\Mozilla
[17/12/2008|22:11] C:\DOCUME~1\P'TITC~1\APPLIC~1\Skype
[17/12/2008|21:16] C:\DOCUME~1\P'TITC~1\APPLIC~1\skypePM
[17/12/2008|18:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\Sun
[17/12/2008|15:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Uniblue
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\perso\APPLIC~1\Desperate Housewives
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\dvdcss
[08/02/2009|20:57] C:\DOCUME~1\perso\APPLIC~1\Google
[08/01/2009|17:50] C:\DOCUME~1\perso\APPLIC~1\Identities
[08/01/2009|17:58] C:\DOCUME~1\perso\APPLIC~1\InstallShield
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Macromedia
[27/03/2009|08:10] C:\DOCUME~1\perso\APPLIC~1\Microsoft
[13/02/2009|16:16] C:\DOCUME~1\perso\APPLIC~1\Mozilla
[16/01/2009|22:18] C:\DOCUME~1\perso\APPLIC~1\Sun
[19/03/2009|18:51] C:\DOCUME~1\perso\APPLIC~1\SUPERAntiSpyware.com
[13/02/2009|20:00] C:\DOCUME~1\perso\APPLIC~1\U3
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[02/04/2009 15:17][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
[01/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[17/12/2008|14:45] C:\Program Files\Avira
[08/01/2009|17:53] C:\Program Files\Browser Configuration Utility
[20/02/2009|13:28] C:\Program Files\Buena Vista Games
[17/12/2008|14:10] C:\Program Files\ComPlus Applications
[13/02/2009|17:59] C:\Program Files\Fichiers communs
[28/02/2009|01:28] C:\Program Files\Google
[17/12/2008|16:26] C:\Program Files\Hercules
[17/12/2008|20:06] C:\Program Files\IDETOOL
[17/03/2009|19:28] C:\Program Files\InstallShield Installation Information
[08/01/2009|17:53] C:\Program Files\Intel
[11/02/2009|08:07] C:\Program Files\Internet Explorer
[21/02/2009|14:01] C:\Program Files\Java
[13/02/2009|17:59] C:\Program Files\Lavasoft
[08/01/2009|18:19] C:\Program Files\ma-config.com
[10/01/2009|04:00] C:\Program Files\Messenger
[17/12/2008|14:42] C:\Program Files\Microsoft
[17/12/2008|14:18] C:\Program Files\microsoft frontpage
[13/02/2009|18:26] C:\Program Files\Microsoft Games
[26/02/2009|16:57] C:\Program Files\Microsoft Silverlight
[18/02/2009|17:32] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:44] C:\Program Files\Microsoft Sync Framework
[08/01/2009|18:44] C:\Program Files\Movie Maker
[17/02/2009|19:41] C:\Program Files\Mozilla Firefox
[12/01/2009|19:57] C:\Program Files\MSN
[17/12/2008|14:10] C:\Program Files\MSN Gaming Zone
[15/02/2009|04:00] C:\Program Files\MSXML 4.0
[08/01/2009|18:42] C:\Program Files\NetMeeting
[17/12/2008|14:10] C:\Program Files\Online Services
[07/02/2009|18:18] C:\Program Files\OrangeHSS
[08/01/2009|18:42] C:\Program Files\Outlook Express
[08/01/2009|17:58] C:\Program Files\Realtek
[17/12/2008|14:27] C:\Program Files\Securitoo
[17/12/2008|14:12] C:\Program Files\Services en ligne
[17/12/2008|21:14] C:\Program Files\Skype
[27/03/2009|08:05] C:\Program Files\SUPERAntiSpyware
[08/01/2009|18:12] C:\Program Files\SystemRequirementsLab
[02/04/2009|15:50] C:\Program Files\trend micro
[17/12/2008|15:01] C:\Program Files\Uniblue
[17/12/2008|14:24] C:\Program Files\Uninstall Information
[27/02/2009|15:43] C:\Program Files\Utherverse Digital Inc
[17/12/2008|19:31] C:\Program Files\VIA
[06/03/2009|14:47] C:\Program Files\VideoLAN
[17/12/2008|14:47] C:\Program Files\Windows Live
[17/12/2008|14:42] C:\Program Files\Windows Live SkyDrive
[23/01/2009|23:05] C:\Program Files\Windows Media Connect 2
[23/01/2009|23:05] C:\Program Files\Windows Media Player
[08/01/2009|18:42] C:\Program Files\Windows NT
[17/12/2008|14:12] C:\Program Files\WindowsUpdate
[17/12/2008|14:18] C:\Program Files\xerox
[10/02/2009|18:12] C:\Program Files\Yontoo Layers Client for Internet Explorer
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/12/2008|14:26] C:\Program Files\Fichiers communs\France Telecom
[08/01/2009|17:52] C:\Program Files\Fichiers communs\InstallShield
[17/12/2008|14:16] C:\Program Files\Fichiers communs\Java
[17/12/2008|16:27] C:\Program Files\Fichiers communs\Microsoft Shared
[17/12/2008|14:11] C:\Program Files\Fichiers communs\MSSoap
[17/12/2008|15:03] C:\Program Files\Fichiers communs\ODBC
[17/12/2008|14:11] C:\Program Files\Fichiers communs\Services
[17/12/2008|21:14] C:\Program Files\Fichiers communs\Skype
[17/12/2008|15:03] C:\Program Files\Fichiers communs\SpeechEngines
[08/01/2009|18:42] C:\Program Files\Fichiers communs\System
[17/12/2008|14:32] C:\Program Files\Fichiers communs\Windows Live
[27/03/2009|08:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 38 Processes )
iexplore.exe ~ [PID:2436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\perso\Cookies\perso@advertstream[2].txt
C:\DOCUME~1\perso\Cookies\perso@advertising[1].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[4].txt
C:\DOCUME~1\perso\Cookies\perso@fr.darkorbit.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@int1.the-pimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@ssl.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@cotedazurpalace[1].txt
C:\DOCUME~1\perso\Cookies\perso@adopt.euroclick[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:25:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:312][D:237]-> C:\DOCUME~1\perso\LOCALS~1\Temp
[F:825][D:0]-> C:\DOCUME~1\perso\Cookies
[F:23171][D:56]-> C:\DOCUME~1\perso\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/04/2009|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:13
cedric18om
Messages postés
237
Date d'inscription
samedi 23 août 2008
Statut
Membre
Dernière intervention
5 septembre 2010
4
2 avril 2009 à 16:30
2 avril 2009 à 16:30
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : perso ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:153 Go (Free:129 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/04/2009|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/12/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[17/12/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[20/02/2009|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Desperate Housewives
[17/12/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
[17/12/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[17/12/2008|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/12/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2009|21:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Age of Empires 3
[08/01/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[27/02/2009|22:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[13/02/2009|18:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[08/01/2009|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ma-config.com
[18/02/2009|17:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[19/03/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SUPERAntiSpyware.com
[10/02/2009|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Tarma Installer
[12/01/2009|19:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Desperate Housewives
[08/01/2009|17:44] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[17/12/2008|14:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[17/12/2008|14:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[17/12/2008|16:34] C:\DOCUME~1\P'TITC~1\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:24] C:\DOCUME~1\P'TITC~1\APPLIC~1\Identities
[17/12/2008|16:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\InstallShield
[17/12/2008|14:29] C:\DOCUME~1\P'TITC~1\APPLIC~1\Macromedia
[17/12/2008|19:33] C:\DOCUME~1\P'TITC~1\APPLIC~1\Microsoft
[17/12/2008|15:30] C:\DOCUME~1\P'TITC~1\APPLIC~1\Mozilla
[17/12/2008|22:11] C:\DOCUME~1\P'TITC~1\APPLIC~1\Skype
[17/12/2008|21:16] C:\DOCUME~1\P'TITC~1\APPLIC~1\skypePM
[17/12/2008|18:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\Sun
[17/12/2008|15:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Uniblue
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\perso\APPLIC~1\Desperate Housewives
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\dvdcss
[08/02/2009|20:57] C:\DOCUME~1\perso\APPLIC~1\Google
[08/01/2009|17:50] C:\DOCUME~1\perso\APPLIC~1\Identities
[08/01/2009|17:58] C:\DOCUME~1\perso\APPLIC~1\InstallShield
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Macromedia
[27/03/2009|08:10] C:\DOCUME~1\perso\APPLIC~1\Microsoft
[13/02/2009|16:16] C:\DOCUME~1\perso\APPLIC~1\Mozilla
[16/01/2009|22:18] C:\DOCUME~1\perso\APPLIC~1\Sun
[19/03/2009|18:51] C:\DOCUME~1\perso\APPLIC~1\SUPERAntiSpyware.com
[13/02/2009|20:00] C:\DOCUME~1\perso\APPLIC~1\U3
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[02/04/2009 15:17][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
[01/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[17/12/2008|14:45] C:\Program Files\Avira
[08/01/2009|17:53] C:\Program Files\Browser Configuration Utility
[20/02/2009|13:28] C:\Program Files\Buena Vista Games
[17/12/2008|14:10] C:\Program Files\ComPlus Applications
[13/02/2009|17:59] C:\Program Files\Fichiers communs
[28/02/2009|01:28] C:\Program Files\Google
[17/12/2008|16:26] C:\Program Files\Hercules
[17/12/2008|20:06] C:\Program Files\IDETOOL
[17/03/2009|19:28] C:\Program Files\InstallShield Installation Information
[08/01/2009|17:53] C:\Program Files\Intel
[11/02/2009|08:07] C:\Program Files\Internet Explorer
[21/02/2009|14:01] C:\Program Files\Java
[13/02/2009|17:59] C:\Program Files\Lavasoft
[08/01/2009|18:19] C:\Program Files\ma-config.com
[10/01/2009|04:00] C:\Program Files\Messenger
[17/12/2008|14:42] C:\Program Files\Microsoft
[17/12/2008|14:18] C:\Program Files\microsoft frontpage
[13/02/2009|18:26] C:\Program Files\Microsoft Games
[26/02/2009|16:57] C:\Program Files\Microsoft Silverlight
[18/02/2009|17:32] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:44] C:\Program Files\Microsoft Sync Framework
[08/01/2009|18:44] C:\Program Files\Movie Maker
[17/02/2009|19:41] C:\Program Files\Mozilla Firefox
[12/01/2009|19:57] C:\Program Files\MSN
[17/12/2008|14:10] C:\Program Files\MSN Gaming Zone
[15/02/2009|04:00] C:\Program Files\MSXML 4.0
[08/01/2009|18:42] C:\Program Files\NetMeeting
[17/12/2008|14:10] C:\Program Files\Online Services
[07/02/2009|18:18] C:\Program Files\OrangeHSS
[08/01/2009|18:42] C:\Program Files\Outlook Express
[08/01/2009|17:58] C:\Program Files\Realtek
[17/12/2008|14:27] C:\Program Files\Securitoo
[17/12/2008|14:12] C:\Program Files\Services en ligne
[17/12/2008|21:14] C:\Program Files\Skype
[27/03/2009|08:05] C:\Program Files\SUPERAntiSpyware
[08/01/2009|18:12] C:\Program Files\SystemRequirementsLab
[02/04/2009|15:50] C:\Program Files\trend micro
[17/12/2008|15:01] C:\Program Files\Uniblue
[17/12/2008|14:24] C:\Program Files\Uninstall Information
[27/02/2009|15:43] C:\Program Files\Utherverse Digital Inc
[17/12/2008|19:31] C:\Program Files\VIA
[06/03/2009|14:47] C:\Program Files\VideoLAN
[17/12/2008|14:47] C:\Program Files\Windows Live
[17/12/2008|14:42] C:\Program Files\Windows Live SkyDrive
[23/01/2009|23:05] C:\Program Files\Windows Media Connect 2
[23/01/2009|23:05] C:\Program Files\Windows Media Player
[08/01/2009|18:42] C:\Program Files\Windows NT
[17/12/2008|14:12] C:\Program Files\WindowsUpdate
[17/12/2008|14:18] C:\Program Files\xerox
[10/02/2009|18:12] C:\Program Files\Yontoo Layers Client for Internet Explorer
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/12/2008|14:26] C:\Program Files\Fichiers communs\France Telecom
[08/01/2009|17:52] C:\Program Files\Fichiers communs\InstallShield
[17/12/2008|14:16] C:\Program Files\Fichiers communs\Java
[17/12/2008|16:27] C:\Program Files\Fichiers communs\Microsoft Shared
[17/12/2008|14:11] C:\Program Files\Fichiers communs\MSSoap
[17/12/2008|15:03] C:\Program Files\Fichiers communs\ODBC
[17/12/2008|14:11] C:\Program Files\Fichiers communs\Services
[17/12/2008|21:14] C:\Program Files\Fichiers communs\Skype
[17/12/2008|15:03] C:\Program Files\Fichiers communs\SpeechEngines
[08/01/2009|18:42] C:\Program Files\Fichiers communs\System
[17/12/2008|14:32] C:\Program Files\Fichiers communs\Windows Live
[27/03/2009|08:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 38 Processes )
iexplore.exe ~ [PID:2436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\perso\Cookies\perso@advertstream[2].txt
C:\DOCUME~1\perso\Cookies\perso@advertising[1].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[4].txt
C:\DOCUME~1\perso\Cookies\perso@fr.darkorbit.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@int1.the-pimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@ssl.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@cotedazurpalace[1].txt
C:\DOCUME~1\perso\Cookies\perso@adopt.euroclick[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:25:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:312][D:237]-> C:\DOCUME~1\perso\LOCALS~1\Temp
[F:825][D:0]-> C:\DOCUME~1\perso\Cookies
[F:23171][D:56]-> C:\DOCUME~1\perso\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/04/2009|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:13
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : perso ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:153 Go (Free:129 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/04/2009|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/12/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[17/12/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[20/02/2009|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Desperate Housewives
[17/12/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
[17/12/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[17/12/2008|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/12/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2009|21:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Age of Empires 3
[08/01/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[27/02/2009|22:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[13/02/2009|18:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[08/01/2009|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ma-config.com
[18/02/2009|17:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[19/03/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SUPERAntiSpyware.com
[10/02/2009|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Tarma Installer
[12/01/2009|19:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Desperate Housewives
[08/01/2009|17:44] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[17/12/2008|14:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[17/12/2008|14:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[17/12/2008|16:34] C:\DOCUME~1\P'TITC~1\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:24] C:\DOCUME~1\P'TITC~1\APPLIC~1\Identities
[17/12/2008|16:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\InstallShield
[17/12/2008|14:29] C:\DOCUME~1\P'TITC~1\APPLIC~1\Macromedia
[17/12/2008|19:33] C:\DOCUME~1\P'TITC~1\APPLIC~1\Microsoft
[17/12/2008|15:30] C:\DOCUME~1\P'TITC~1\APPLIC~1\Mozilla
[17/12/2008|22:11] C:\DOCUME~1\P'TITC~1\APPLIC~1\Skype
[17/12/2008|21:16] C:\DOCUME~1\P'TITC~1\APPLIC~1\skypePM
[17/12/2008|18:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\Sun
[17/12/2008|15:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Uniblue
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\perso\APPLIC~1\Desperate Housewives
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\dvdcss
[08/02/2009|20:57] C:\DOCUME~1\perso\APPLIC~1\Google
[08/01/2009|17:50] C:\DOCUME~1\perso\APPLIC~1\Identities
[08/01/2009|17:58] C:\DOCUME~1\perso\APPLIC~1\InstallShield
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Macromedia
[27/03/2009|08:10] C:\DOCUME~1\perso\APPLIC~1\Microsoft
[13/02/2009|16:16] C:\DOCUME~1\perso\APPLIC~1\Mozilla
[16/01/2009|22:18] C:\DOCUME~1\perso\APPLIC~1\Sun
[19/03/2009|18:51] C:\DOCUME~1\perso\APPLIC~1\SUPERAntiSpyware.com
[13/02/2009|20:00] C:\DOCUME~1\perso\APPLIC~1\U3
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[02/04/2009 15:17][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
[01/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[17/12/2008|14:45] C:\Program Files\Avira
[08/01/2009|17:53] C:\Program Files\Browser Configuration Utility
[20/02/2009|13:28] C:\Program Files\Buena Vista Games
[17/12/2008|14:10] C:\Program Files\ComPlus Applications
[13/02/2009|17:59] C:\Program Files\Fichiers communs
[28/02/2009|01:28] C:\Program Files\Google
[17/12/2008|16:26] C:\Program Files\Hercules
[17/12/2008|20:06] C:\Program Files\IDETOOL
[17/03/2009|19:28] C:\Program Files\InstallShield Installation Information
[08/01/2009|17:53] C:\Program Files\Intel
[11/02/2009|08:07] C:\Program Files\Internet Explorer
[21/02/2009|14:01] C:\Program Files\Java
[13/02/2009|17:59] C:\Program Files\Lavasoft
[08/01/2009|18:19] C:\Program Files\ma-config.com
[10/01/2009|04:00] C:\Program Files\Messenger
[17/12/2008|14:42] C:\Program Files\Microsoft
[17/12/2008|14:18] C:\Program Files\microsoft frontpage
[13/02/2009|18:26] C:\Program Files\Microsoft Games
[26/02/2009|16:57] C:\Program Files\Microsoft Silverlight
[18/02/2009|17:32] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:44] C:\Program Files\Microsoft Sync Framework
[08/01/2009|18:44] C:\Program Files\Movie Maker
[17/02/2009|19:41] C:\Program Files\Mozilla Firefox
[12/01/2009|19:57] C:\Program Files\MSN
[17/12/2008|14:10] C:\Program Files\MSN Gaming Zone
[15/02/2009|04:00] C:\Program Files\MSXML 4.0
[08/01/2009|18:42] C:\Program Files\NetMeeting
[17/12/2008|14:10] C:\Program Files\Online Services
[07/02/2009|18:18] C:\Program Files\OrangeHSS
[08/01/2009|18:42] C:\Program Files\Outlook Express
[08/01/2009|17:58] C:\Program Files\Realtek
[17/12/2008|14:27] C:\Program Files\Securitoo
[17/12/2008|14:12] C:\Program Files\Services en ligne
[17/12/2008|21:14] C:\Program Files\Skype
[27/03/2009|08:05] C:\Program Files\SUPERAntiSpyware
[08/01/2009|18:12] C:\Program Files\SystemRequirementsLab
[02/04/2009|15:50] C:\Program Files\trend micro
[17/12/2008|15:01] C:\Program Files\Uniblue
[17/12/2008|14:24] C:\Program Files\Uninstall Information
[27/02/2009|15:43] C:\Program Files\Utherverse Digital Inc
[17/12/2008|19:31] C:\Program Files\VIA
[06/03/2009|14:47] C:\Program Files\VideoLAN
[17/12/2008|14:47] C:\Program Files\Windows Live
[17/12/2008|14:42] C:\Program Files\Windows Live SkyDrive
[23/01/2009|23:05] C:\Program Files\Windows Media Connect 2
[23/01/2009|23:05] C:\Program Files\Windows Media Player
[08/01/2009|18:42] C:\Program Files\Windows NT
[17/12/2008|14:12] C:\Program Files\WindowsUpdate
[17/12/2008|14:18] C:\Program Files\xerox
[10/02/2009|18:12] C:\Program Files\Yontoo Layers Client for Internet Explorer
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/12/2008|14:26] C:\Program Files\Fichiers communs\France Telecom
[08/01/2009|17:52] C:\Program Files\Fichiers communs\InstallShield
[17/12/2008|14:16] C:\Program Files\Fichiers communs\Java
[17/12/2008|16:27] C:\Program Files\Fichiers communs\Microsoft Shared
[17/12/2008|14:11] C:\Program Files\Fichiers communs\MSSoap
[17/12/2008|15:03] C:\Program Files\Fichiers communs\ODBC
[17/12/2008|14:11] C:\Program Files\Fichiers communs\Services
[17/12/2008|21:14] C:\Program Files\Fichiers communs\Skype
[17/12/2008|15:03] C:\Program Files\Fichiers communs\SpeechEngines
[08/01/2009|18:42] C:\Program Files\Fichiers communs\System
[17/12/2008|14:32] C:\Program Files\Fichiers communs\Windows Live
[27/03/2009|08:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 38 Processes )
iexplore.exe ~ [PID:2436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\perso\Cookies\perso@advertstream[2].txt
C:\DOCUME~1\perso\Cookies\perso@advertising[1].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[4].txt
C:\DOCUME~1\perso\Cookies\perso@fr.darkorbit.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@int1.the-pimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@ssl.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@cotedazurpalace[1].txt
C:\DOCUME~1\perso\Cookies\perso@adopt.euroclick[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:25:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:312][D:237]-> C:\DOCUME~1\perso\LOCALS~1\Temp
[F:825][D:0]-> C:\DOCUME~1\perso\Cookies
[F:23171][D:56]-> C:\DOCUME~1\perso\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/04/2009|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:13
kevin05
Messages postés
3636
Date d'inscription
samedi 29 novembre 2008
Statut
Contributeur sécurité
Dernière intervention
13 mai 2010
147
2 avril 2009 à 16:31
2 avril 2009 à 16:31
Re ok
▶ Télécharge Combofix de sUBs
▶ et enregistre le sur le Bureau.
▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
▶ Je te conseille d'installer la console de récupération !!
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
▶ Télécharge Combofix de sUBs
▶ et enregistre le sur le Bureau.
▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
▶ Je te conseille d'installer la console de récupération !!
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
cedric18om
Messages postés
237
Date d'inscription
samedi 23 août 2008
Statut
Membre
Dernière intervention
5 septembre 2010
4
2 avril 2009 à 17:02
2 avril 2009 à 17:02
ComboFix 09-04-01.01 - perso 2009-04-02 16:51:13.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1022.687 [GMT 2:00]
Lancé depuis: c:\documents and settings\perso\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\kbdfi.dll
.
---- Exécution préalable -------
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\kbdfi.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-03-02 au 2009-04-02 ))))))))))))))))))))))))))))))))))))
.
2009-04-02 16:23 . 2009-04-02 16:28 <REP> d-------- C:\Lop SD
2009-03-27 17:00 . 2009-03-27 17:00 <REP> d--hs---- C:\found.000
2009-03-27 08:10 . 2009-03-27 08:11 <REP> d-------- C:\bc24d46854bf1957f198e3c32d
2009-03-22 14:00 . 2009-03-22 14:00 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-03-22 13:59 . 2009-03-22 13:59 <REP> d-------- c:\windows\ERUNT
2009-03-19 18:52 . 2009-03-19 18:52 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-03-19 18:51 . 2009-03-27 08:05 <REP> d-------- c:\program files\SUPERAntiSpyware
2009-03-19 18:51 . 2009-03-19 18:51 <REP> d-------- c:\documents and settings\perso\Application Data\SUPERAntiSpyware.com
2009-03-18 18:33 . 2009-03-18 19:15 <REP> d-------- c:\documents and settings\perso\DoctorWeb
2009-03-15 14:34 . 2009-03-22 14:19 <REP> d-------- C:\SDFix
2009-03-15 14:29 . 2009-03-15 14:29 <REP> d-------- C:\rsit
2009-03-15 14:29 . 2009-04-02 15:50 <REP> d-------- c:\program files\trend micro
2009-03-13 13:00 . 2009-03-30 20:06 90,112 --a------ c:\windows\DUMP7303.tmp
2009-03-13 13:00 . 2009-03-31 17:41 90,112 --a------ c:\windows\DUMP464b.tmp
2009-03-13 13:00 . 2009-03-27 22:17 90,112 --a------ c:\windows\DUMP36f9.tmp
2009-03-13 13:00 . 2009-03-31 12:15 90,112 --a------ c:\windows\DUMP2a85.tmp
2009-03-13 13:00 . 2009-03-27 13:22 90,112 --a------ c:\windows\DUMP2565.tmp
2009-03-13 13:00 . 2009-03-26 19:25 90,112 --a------ c:\windows\DUMP245b.tmp
2009-03-06 17:32 . 2009-03-06 17:32 <REP> d-------- c:\documents and settings\perso\Application Data\dvdcss
2009-03-06 15:13 . 2009-03-06 17:32 <REP> d-------- c:\documents and settings\perso\Application Data\vlc
2009-03-06 14:47 . 2009-03-06 14:47 <REP> d-------- c:\program files\VideoLAN
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-30 10:41 16,608 ----a-w c:\windows\gdrv.sys
2009-03-27 06:05 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-03-17 17:28 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-27 23:28 --------- d-----w c:\program files\Google
2009-02-27 13:43 --------- d-----w c:\program files\Utherverse Digital Inc
2009-02-26 14:57 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-21 12:01 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-21 12:01 --------- d-----w c:\program files\Java
2009-02-20 12:02 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2009-02-20 12:01 --------- d-----w c:\documents and settings\perso\Application Data\Desperate Housewives
2009-02-20 12:01 --------- d-----w c:\documents and settings\P'tit cé 18\Application Data\Desperate Housewives
2009-02-20 12:01 --------- d-----w c:\documents and settings\Default User.WINDOWS\Application Data\Desperate Housewives
2009-02-20 11:28 --------- d-----w c:\program files\Buena Vista Games
2009-02-18 15:32 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-02-17 19:07 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Age of Empires 3
2009-02-15 02:00 --------- d-----w c:\program files\MSXML 4.0
2009-02-13 18:00 --------- d-----w c:\documents and settings\perso\Application Data\U3
2009-02-13 16:26 --------- d-----w c:\program files\Microsoft Games
2009-02-13 16:00 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-02-13 15:59 --------- d-----w c:\program files\Lavasoft
2009-02-10 16:12 --------- d-----w c:\program files\Yontoo Layers Client for Internet Explorer
2009-02-10 16:12 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Tarma Installer
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-07 16:18 --------- d-----w c:\program files\OrangeHSS
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-01-08 15:56 315,392 ----a-w c:\windows\HideWin.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2008-10-01 09:40 192960 --------- c:\program files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"Google Update"="c:\documents and settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-09 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m’|\ü" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848]
"SW20"="c:\windows\system32\sw20.exe" [2006-09-07 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-09-07 69632]
"WinSys2"="c:\windows\system32\winsys2.exe" [2006-10-03 217088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2006-08-11 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-12-19 195752]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{102c86b9-dd9f-11dd-a5af-001fd0108e9b}]
\Shell\AutoRun\command - F:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d664543-df14-11dd-a5b6-001fd0108e9b}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fa7283c-e0cb-11dd-a5b9-001fd0108e9b}]
\Shell\AutoRun\command - F:\autorunner.exe "www.CCE-ADECCO.com"
.
Contenu du dossier 'Tâches planifiées'
2009-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
- c:\documents and settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-09 20:09]
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:56:11
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\rundll32.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-04-02 17:00:58 - La machine a redémarré [perso]
ComboFix-quarantined-files.txt 2009-04-02 15:00:55
Avant-CF: 140,080,246,784 octets libres
Après-CF: 140,261,322,752 octets libres
153 --- E O F --- 2009-03-12 18:28:45
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1022.687 [GMT 2:00]
Lancé depuis: c:\documents and settings\perso\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\kbdfi.dll
.
---- Exécution préalable -------
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\kbdfi.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-03-02 au 2009-04-02 ))))))))))))))))))))))))))))))))))))
.
2009-04-02 16:23 . 2009-04-02 16:28 <REP> d-------- C:\Lop SD
2009-03-27 17:00 . 2009-03-27 17:00 <REP> d--hs---- C:\found.000
2009-03-27 08:10 . 2009-03-27 08:11 <REP> d-------- C:\bc24d46854bf1957f198e3c32d
2009-03-22 14:00 . 2009-03-22 14:00 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-03-22 13:59 . 2009-03-22 13:59 <REP> d-------- c:\windows\ERUNT
2009-03-19 18:52 . 2009-03-19 18:52 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-03-19 18:51 . 2009-03-27 08:05 <REP> d-------- c:\program files\SUPERAntiSpyware
2009-03-19 18:51 . 2009-03-19 18:51 <REP> d-------- c:\documents and settings\perso\Application Data\SUPERAntiSpyware.com
2009-03-18 18:33 . 2009-03-18 19:15 <REP> d-------- c:\documents and settings\perso\DoctorWeb
2009-03-15 14:34 . 2009-03-22 14:19 <REP> d-------- C:\SDFix
2009-03-15 14:29 . 2009-03-15 14:29 <REP> d-------- C:\rsit
2009-03-15 14:29 . 2009-04-02 15:50 <REP> d-------- c:\program files\trend micro
2009-03-13 13:00 . 2009-03-30 20:06 90,112 --a------ c:\windows\DUMP7303.tmp
2009-03-13 13:00 . 2009-03-31 17:41 90,112 --a------ c:\windows\DUMP464b.tmp
2009-03-13 13:00 . 2009-03-27 22:17 90,112 --a------ c:\windows\DUMP36f9.tmp
2009-03-13 13:00 . 2009-03-31 12:15 90,112 --a------ c:\windows\DUMP2a85.tmp
2009-03-13 13:00 . 2009-03-27 13:22 90,112 --a------ c:\windows\DUMP2565.tmp
2009-03-13 13:00 . 2009-03-26 19:25 90,112 --a------ c:\windows\DUMP245b.tmp
2009-03-06 17:32 . 2009-03-06 17:32 <REP> d-------- c:\documents and settings\perso\Application Data\dvdcss
2009-03-06 15:13 . 2009-03-06 17:32 <REP> d-------- c:\documents and settings\perso\Application Data\vlc
2009-03-06 14:47 . 2009-03-06 14:47 <REP> d-------- c:\program files\VideoLAN
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-30 10:41 16,608 ----a-w c:\windows\gdrv.sys
2009-03-27 06:05 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-03-17 17:28 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-27 23:28 --------- d-----w c:\program files\Google
2009-02-27 13:43 --------- d-----w c:\program files\Utherverse Digital Inc
2009-02-26 14:57 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-21 12:01 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-21 12:01 --------- d-----w c:\program files\Java
2009-02-20 12:02 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2009-02-20 12:01 --------- d-----w c:\documents and settings\perso\Application Data\Desperate Housewives
2009-02-20 12:01 --------- d-----w c:\documents and settings\P'tit cé 18\Application Data\Desperate Housewives
2009-02-20 12:01 --------- d-----w c:\documents and settings\Default User.WINDOWS\Application Data\Desperate Housewives
2009-02-20 11:28 --------- d-----w c:\program files\Buena Vista Games
2009-02-18 15:32 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-02-17 19:07 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Age of Empires 3
2009-02-15 02:00 --------- d-----w c:\program files\MSXML 4.0
2009-02-13 18:00 --------- d-----w c:\documents and settings\perso\Application Data\U3
2009-02-13 16:26 --------- d-----w c:\program files\Microsoft Games
2009-02-13 16:00 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-02-13 15:59 --------- d-----w c:\program files\Lavasoft
2009-02-10 16:12 --------- d-----w c:\program files\Yontoo Layers Client for Internet Explorer
2009-02-10 16:12 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Tarma Installer
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-07 16:18 --------- d-----w c:\program files\OrangeHSS
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-01-08 15:56 315,392 ----a-w c:\windows\HideWin.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2008-10-01 09:40 192960 --------- c:\program files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"Google Update"="c:\documents and settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-09 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m’|\ü" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848]
"SW20"="c:\windows\system32\sw20.exe" [2006-09-07 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-09-07 69632]
"WinSys2"="c:\windows\system32\winsys2.exe" [2006-10-03 217088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2006-08-11 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-12-19 195752]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{102c86b9-dd9f-11dd-a5af-001fd0108e9b}]
\Shell\AutoRun\command - F:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d664543-df14-11dd-a5b6-001fd0108e9b}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fa7283c-e0cb-11dd-a5b9-001fd0108e9b}]
\Shell\AutoRun\command - F:\autorunner.exe "www.CCE-ADECCO.com"
.
Contenu du dossier 'Tâches planifiées'
2009-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
- c:\documents and settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-09 20:09]
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:56:11
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\rundll32.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-04-02 17:00:58 - La machine a redémarré [perso]
ComboFix-quarantined-files.txt 2009-04-02 15:00:55
Avant-CF: 140,080,246,784 octets libres
Après-CF: 140,261,322,752 octets libres
153 --- E O F --- 2009-03-12 18:28:45
cedric18om
Messages postés
237
Date d'inscription
samedi 23 août 2008
Statut
Membre
Dernière intervention
5 septembre 2010
4
2 avril 2009 à 17:03
2 avril 2009 à 17:03
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:03:19, on 02/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Scan saved at 17:03:19, on 02/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
cedric18om
Messages postés
237
Date d'inscription
samedi 23 août 2008
Statut
Membre
Dernière intervention
5 septembre 2010
4
2 avril 2009 à 17:04
2 avril 2009 à 17:04
Quel est le but de la console de récupération stp ?
Merci de ton aide et de ta disponibilité !!!
Merci de ton aide et de ta disponibilité !!!