Analyse hijackthis et scan kapersky
Val
-
chimay8 Messages postés 7947 Statut Contributeur sécurité -
chimay8 Messages postés 7947 Statut Contributeur sécurité -
Bonsoir,
Après des petits problèmes de fenetres intempestives et des premiers scans (eradication virus grâce à FixBrisvA.exe de Symantec), j'ai fait un nouveau scan en ligne Kapersky ainsi que HIJACKTHIS.
Si vous pouviez m'aider à decrypter ces rapports et me donner des conseils pour éradiquer ces virus-trojan, merci pour votre aide.
Rapport KAPERSKY :
Scan statistics
Files scanned 159915
Threat name 3
Infected objects 7
Suspicious objects 0
Duration of the scan 02:59:57
File name Threat name Threats count
C:\Documents and Settings\Camus\.housecall6.6\Quarantine\μιλω για τα παιδια μου.mp3.bac_a02392 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Documents and Settings\Vassiliki\Local Settings\Temporary Internet files\Content.IE5\T668KCJL\MOVIE1[1].0TM Infected: Trojan-Downloader.HTML.Agent.lq 1
C:\Documents and Settings\Vassiliki\Application Data\FRAG SITE\PopNurbData.exe Infected: Trojan.Win32.Swizzor.a 1
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\A0133152.exe Infected: Trojan.Win32.Swizzor.a 1
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\A0133154.exe Infected: Trojan.Win32.Swizzor.a 1
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\A0133155.exe Infected: Trojan.Win32.Swizzor.a 1
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\A0133156.exe Infected: Trojan.Win32.Swizzor.a 1
j'ai lancé également Hijackthis dont voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:46 μμ, on 27/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\palmOne\AlarmApp.exe
C:\Program Files\SAGEM\CONN-X SAGEM Fast 800\dslmon.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Microsoft Office\Office\1032\msoffice.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*https://uk.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg/startpage.jsp?sn=LXABH0501764400EA41601
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Συνδέσεις
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Alarm Manager.LNK = C:\Program Files\palmOne\AlarmApp.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\CONN-X SAGEM Fast 800\dslmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.marmiton.org/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://maps.flash.gr/inc/activex/mgaxctrl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://paris-athenes.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Après des petits problèmes de fenetres intempestives et des premiers scans (eradication virus grâce à FixBrisvA.exe de Symantec), j'ai fait un nouveau scan en ligne Kapersky ainsi que HIJACKTHIS.
Si vous pouviez m'aider à decrypter ces rapports et me donner des conseils pour éradiquer ces virus-trojan, merci pour votre aide.
Rapport KAPERSKY :
Scan statistics
Files scanned 159915
Threat name 3
Infected objects 7
Suspicious objects 0
Duration of the scan 02:59:57
File name Threat name Threats count
C:\Documents and Settings\Camus\.housecall6.6\Quarantine\μιλω για τα παιδια μου.mp3.bac_a02392 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Documents and Settings\Vassiliki\Local Settings\Temporary Internet files\Content.IE5\T668KCJL\MOVIE1[1].0TM Infected: Trojan-Downloader.HTML.Agent.lq 1
C:\Documents and Settings\Vassiliki\Application Data\FRAG SITE\PopNurbData.exe Infected: Trojan.Win32.Swizzor.a 1
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\A0133152.exe Infected: Trojan.Win32.Swizzor.a 1
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\A0133154.exe Infected: Trojan.Win32.Swizzor.a 1
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\A0133155.exe Infected: Trojan.Win32.Swizzor.a 1
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\A0133156.exe Infected: Trojan.Win32.Swizzor.a 1
j'ai lancé également Hijackthis dont voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:46 μμ, on 27/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\palmOne\AlarmApp.exe
C:\Program Files\SAGEM\CONN-X SAGEM Fast 800\dslmon.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Microsoft Office\Office\1032\msoffice.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*https://uk.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg/startpage.jsp?sn=LXABH0501764400EA41601
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Συνδέσεις
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Alarm Manager.LNK = C:\Program Files\palmOne\AlarmApp.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\CONN-X SAGEM Fast 800\dslmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.marmiton.org/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://maps.flash.gr/inc/activex/mgaxctrl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://paris-athenes.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
A voir également:
- Analyse hijackthis et scan kapersky
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Scan qr code pc - Guide
- Analyse et réparation disque dur externe - Guide
- Sfc scan - Guide
- Analyse composant pc - Guide
4 réponses
salut,
ton norton,tu l'as acheté?
vérifie si tu n'as pas messenger plus!3 d'installer,si c'est le cas tu désinstalles et tu le réinstalles sans les sponsors
ensuite pour vérifier
Télécharge LOP S&D de Eric71.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clique dessus pour lancer l'installation.
Double-clique sur le raccourci Lop S&D présent sur ton bureau.
Séléctionne la langue souhaitée, puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan.
Poste le rapport généré ( Il se trouve ici: C:\lopR.txt )
Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , choisis l' onglet Fichier , puis clique sur Nouvelle tâche; tape alors explorer.exe et valide.
ton norton,tu l'as acheté?
vérifie si tu n'as pas messenger plus!3 d'installer,si c'est le cas tu désinstalles et tu le réinstalles sans les sponsors
ensuite pour vérifier
Télécharge LOP S&D de Eric71.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clique dessus pour lancer l'installation.
Double-clique sur le raccourci Lop S&D présent sur ton bureau.
Séléctionne la langue souhaitée, puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan.
Poste le rapport généré ( Il se trouve ici: C:\lopR.txt )
Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , choisis l' onglet Fichier , puis clique sur Nouvelle tâche; tape alors explorer.exe et valide.
Bonsoir, et merci pour votre aide !
Pour le messenger plus (avec le sponsor) j'avais déjà désinstallé. J'ai également desinstallé tous les windows live writer et autres.
J'avais acheté Norton mais il est arrivé à échéance. Je pense sérieusement à soit acheter la nouvelle version, soit installer le logiciel gratuit qu'on m'a conseillé la version gratuite d'AVG 8.0.0.3, qu'en penses-tu ? Par contre, quels sont les autres logiciels à installer (parefeux et autres) ?
Voici le rapport LopR :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL
-50 )
BIOS : Ver 1.00PARTTBL
USER : Camus ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:12 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:50 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT32 - Total:3863 Mo (Free:1 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( ’¨ 28/04/2009|18:44 )
--------------------\\ Listing des dossiers dans APPLIC~1
[30/05/2006|02:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[0|€¨®ε] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte
[6|‰«αΆ¦¦ ] C:\DOCUME~1\DEFAUL~1\APPLIC~1\› β© £ byte
[25/05/2008|10:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[19/01/2007|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
[09/09/2007|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[18/05/2008|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
Updater
[26/09/2008|08:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>
InstallShield
[30/05/2006|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[16/09/2007|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NtiDvdCopy
[10/02/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[29/07/2007|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[29/04/2007|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[12/04/2007|04:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows
Genuine Advantage
[06/03/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[0|€¨®ε] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte
[15|‰«αΆ¦¦ ] C:\DOCUME~1\ALLUSE~1\APPLIC~1\› β© £ byte
[30/05/2006|01:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[0|€¨®ε] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte
[3|‰«αΆ¦¦ ] C:\DOCUME~1\NETWOR~1\APPLIC~1\› β© £ byte
[30/05/2006|01:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[0|€¨®ε] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte
[3|‰«αΆ¦¦ ] C:\DOCUME~1\LOCALS~1\APPLIC~1\› β© £ byte
[21/01/2007|06:05] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Adobe
[01/02/2007|08:20] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> AdobeUM
[01/02/2007|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Arcsoft
[30/05/2006|02:21] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> ATI
[24/12/2006|05:15] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> CyberLink
[15/02/2009|11:06] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> GARMIN
[29/07/2007|12:16] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Google
[29/12/2007|04:41] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> gtk-2.0
[16/02/2007|05:31] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Identities
[26/09/2008|08:53] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Jasc Software
Inc
[20/06/2007|04:30] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> LimeWire
[24/12/2006|02:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Macromedia
[02/04/2007|12:37] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Media Player
Classic
[30/05/2006|01:59] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft
[01/02/2007|08:58] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft
Web Folders
[01/02/2008|08:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Mozilla
[08/03/2009|12:48] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR>
MyPhoneExplorer
[19/01/2007|09:35] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR>
OpenOffice.org2
[10/07/2007|09:56] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Radios Media
Player
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sony Ericsson
[30/07/2007|10:34] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sun
[08/03/2008|04:44] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Symantec
[08/05/2008|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> TaoUSign
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Teleca
[15/03/2008|12:18] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Todae
[09/12/2008|07:04] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> U3
[30/01/2009|07:33] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> uTorrent
[0|€¨®ε] C:\DOCUME~1\CAMUS\APPLIC~1\byte
[30|‰«αΆ¦¦ ] C:\DOCUME~1\CAMUS\APPLIC~1\› β© £ byte
[30/12/2006|08:19] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> ATI
[30/12/2006|08:17] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> CyberLink
[10/09/2007|01:54] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Google
[16/02/2007|01:24] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Identities
[29/09/2008|04:58] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Jasc
Software Inc
[28/10/2007|11:32] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> LimeWire
[05/07/2007|06:27] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR>
Macromedia
[03/04/2007|10:46] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Media
Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Microsoft
[09/02/2008|10:06] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Mozilla
[11/07/2007|09:12] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Radios
Media Player
[02/11/2007|12:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Sun
[27/03/2008|09:22] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Symantec
[0|€¨®ε] C:\DOCUME~1\VALENT~1\APPLIC~1\byte
[17|‰«αΆ¦¦ ] C:\DOCUME~1\VALENT~1\APPLIC~1\› β© £ byte
[17/02/2007|07:35] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Adobe
[21/08/2007|12:29] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ArcSoft
[30/05/2006|02:21] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ATI
[29/12/2006|08:20] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> CyberLink
[08/04/2009|08:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> FRAG SITE
[14/09/2007|10:27] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Google
[01/01/2008|04:41] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> gtk-2.0
[30/05/2006|02:11] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Identities
[29/09/2008|06:18] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Jasc
Software Inc
[19/08/2007|01:31] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Macromedia
[06/04/2007|01:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Media
Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Microsoft
[14/02/2008|07:04] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Mozilla
[21/01/2007|01:50] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR>
OpenOffice.org2
[11/07/2007|10:57] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Radios
Media Player
[04/09/2008|02:14] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Sun
[08/03/2008|05:16] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Symantec
[0|€¨®ε] C:\DOCUME~1\VASSIL~1\APPLIC~1\byte
[19|‰«αΆ¦¦ ] C:\DOCUME~1\VASSIL~1\APPLIC~1\› β© £ byte
[02/09/2008|07:51] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> ATI
[02/11/2007|08:32] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Google
[30/05/2006|02:11] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Identities
[30/07/2007|10:47] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Microsoft
[16/04/2008|10:07] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Mozilla
[16/04/2008|10:08] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Symantec
[0|€¨®ε] C:\DOCUME~1\GUEST\APPLIC~1\byte
[10|‰«αΆ¦¦ ] C:\DOCUME~1\GUEST\APPLIC~1\› β© £ byte
[30/05/2006|02:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR>
Macromedia
[30/05/2006|01:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[0|€¨®ε] C:\DOCUME~1\ADMINI~1\APPLIC~1\byte
[6|‰«αΆ¦¦ ] C:\DOCUME~1\ADMINI~1\APPLIC~1\› β© £ byte
--------------------\\ Tβches planifiιes dans C:\WINDOWS\tasks
[28/04/2009 06:18 ££][--a------] C:\WINDOWS\tasks\Google Software
Updater.job
[13/04/2009 08:00 ££][--a------] C:\WINDOWS\tasks\Norton Internet Security
- Run Full System Scan - Vassiliki.job
[28/04/2009 06:22 ££][--ah-----]
C:\WINDOWS\tasks\User_Feed_Synchronization-{5F6CE4A9-23BD-4C5C-A9DE-
988F22BE9C2B}.job
[28/04/2009 06:17 ££][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2004 08:00 ££][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/05/2006|02:30] C:\Program Files\<DIR> Acer
[30/05/2006|02:27] C:\Program Files\<DIR> Acer Inc
[30/05/2006|02:27] C:\Program Files\<DIR> Adobe
[26/09/2008|08:50] C:\Program Files\<DIR> Animation Shop
[10/02/2007|08:01] C:\Program Files\<DIR> ArcSoft
[30/05/2006|02:12] C:\Program Files\<DIR> ATI Technologies
[10/02/2007|07:47] C:\Program Files\<DIR> Canon
[26/04/2009|03:26] C:\Program Files\<DIR> CCleaner
[30/05/2006|01:59] C:\Program Files\<DIR> Common Files
[30/05/2006|02:04] C:\Program Files\<DIR> ComPlus Applications
[30/05/2006|02:24] C:\Program Files\<DIR> CONEXANT
[30/05/2006|02:30] C:\Program Files\<DIR> CyberLink
[30/05/2006|10:44] C:\Program Files\<DIR> DIFX
[10/02/2007|08:02] C:\Program Files\<DIR> directx
[10/02/2007|01:34] C:\Program Files\<DIR> FileZilla
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin GPS Plugin
[09/09/2007|02:32] C:\Program Files\<DIR> Google
[30/05/2006|02:12] C:\Program Files\<DIR> InstallShield Installation
Information
[30/05/2006|02:05] C:\Program Files\<DIR> Internet Explorer
[26/09/2008|08:53] C:\Program Files\<DIR> Jasc Software Inc
[20/06/2007|04:26] C:\Program Files\<DIR> Java
[02/04/2007|12:36] C:\Program Files\<DIR> K-Lite Codec Pack
[24/12/2006|03:40] C:\Program Files\<DIR> Launch Manager
[19/01/2007|09:33] C:\Program Files\<DIR> licenses
[20/06/2007|04:24] C:\Program Files\<DIR> LimeWire
[30/05/2006|02:04] C:\Program Files\<DIR> Messenger
[23/08/2007|07:45] C:\Program Files\<DIR> Messenger Plus! Live
[29/07/2007|02:46] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[30/05/2006|02:06] C:\Program Files\<DIR> microsoft frontpage
[01/02/2007|08:58] C:\Program Files\<DIR> Microsoft Office
[06/03/2008|10:01] C:\Program Files\<DIR> Microsoft SQL Server Compact
Edition
[30/05/2006|02:05] C:\Program Files\<DIR> Movie Maker
[01/02/2008|08:51] C:\Program Files\<DIR> Mozilla Firefox
[13/04/2009|09:46] C:\Program Files\<DIR> MSBuild
[30/05/2006|02:04] C:\Program Files\<DIR> MSN Gaming Zone
[06/05/2007|03:56] C:\Program Files\<DIR> MSXML 4.0
[08/03/2009|12:47] C:\Program Files\<DIR> MyPhoneExplorer
[30/05/2006|02:05] C:\Program Files\<DIR> NetMeeting
[30/05/2006|02:36] C:\Program Files\<DIR> NewTech Infosystems
[29/07/2007|12:50] C:\Program Files\<DIR> Norton Internet Security
[30/05/2006|02:05] C:\Program Files\<DIR> Online Services
[19/01/2007|09:33] C:\Program Files\<DIR> OpenOffice.org 2.1
[30/05/2006|02:05] C:\Program Files\<DIR> Outlook Express
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Photo Album 5
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Pro 9
[01/02/2007|09:07] C:\Program Files\<DIR> palmOne
[16/04/2009|02:50] C:\Program Files\<DIR> PDFCreator
[10/02/2007|07:57] C:\Program Files\<DIR> QuickTime
[01/02/2008|09:37] C:\Program Files\<DIR> QuickZip4
[19/01/2007|09:33] C:\Program Files\<DIR> readmes
[30/05/2006|02:21] C:\Program Files\<DIR> Realtek
[13/04/2009|09:45] C:\Program Files\<DIR> Reference Assemblies
[03/07/2007|09:25] C:\Program Files\<DIR> SAGEM
[29/07/2007|12:48] C:\Program Files\<DIR> Symantec
[24/12/2006|03:39] C:\Program Files\<DIR> Synaptics
[26/04/2009|05:10] C:\Program Files\<DIR> Trend Micro
[30/05/2006|02:11] C:\Program Files\<DIR> Uninstall Information
[23/08/2007|07:45] C:\Program Files\<DIR> Windows Live
[14/07/2007|11:43] C:\Program Files\<DIR> Windows Media Connect 2
[30/05/2006|02:04] C:\Program Files\<DIR> Windows Media Player
[30/05/2006|02:03] C:\Program Files\<DIR> Windows NT
[08/03/2008|04:42] C:\Program Files\<DIR> Windows Sidebar
[30/05/2006|02:05] C:\Program Files\<DIR> WindowsUpdate
[16/01/2009|05:08] C:\Program Files\<DIR> WinRAR
[30/05/2006|02:06] C:\Program Files\<DIR> xerox
[24/12/2006|03:50] C:\Program Files\<DIR> Yahoo!
[0|€¨®ε] C:\Program Files\byte
[69|‰«αΆ¦¦ ] C:\Program Files\› β© £ byte
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[25/05/2008|10:00] C:\Program Files\Common Files\<DIR> Adobe
[30/05/2006|02:16] C:\Program Files\Common Files\<DIR> ATI Technologies
[01/02/2007|09:01] C:\Program Files\Common Files\<DIR> Designer
[30/05/2006|02:12] C:\Program Files\Common Files\<DIR> InstallShield
[26/09/2008|08:54] C:\Program Files\Common Files\<DIR> Jasc Software
Inc
[20/06/2007|04:25] C:\Program Files\Common Files\<DIR> Java
[30/05/2006|02:37] C:\Program Files\Common Files\<DIR> LightScribe
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> Microsoft Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> MSSoap
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> muvee
Technologies
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> NewTech
Infosystems
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> ODBC
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> Services
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> SpeechEngines
[26/12/2006|10:33] C:\Program Files\Common Files\<DIR> Symantec Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> System
[06/03/2008|09:50] C:\Program Files\Common Files\<DIR>
WindowsLiveInstaller
[0|€¨®ε] C:\Program Files\Common Files\byte
[19|‰«αΆ¦¦ ] C:\Program Files\Common Files\› β© £ byte
--------------------\\ Process
( 56 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-04-28 18:47:50
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvιe !
[F:1468][D:8]-> C:\DOCUME~1\Camus\LOCALS~1\Temp
[F:7][D:0]-> C:\DOCUME~1\Camus\Cookies
[F:85][D:5]-> C:\DOCUME~1\Camus\LOCALS~1\TEMPOR~1\content.IE5
[F:17][D:3]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - £ 23/04/2009| 0:03 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - £ 23/04/2009|20:11 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - ‘™ 25/04/2009|15:59 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - ‰¬¨ 26/04/2009|15:34 - Option : [2]
5 - "C:\Lop SD\LopR_5.txt" - ’¨ 28/04/2009|18:48 - Option : [1]
--------------------\\ Fin du rapport a 18:48:59
Pour le messenger plus (avec le sponsor) j'avais déjà désinstallé. J'ai également desinstallé tous les windows live writer et autres.
J'avais acheté Norton mais il est arrivé à échéance. Je pense sérieusement à soit acheter la nouvelle version, soit installer le logiciel gratuit qu'on m'a conseillé la version gratuite d'AVG 8.0.0.3, qu'en penses-tu ? Par contre, quels sont les autres logiciels à installer (parefeux et autres) ?
Voici le rapport LopR :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL
-50 )
BIOS : Ver 1.00PARTTBL
USER : Camus ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:12 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:50 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT32 - Total:3863 Mo (Free:1 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( ’¨ 28/04/2009|18:44 )
--------------------\\ Listing des dossiers dans APPLIC~1
[30/05/2006|02:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[0|€¨®ε] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte
[6|‰«αΆ¦¦ ] C:\DOCUME~1\DEFAUL~1\APPLIC~1\› β© £ byte
[25/05/2008|10:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[19/01/2007|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
[09/09/2007|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[18/05/2008|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
Updater
[26/09/2008|08:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>
InstallShield
[30/05/2006|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[16/09/2007|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NtiDvdCopy
[10/02/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[29/07/2007|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[29/04/2007|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[12/04/2007|04:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows
Genuine Advantage
[06/03/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[0|€¨®ε] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte
[15|‰«αΆ¦¦ ] C:\DOCUME~1\ALLUSE~1\APPLIC~1\› β© £ byte
[30/05/2006|01:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[0|€¨®ε] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte
[3|‰«αΆ¦¦ ] C:\DOCUME~1\NETWOR~1\APPLIC~1\› β© £ byte
[30/05/2006|01:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[0|€¨®ε] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte
[3|‰«αΆ¦¦ ] C:\DOCUME~1\LOCALS~1\APPLIC~1\› β© £ byte
[21/01/2007|06:05] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Adobe
[01/02/2007|08:20] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> AdobeUM
[01/02/2007|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Arcsoft
[30/05/2006|02:21] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> ATI
[24/12/2006|05:15] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> CyberLink
[15/02/2009|11:06] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> GARMIN
[29/07/2007|12:16] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Google
[29/12/2007|04:41] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> gtk-2.0
[16/02/2007|05:31] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Identities
[26/09/2008|08:53] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Jasc Software
Inc
[20/06/2007|04:30] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> LimeWire
[24/12/2006|02:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Macromedia
[02/04/2007|12:37] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Media Player
Classic
[30/05/2006|01:59] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft
[01/02/2007|08:58] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft
Web Folders
[01/02/2008|08:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Mozilla
[08/03/2009|12:48] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR>
MyPhoneExplorer
[19/01/2007|09:35] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR>
OpenOffice.org2
[10/07/2007|09:56] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Radios Media
Player
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sony Ericsson
[30/07/2007|10:34] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sun
[08/03/2008|04:44] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Symantec
[08/05/2008|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> TaoUSign
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Teleca
[15/03/2008|12:18] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Todae
[09/12/2008|07:04] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> U3
[30/01/2009|07:33] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> uTorrent
[0|€¨®ε] C:\DOCUME~1\CAMUS\APPLIC~1\byte
[30|‰«αΆ¦¦ ] C:\DOCUME~1\CAMUS\APPLIC~1\› β© £ byte
[30/12/2006|08:19] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> ATI
[30/12/2006|08:17] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> CyberLink
[10/09/2007|01:54] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Google
[16/02/2007|01:24] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Identities
[29/09/2008|04:58] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Jasc
Software Inc
[28/10/2007|11:32] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> LimeWire
[05/07/2007|06:27] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR>
Macromedia
[03/04/2007|10:46] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Media
Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Microsoft
[09/02/2008|10:06] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Mozilla
[11/07/2007|09:12] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Radios
Media Player
[02/11/2007|12:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Sun
[27/03/2008|09:22] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Symantec
[0|€¨®ε] C:\DOCUME~1\VALENT~1\APPLIC~1\byte
[17|‰«αΆ¦¦ ] C:\DOCUME~1\VALENT~1\APPLIC~1\› β© £ byte
[17/02/2007|07:35] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Adobe
[21/08/2007|12:29] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ArcSoft
[30/05/2006|02:21] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ATI
[29/12/2006|08:20] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> CyberLink
[08/04/2009|08:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> FRAG SITE
[14/09/2007|10:27] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Google
[01/01/2008|04:41] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> gtk-2.0
[30/05/2006|02:11] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Identities
[29/09/2008|06:18] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Jasc
Software Inc
[19/08/2007|01:31] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Macromedia
[06/04/2007|01:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Media
Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Microsoft
[14/02/2008|07:04] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Mozilla
[21/01/2007|01:50] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR>
OpenOffice.org2
[11/07/2007|10:57] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Radios
Media Player
[04/09/2008|02:14] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Sun
[08/03/2008|05:16] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Symantec
[0|€¨®ε] C:\DOCUME~1\VASSIL~1\APPLIC~1\byte
[19|‰«αΆ¦¦ ] C:\DOCUME~1\VASSIL~1\APPLIC~1\› β© £ byte
[02/09/2008|07:51] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> ATI
[02/11/2007|08:32] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Google
[30/05/2006|02:11] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Identities
[30/07/2007|10:47] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Microsoft
[16/04/2008|10:07] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Mozilla
[16/04/2008|10:08] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Symantec
[0|€¨®ε] C:\DOCUME~1\GUEST\APPLIC~1\byte
[10|‰«αΆ¦¦ ] C:\DOCUME~1\GUEST\APPLIC~1\› β© £ byte
[30/05/2006|02:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR>
Macromedia
[30/05/2006|01:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[0|€¨®ε] C:\DOCUME~1\ADMINI~1\APPLIC~1\byte
[6|‰«αΆ¦¦ ] C:\DOCUME~1\ADMINI~1\APPLIC~1\› β© £ byte
--------------------\\ Tβches planifiιes dans C:\WINDOWS\tasks
[28/04/2009 06:18 ££][--a------] C:\WINDOWS\tasks\Google Software
Updater.job
[13/04/2009 08:00 ££][--a------] C:\WINDOWS\tasks\Norton Internet Security
- Run Full System Scan - Vassiliki.job
[28/04/2009 06:22 ££][--ah-----]
C:\WINDOWS\tasks\User_Feed_Synchronization-{5F6CE4A9-23BD-4C5C-A9DE-
988F22BE9C2B}.job
[28/04/2009 06:17 ££][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2004 08:00 ££][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/05/2006|02:30] C:\Program Files\<DIR> Acer
[30/05/2006|02:27] C:\Program Files\<DIR> Acer Inc
[30/05/2006|02:27] C:\Program Files\<DIR> Adobe
[26/09/2008|08:50] C:\Program Files\<DIR> Animation Shop
[10/02/2007|08:01] C:\Program Files\<DIR> ArcSoft
[30/05/2006|02:12] C:\Program Files\<DIR> ATI Technologies
[10/02/2007|07:47] C:\Program Files\<DIR> Canon
[26/04/2009|03:26] C:\Program Files\<DIR> CCleaner
[30/05/2006|01:59] C:\Program Files\<DIR> Common Files
[30/05/2006|02:04] C:\Program Files\<DIR> ComPlus Applications
[30/05/2006|02:24] C:\Program Files\<DIR> CONEXANT
[30/05/2006|02:30] C:\Program Files\<DIR> CyberLink
[30/05/2006|10:44] C:\Program Files\<DIR> DIFX
[10/02/2007|08:02] C:\Program Files\<DIR> directx
[10/02/2007|01:34] C:\Program Files\<DIR> FileZilla
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin GPS Plugin
[09/09/2007|02:32] C:\Program Files\<DIR> Google
[30/05/2006|02:12] C:\Program Files\<DIR> InstallShield Installation
Information
[30/05/2006|02:05] C:\Program Files\<DIR> Internet Explorer
[26/09/2008|08:53] C:\Program Files\<DIR> Jasc Software Inc
[20/06/2007|04:26] C:\Program Files\<DIR> Java
[02/04/2007|12:36] C:\Program Files\<DIR> K-Lite Codec Pack
[24/12/2006|03:40] C:\Program Files\<DIR> Launch Manager
[19/01/2007|09:33] C:\Program Files\<DIR> licenses
[20/06/2007|04:24] C:\Program Files\<DIR> LimeWire
[30/05/2006|02:04] C:\Program Files\<DIR> Messenger
[23/08/2007|07:45] C:\Program Files\<DIR> Messenger Plus! Live
[29/07/2007|02:46] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[30/05/2006|02:06] C:\Program Files\<DIR> microsoft frontpage
[01/02/2007|08:58] C:\Program Files\<DIR> Microsoft Office
[06/03/2008|10:01] C:\Program Files\<DIR> Microsoft SQL Server Compact
Edition
[30/05/2006|02:05] C:\Program Files\<DIR> Movie Maker
[01/02/2008|08:51] C:\Program Files\<DIR> Mozilla Firefox
[13/04/2009|09:46] C:\Program Files\<DIR> MSBuild
[30/05/2006|02:04] C:\Program Files\<DIR> MSN Gaming Zone
[06/05/2007|03:56] C:\Program Files\<DIR> MSXML 4.0
[08/03/2009|12:47] C:\Program Files\<DIR> MyPhoneExplorer
[30/05/2006|02:05] C:\Program Files\<DIR> NetMeeting
[30/05/2006|02:36] C:\Program Files\<DIR> NewTech Infosystems
[29/07/2007|12:50] C:\Program Files\<DIR> Norton Internet Security
[30/05/2006|02:05] C:\Program Files\<DIR> Online Services
[19/01/2007|09:33] C:\Program Files\<DIR> OpenOffice.org 2.1
[30/05/2006|02:05] C:\Program Files\<DIR> Outlook Express
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Photo Album 5
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Pro 9
[01/02/2007|09:07] C:\Program Files\<DIR> palmOne
[16/04/2009|02:50] C:\Program Files\<DIR> PDFCreator
[10/02/2007|07:57] C:\Program Files\<DIR> QuickTime
[01/02/2008|09:37] C:\Program Files\<DIR> QuickZip4
[19/01/2007|09:33] C:\Program Files\<DIR> readmes
[30/05/2006|02:21] C:\Program Files\<DIR> Realtek
[13/04/2009|09:45] C:\Program Files\<DIR> Reference Assemblies
[03/07/2007|09:25] C:\Program Files\<DIR> SAGEM
[29/07/2007|12:48] C:\Program Files\<DIR> Symantec
[24/12/2006|03:39] C:\Program Files\<DIR> Synaptics
[26/04/2009|05:10] C:\Program Files\<DIR> Trend Micro
[30/05/2006|02:11] C:\Program Files\<DIR> Uninstall Information
[23/08/2007|07:45] C:\Program Files\<DIR> Windows Live
[14/07/2007|11:43] C:\Program Files\<DIR> Windows Media Connect 2
[30/05/2006|02:04] C:\Program Files\<DIR> Windows Media Player
[30/05/2006|02:03] C:\Program Files\<DIR> Windows NT
[08/03/2008|04:42] C:\Program Files\<DIR> Windows Sidebar
[30/05/2006|02:05] C:\Program Files\<DIR> WindowsUpdate
[16/01/2009|05:08] C:\Program Files\<DIR> WinRAR
[30/05/2006|02:06] C:\Program Files\<DIR> xerox
[24/12/2006|03:50] C:\Program Files\<DIR> Yahoo!
[0|€¨®ε] C:\Program Files\byte
[69|‰«αΆ¦¦ ] C:\Program Files\› β© £ byte
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[25/05/2008|10:00] C:\Program Files\Common Files\<DIR> Adobe
[30/05/2006|02:16] C:\Program Files\Common Files\<DIR> ATI Technologies
[01/02/2007|09:01] C:\Program Files\Common Files\<DIR> Designer
[30/05/2006|02:12] C:\Program Files\Common Files\<DIR> InstallShield
[26/09/2008|08:54] C:\Program Files\Common Files\<DIR> Jasc Software
Inc
[20/06/2007|04:25] C:\Program Files\Common Files\<DIR> Java
[30/05/2006|02:37] C:\Program Files\Common Files\<DIR> LightScribe
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> Microsoft Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> MSSoap
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> muvee
Technologies
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> NewTech
Infosystems
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> ODBC
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> Services
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> SpeechEngines
[26/12/2006|10:33] C:\Program Files\Common Files\<DIR> Symantec Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> System
[06/03/2008|09:50] C:\Program Files\Common Files\<DIR>
WindowsLiveInstaller
[0|€¨®ε] C:\Program Files\Common Files\byte
[19|‰«αΆ¦¦ ] C:\Program Files\Common Files\› β© £ byte
--------------------\\ Process
( 56 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-04-28 18:47:50
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvιe !
[F:1468][D:8]-> C:\DOCUME~1\Camus\LOCALS~1\Temp
[F:7][D:0]-> C:\DOCUME~1\Camus\Cookies
[F:85][D:5]-> C:\DOCUME~1\Camus\LOCALS~1\TEMPOR~1\content.IE5
[F:17][D:3]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - £ 23/04/2009| 0:03 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - £ 23/04/2009|20:11 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - ‘™ 25/04/2009|15:59 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - ‰¬¨ 26/04/2009|15:34 - Option : [2]
5 - "C:\Lop SD\LopR_5.txt" - ’¨ 28/04/2009|18:48 - Option : [1]
--------------------\\ Fin du rapport a 18:48:59
ouais,avg fonctionne très bien,mais je lui préfère antivir
Graph : http://winnow.oitc.com/AntiVirusPerformance.html
Stats : http://winnow.oitc.com/avmalwarestats.php
il est gratuit et en français
pour installer Antivir en français
le tuto
tu peux utiliser le tool de norton pour l'enlever
Rends toi sur ce lien : Norton removal tool
Clique sur "Download" en fin de page.
Enregistre le fichier sur ton bureau, puis double-clique dessus et suis les instructions.
Il te sera normalement demandé de redémarrer ton PC, redémarre.
pour lop,pas de problème,il n'a rien détecté(kaspersky à fais son travail)
Graph : http://winnow.oitc.com/AntiVirusPerformance.html
Stats : http://winnow.oitc.com/avmalwarestats.php
il est gratuit et en français
pour installer Antivir en français
le tuto
tu peux utiliser le tool de norton pour l'enlever
Rends toi sur ce lien : Norton removal tool
Clique sur "Download" en fin de page.
Enregistre le fichier sur ton bureau, puis double-clique dessus et suis les instructions.
Il te sera normalement demandé de redémarrer ton PC, redémarre.
pour lop,pas de problème,il n'a rien détecté(kaspersky à fais son travail)
je vais donc supprimer totalement Norton et installer l'antivirus.
A part l'antivirus, j'ai le pare feux de Windows, est-ce suffisant ou est-il mieux d'installer un autre pare feux de type zone alarm ? Y-a-t'il d'autres logiciels utiles pour la protection du pc ?
Merci encore pour ton aide précieuse !
Bonne soirée
A part l'antivirus, j'ai le pare feux de Windows, est-ce suffisant ou est-il mieux d'installer un autre pare feux de type zone alarm ? Y-a-t'il d'autres logiciels utiles pour la protection du pc ?
Merci encore pour ton aide précieuse !
Bonne soirée
oui,
le parefeu de xp est le pire de tous
il y a sur le lien tous les tutos des firewall qui sont bon(comodo est pas mal,mais en anglais)dont ZA
a toi de faire ton choix
http://www.malekal.com/menu_tutorials_logiciels.php
pour l'antispyware je te conseille celui-ci(gratuit!)
https://www.malekal.com/?s=SUPERAntiSpyware
le parefeu de xp est le pire de tous
il y a sur le lien tous les tutos des firewall qui sont bon(comodo est pas mal,mais en anglais)dont ZA
a toi de faire ton choix
http://www.malekal.com/menu_tutorials_logiciels.php
pour l'antispyware je te conseille celui-ci(gratuit!)
https://www.malekal.com/?s=SUPERAntiSpyware
