Rapport =)
Résolu
angel 44
Messages postés
100
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
J'ai fait un rapport avec Hijackthis mais je ne suis pas capable de savoir ce queça veut dire ^^'
Quelqu'un pourrait me traduire tout ça s'il vous plaît ? =)
le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:13:13, on 05/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mshta.exe
C:\Documents and Settings\utilisateur\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-21-861567501-1757981266-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-861567501-1757981266-682003330-1004\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-861567501-1757981266-682003330-1004\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-861567501-1757981266-682003330-1004 Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe (User '?')
O4 - S-1-5-21-861567501-1757981266-682003330-1004 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User '?')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keenfinder Service - Unknown owner - C:\Program Files\Keenfinder\keenfinder.exe (file missing)
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
J'ai fait un rapport avec Hijackthis mais je ne suis pas capable de savoir ce queça veut dire ^^'
Quelqu'un pourrait me traduire tout ça s'il vous plaît ? =)
le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:13:13, on 05/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mshta.exe
C:\Documents and Settings\utilisateur\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-21-861567501-1757981266-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-861567501-1757981266-682003330-1004\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-861567501-1757981266-682003330-1004\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-861567501-1757981266-682003330-1004 Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe (User '?')
O4 - S-1-5-21-861567501-1757981266-682003330-1004 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User '?')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keenfinder Service - Unknown owner - C:\Program Files\Keenfinder\keenfinder.exe (file missing)
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
98 réponses
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : GILLES ( Administrator )
BOOT : Fail-safe boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:27 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
J:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 06/07/2009|16:54 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG
Supprime! - C:\Program Files\AskTBar
Supprime! - C:\Program Files\Multi_Media_France
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(GILLES) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(GILLES) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(Gilles_2) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Gilles_2) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(pupuce) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload
(utilisateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://start.icq.com/"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"ICQ Search"="http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/07/2009|16:57 - Option : [2]
-----------\\ Fin du rapport a 16:57:12,73
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : GILLES ( Administrator )
BOOT : Fail-safe boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:27 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
J:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/07/2009|16:58 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprime! - C:\Program Files\BitTorrent Fastest Tool
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[26/05/2009|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/07/2009|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
[05/07/2009|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[04/07/2009|23:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[30/10/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[06/03/2008|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
[24/02/2008|22:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/08/2008|14:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[21/05/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ICQ
[25/02/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[25/02/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[15/08/2008|13:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[17/05/2009|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[08/08/2008|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[04/06/2008|00:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[05/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[07/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[20/02/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/11/2008|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[17/05/2009|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[06/08/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[24/02/2008|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser
[20/02/2008|14:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/05/2009|15:37] C:\DOCUME~1\GILLES\APPLIC~1\Adobe
[30/07/2008|12:15] C:\DOCUME~1\GILLES\APPLIC~1\AdobeUM
[27/02/2008|23:19] C:\DOCUME~1\GILLES\APPLIC~1\Canon
[30/08/2008|16:58] C:\DOCUME~1\GILLES\APPLIC~1\DivX
[29/06/2009|16:19] C:\DOCUME~1\GILLES\APPLIC~1\dvdcss
[08/03/2008|10:38] C:\DOCUME~1\GILLES\APPLIC~1\FaxCtr
[11/03/2008|22:21] C:\DOCUME~1\GILLES\APPLIC~1\Help
[25/06/2008|10:00] C:\DOCUME~1\GILLES\APPLIC~1\Hemera
[21/05/2009|13:52] C:\DOCUME~1\GILLES\APPLIC~1\ICQ
[24/02/2008|19:43] C:\DOCUME~1\GILLES\APPLIC~1\Identities
[26/04/2009|09:56] C:\DOCUME~1\GILLES\APPLIC~1\InstallShield
[04/08/2008|15:07] C:\DOCUME~1\GILLES\APPLIC~1\ItsLabel
[27/04/2009|21:13] C:\DOCUME~1\GILLES\APPLIC~1\LimeWire
[27/02/2008|08:44] C:\DOCUME~1\GILLES\APPLIC~1\Macromedia
[05/07/2009|19:30] C:\DOCUME~1\GILLES\APPLIC~1\Microsoft
[03/09/2008|13:16] C:\DOCUME~1\GILLES\APPLIC~1\Mozilla
[24/02/2008|23:05] C:\DOCUME~1\GILLES\APPLIC~1\MSNInstaller
[21/04/2008|09:49] C:\DOCUME~1\GILLES\APPLIC~1\Nero
[06/07/2009|16:26] C:\DOCUME~1\GILLES\APPLIC~1\OpenOffice.org2
[29/06/2009|14:54] C:\DOCUME~1\GILLES\APPLIC~1\Python-Eggs
[26/04/2009|11:21] C:\DOCUME~1\GILLES\APPLIC~1\Samsung
[27/04/2008|22:23] C:\DOCUME~1\GILLES\APPLIC~1\Serif
[18/05/2008|15:50] C:\DOCUME~1\GILLES\APPLIC~1\Sun
[05/11/2008|16:18] C:\DOCUME~1\GILLES\APPLIC~1\SystemRequirementsLab
[24/02/2008|22:05] C:\DOCUME~1\GILLES\APPLIC~1\Talkback
[02/06/2009|21:10] C:\DOCUME~1\GILLES\APPLIC~1\vlc
[21/08/2008|14:00] C:\DOCUME~1\GILLES\APPLIC~1\VTC Preferences Folder
[03/05/2009|15:31] C:\DOCUME~1\GILLES\APPLIC~1\WinRAR
[23/06/2008|16:07] C:\DOCUME~1\GILLES\APPLIC~1\XnView
[27/02/2008|21:45] C:\DOCUME~1\GILLES\APPLIC~1\ZoomBrowser EX
[29/03/2009|10:35] C:\DOCUME~1\Gilles_2\APPLIC~1\Adobe
[04/09/2008|18:43] C:\DOCUME~1\Gilles_2\APPLIC~1\Canon
[07/12/2008|17:34] C:\DOCUME~1\Gilles_2\APPLIC~1\dvdcss
[03/09/2008|14:53] C:\DOCUME~1\Gilles_2\APPLIC~1\Grisoft
[13/04/2009|10:07] C:\DOCUME~1\Gilles_2\APPLIC~1\Help
[03/09/2008|14:53] C:\DOCUME~1\Gilles_2\APPLIC~1\Identities
[03/09/2008|14:59] C:\DOCUME~1\Gilles_2\APPLIC~1\Macromedia
[05/07/2009|19:30] C:\DOCUME~1\Gilles_2\APPLIC~1\Microsoft
[03/09/2008|14:55] C:\DOCUME~1\Gilles_2\APPLIC~1\Mozilla
[07/09/2008|11:08] C:\DOCUME~1\Gilles_2\APPLIC~1\Nero
[05/07/2009|01:11] C:\DOCUME~1\Gilles_2\APPLIC~1\OpenOffice.org2
[15/10/2008|07:09] C:\DOCUME~1\Gilles_2\APPLIC~1\Samsung
[26/04/2009|12:31] C:\DOCUME~1\Gilles_2\APPLIC~1\Sun
[07/05/2009|15:48] C:\DOCUME~1\Gilles_2\APPLIC~1\VTC Preferences Folder
[04/09/2008|18:31] C:\DOCUME~1\Gilles_2\APPLIC~1\ZoomBrowser EX
[08/03/2008|10:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[05/07/2009|19:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[05/07/2009|19:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[15/04/2008|17:16] C:\DOCUME~1\pupuce\APPLIC~1\Adobe
[30/07/2008|12:52] C:\DOCUME~1\pupuce\APPLIC~1\AdobeUM
[02/06/2008|20:25] C:\DOCUME~1\pupuce\APPLIC~1\AVGTOOLBAR
[08/05/2008|16:32] C:\DOCUME~1\pupuce\APPLIC~1\Canon
[04/08/2008|13:40] C:\DOCUME~1\pupuce\APPLIC~1\EoRezo
[07/03/2008|18:00] C:\DOCUME~1\pupuce\APPLIC~1\FaxCtr
[06/08/2008|14:32] C:\DOCUME~1\pupuce\APPLIC~1\Grisoft
[04/06/2008|17:03] C:\DOCUME~1\pupuce\APPLIC~1\Help
[24/02/2008|21:47] C:\DOCUME~1\pupuce\APPLIC~1\Identities
[06/08/2008|13:28] C:\DOCUME~1\pupuce\APPLIC~1\InstallShield
[04/08/2008|20:55] C:\DOCUME~1\pupuce\APPLIC~1\ItsLabel
[23/07/2008|10:57] C:\DOCUME~1\pupuce\APPLIC~1\LimeWire
[25/02/2008|13:53] C:\DOCUME~1\pupuce\APPLIC~1\Macromedia
[03/08/2008|14:30] C:\DOCUME~1\pupuce\APPLIC~1\Megaupload
[08/05/2008|16:36] C:\DOCUME~1\pupuce\APPLIC~1\Microsoft
[06/08/2008|13:15] C:\DOCUME~1\pupuce\APPLIC~1\Mozilla
[25/02/2008|14:20] C:\DOCUME~1\pupuce\APPLIC~1\MSNInstaller
[21/04/2008|12:49] C:\DOCUME~1\pupuce\APPLIC~1\Nero
[09/08/2008|16:10] C:\DOCUME~1\pupuce\APPLIC~1\OpenOffice.org2
[09/05/2008|19:05] C:\DOCUME~1\pupuce\APPLIC~1\Samsung
[10/03/2008|18:30] C:\DOCUME~1\pupuce\APPLIC~1\Sun
[25/02/2008|13:47] C:\DOCUME~1\pupuce\APPLIC~1\Talkback
[06/08/2008|12:11] C:\DOCUME~1\UTILIS~1\APPLIC~1\Adobe
[16/06/2008|18:41] C:\DOCUME~1\UTILIS~1\APPLIC~1\Canon
[18/09/2008|14:45] C:\DOCUME~1\UTILIS~1\APPLIC~1\FaxCtr
[06/08/2008|18:11] C:\DOCUME~1\UTILIS~1\APPLIC~1\Grisoft
[20/02/2008|15:00] C:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
[28/08/2008|13:23] C:\DOCUME~1\UTILIS~1\APPLIC~1\LimeWire
[29/02/2008|11:19] C:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia
[05/07/2009|19:30] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft
[04/09/2008|14:58] C:\DOCUME~1\UTILIS~1\APPLIC~1\Mozilla
[21/04/2008|11:21] C:\DOCUME~1\UTILIS~1\APPLIC~1\Nero
[05/07/2009|15:08] C:\DOCUME~1\UTILIS~1\APPLIC~1\OpenOffice.org2
[27/04/2008|22:23] C:\DOCUME~1\UTILIS~1\APPLIC~1\Serif
[19/05/2008|09:35] C:\DOCUME~1\UTILIS~1\APPLIC~1\Sun
[29/02/2008|11:04] C:\DOCUME~1\UTILIS~1\APPLIC~1\Talkback
[08/06/2009|20:51] C:\DOCUME~1\UTILIS~1\APPLIC~1\WinRAR
[12/05/2008|12:34] C:\DOCUME~1\UTILIS~1\APPLIC~1\ZoomBrowser EX
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/07/2009 16:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[13/07/2008|22:02] C:\Program Files\3DO
[26/05/2009|17:49] C:\Program Files\Adobe
[26/11/2008|16:25] C:\Program Files\AdorageI-SAL
[25/02/2008|14:19] C:\Program Files\Alwil Software
[29/04/2009|20:36] C:\Program Files\Ask Search Assistant
[12/09/2008|19:45] C:\Program Files\AVG
[04/07/2009|23:59] C:\Program Files\Avira
[01/08/2008|08:47] C:\Program Files\Canon
[17/05/2009|07:16] C:\Program Files\CCleaner
[20/02/2008|14:53] C:\Program Files\ComPlus Applications
[31/03/2008|07:30] C:\Program Files\Corel
[14/06/2009|16:52] C:\Program Files\eMule
[04/08/2008|13:40] C:\Program Files\EoRezo
[26/11/2008|16:25] C:\Program Files\Eurobarre
[17/05/2009|11:47] C:\Program Files\Fichiers communs
[07/04/2008|20:37] C:\Program Files\Foxit Software
[10/02/2009|01:40] C:\Program Files\Google
[21/05/2009|13:52] C:\Program Files\ICQ6.5
[25/05/2009|21:07] C:\Program Files\ICQ6Toolbar
[09/03/2008|13:49] C:\Program Files\ImageServer
[01/03/2008|13:29] C:\Program Files\IncrediMail
[21/05/2009|13:38] C:\Program Files\InstallShield Installation Information
[05/07/2009|18:07] C:\Program Files\Internet Explorer
[05/07/2009|20:12] C:\Program Files\Java
[26/04/2009|09:57] C:\Program Files\KYE
[09/04/2008|18:44] C:\Program Files\LEXMAR~1
[08/03/2008|10:39] C:\Program Files\Lexmark Fax Solutions
[06/03/2008|22:14] C:\Program Files\Lexmark_6200 Series
[28/04/2009|20:20] C:\Program Files\LimeWire
[07/07/2008|21:51] C:\Program Files\Livre Album Fuji Photo
[04/07/2009|14:19] C:\Program Files\Lx_cats
[29/01/2009|20:03] C:\Program Files\Messenger
[22/04/2009|07:24] C:\Program Files\Messenger Plus! Live
[17/05/2009|11:46] C:\Program Files\MessengerPlus! 3
[30/06/2009|15:32] C:\Program Files\Micro Application
[20/02/2008|14:56] C:\Program Files\microsoft frontpage
[21/04/2008|10:06] C:\Program Files\Microsoft Office
[24/02/2008|22:39] C:\Program Files\Microsoft SQL Server Compact Edition
[08/08/2008|23:52] C:\Program Files\Microsoft Visual Studio 8
[29/09/2008|17:34] C:\Program Files\Movie Maker
[06/07/2009|16:26] C:\Program Files\Mozilla Firefox
[10/10/2008|22:08] C:\Program Files\MSBuild
[25/02/2008|14:20] C:\Program Files\MSN
[20/02/2008|14:52] C:\Program Files\MSN Gaming Zone
[07/03/2008|00:30] C:\Program Files\MSXML 4.0
[20/02/2008|18:27] C:\Program Files\MSXML 6.0
[06/07/2009|16:53] C:\Program Files\Navilog1
[02/06/2008|15:49] C:\Program Files\Nero
[29/09/2008|17:25] C:\Program Files\NetMeeting
[09/08/2008|16:17] C:\Program Files\Neuf
[07/04/2008|20:41] C:\Program Files\OpenOffice.org 2.3
[19/04/2008|12:57] C:\Program Files\OpenOffice.org 2.4
[29/09/2008|17:25] C:\Program Files\Outlook Express
[26/11/2008|16:25] C:\Program Files\PhotoDeluxe HE 3.0
[25/06/2008|11:19] C:\Program Files\PhotoFiltre Studio
[11/02/2009|18:32] C:\Program Files\Picasa2
[07/04/2008|20:42] C:\Program Files\Pinnacle
[07/03/2008|22:18] C:\Program Files\proDAD
[26/06/2009|20:35] C:\Program Files\QuickTime
[20/02/2008|17:32] C:\Program Files\Reference Assemblies
[20/02/2008|14:55] C:\Program Files\Services en ligne
[04/07/2009|20:15] C:\Program Files\Sunbelt Software
[05/11/2008|16:18] C:\Program Files\SystemRequirementsLab
[05/07/2009|19:44] C:\Program Files\trend micro
[31/03/2008|14:27] C:\Program Files\Ulead Systems
[20/02/2008|15:00] C:\Program Files\Uninstall Information
[02/06/2009|21:08] C:\Program Files\VideoLAN
[17/05/2009|11:50] C:\Program Files\Windows Live
[06/08/2008|11:46] C:\Program Files\Windows Live Safety Center
[02/09/2008|15:55] C:\Program Files\Windows Live Toolbar
[26/11/2008|16:25] C:\Program Files\Windows Media Connect 2
[29/09/2008|17:25] C:\Program Files\Windows Media Player
[29/09/2008|17:25] C:\Program Files\Windows NT
[20/02/2008|14:55] C:\Program Files\WindowsUpdate
[03/05/2009|15:31] C:\Program Files\WinRAR
[20/02/2008|14:56] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/05/2009|17:49] C:\Program Files\Fichiers communs\Adobe
[06/11/2008|20:20] C:\Program Files\Fichiers communs\Blizzard Entertainment
[24/02/2008|19:55] C:\Program Files\Fichiers communs\Canon
[02/08/2008|15:20] C:\Program Files\Fichiers communs\InstallShield
[26/08/2008|13:04] C:\Program Files\Fichiers communs\Java
[06/03/2009|22:13] C:\Program Files\Fichiers communs\Microsoft Shared
[20/02/2008|14:54] C:\Program Files\Fichiers communs\MSSoap
[04/06/2008|00:07] C:\Program Files\Fichiers communs\Nero
[20/02/2008|15:44] C:\Program Files\Fichiers communs\ODBC
[26/04/2009|10:51] C:\Program Files\Fichiers communs\PAC207
[20/02/2008|14:54] C:\Program Files\Fichiers communs\Services
[20/02/2008|15:44] C:\Program Files\Fichiers communs\SpeechEngines
[29/09/2008|17:25] C:\Program Files\Fichiers communs\System
[17/05/2009|11:47] C:\Program Files\Fichiers communs\Windows Live
[24/02/2008|22:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 14 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-06 17:00:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 643
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1][D:0]-> C:\DOCUME~1\GILLES\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\GILLES\Cookies
[F:29][D:12]-> C:\DOCUME~1\GILLES\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/07/2009|17:03 - Option : [2]
--------------------\\ Fin du rapport a 17:03:10
( Haxfix n'a pas marché )
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:22, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\skeys.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\GILLES\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner - C:\DOCUME~1\GILLES\LOCALS~1\Temp\AVSETUP_4a50d29c\basic\avupgsvc.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : GILLES ( Administrator )
BOOT : Fail-safe boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:27 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
J:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 06/07/2009|16:54 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG
Supprime! - C:\Program Files\AskTBar
Supprime! - C:\Program Files\Multi_Media_France
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(GILLES) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(GILLES) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(Gilles_2) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Gilles_2) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(pupuce) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload
(utilisateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://start.icq.com/"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"ICQ Search"="http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/07/2009|16:57 - Option : [2]
-----------\\ Fin du rapport a 16:57:12,73
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : GILLES ( Administrator )
BOOT : Fail-safe boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:27 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
J:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/07/2009|16:58 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprime! - C:\Program Files\BitTorrent Fastest Tool
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[26/05/2009|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/07/2009|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
[05/07/2009|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[04/07/2009|23:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[30/10/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[06/03/2008|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
[24/02/2008|22:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/08/2008|14:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[21/05/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ICQ
[25/02/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[25/02/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[15/08/2008|13:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[17/05/2009|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[08/08/2008|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[04/06/2008|00:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[05/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[07/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[20/02/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/11/2008|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[17/05/2009|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[06/08/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[24/02/2008|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser
[20/02/2008|14:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/05/2009|15:37] C:\DOCUME~1\GILLES\APPLIC~1\Adobe
[30/07/2008|12:15] C:\DOCUME~1\GILLES\APPLIC~1\AdobeUM
[27/02/2008|23:19] C:\DOCUME~1\GILLES\APPLIC~1\Canon
[30/08/2008|16:58] C:\DOCUME~1\GILLES\APPLIC~1\DivX
[29/06/2009|16:19] C:\DOCUME~1\GILLES\APPLIC~1\dvdcss
[08/03/2008|10:38] C:\DOCUME~1\GILLES\APPLIC~1\FaxCtr
[11/03/2008|22:21] C:\DOCUME~1\GILLES\APPLIC~1\Help
[25/06/2008|10:00] C:\DOCUME~1\GILLES\APPLIC~1\Hemera
[21/05/2009|13:52] C:\DOCUME~1\GILLES\APPLIC~1\ICQ
[24/02/2008|19:43] C:\DOCUME~1\GILLES\APPLIC~1\Identities
[26/04/2009|09:56] C:\DOCUME~1\GILLES\APPLIC~1\InstallShield
[04/08/2008|15:07] C:\DOCUME~1\GILLES\APPLIC~1\ItsLabel
[27/04/2009|21:13] C:\DOCUME~1\GILLES\APPLIC~1\LimeWire
[27/02/2008|08:44] C:\DOCUME~1\GILLES\APPLIC~1\Macromedia
[05/07/2009|19:30] C:\DOCUME~1\GILLES\APPLIC~1\Microsoft
[03/09/2008|13:16] C:\DOCUME~1\GILLES\APPLIC~1\Mozilla
[24/02/2008|23:05] C:\DOCUME~1\GILLES\APPLIC~1\MSNInstaller
[21/04/2008|09:49] C:\DOCUME~1\GILLES\APPLIC~1\Nero
[06/07/2009|16:26] C:\DOCUME~1\GILLES\APPLIC~1\OpenOffice.org2
[29/06/2009|14:54] C:\DOCUME~1\GILLES\APPLIC~1\Python-Eggs
[26/04/2009|11:21] C:\DOCUME~1\GILLES\APPLIC~1\Samsung
[27/04/2008|22:23] C:\DOCUME~1\GILLES\APPLIC~1\Serif
[18/05/2008|15:50] C:\DOCUME~1\GILLES\APPLIC~1\Sun
[05/11/2008|16:18] C:\DOCUME~1\GILLES\APPLIC~1\SystemRequirementsLab
[24/02/2008|22:05] C:\DOCUME~1\GILLES\APPLIC~1\Talkback
[02/06/2009|21:10] C:\DOCUME~1\GILLES\APPLIC~1\vlc
[21/08/2008|14:00] C:\DOCUME~1\GILLES\APPLIC~1\VTC Preferences Folder
[03/05/2009|15:31] C:\DOCUME~1\GILLES\APPLIC~1\WinRAR
[23/06/2008|16:07] C:\DOCUME~1\GILLES\APPLIC~1\XnView
[27/02/2008|21:45] C:\DOCUME~1\GILLES\APPLIC~1\ZoomBrowser EX
[29/03/2009|10:35] C:\DOCUME~1\Gilles_2\APPLIC~1\Adobe
[04/09/2008|18:43] C:\DOCUME~1\Gilles_2\APPLIC~1\Canon
[07/12/2008|17:34] C:\DOCUME~1\Gilles_2\APPLIC~1\dvdcss
[03/09/2008|14:53] C:\DOCUME~1\Gilles_2\APPLIC~1\Grisoft
[13/04/2009|10:07] C:\DOCUME~1\Gilles_2\APPLIC~1\Help
[03/09/2008|14:53] C:\DOCUME~1\Gilles_2\APPLIC~1\Identities
[03/09/2008|14:59] C:\DOCUME~1\Gilles_2\APPLIC~1\Macromedia
[05/07/2009|19:30] C:\DOCUME~1\Gilles_2\APPLIC~1\Microsoft
[03/09/2008|14:55] C:\DOCUME~1\Gilles_2\APPLIC~1\Mozilla
[07/09/2008|11:08] C:\DOCUME~1\Gilles_2\APPLIC~1\Nero
[05/07/2009|01:11] C:\DOCUME~1\Gilles_2\APPLIC~1\OpenOffice.org2
[15/10/2008|07:09] C:\DOCUME~1\Gilles_2\APPLIC~1\Samsung
[26/04/2009|12:31] C:\DOCUME~1\Gilles_2\APPLIC~1\Sun
[07/05/2009|15:48] C:\DOCUME~1\Gilles_2\APPLIC~1\VTC Preferences Folder
[04/09/2008|18:31] C:\DOCUME~1\Gilles_2\APPLIC~1\ZoomBrowser EX
[08/03/2008|10:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[05/07/2009|19:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[05/07/2009|19:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[15/04/2008|17:16] C:\DOCUME~1\pupuce\APPLIC~1\Adobe
[30/07/2008|12:52] C:\DOCUME~1\pupuce\APPLIC~1\AdobeUM
[02/06/2008|20:25] C:\DOCUME~1\pupuce\APPLIC~1\AVGTOOLBAR
[08/05/2008|16:32] C:\DOCUME~1\pupuce\APPLIC~1\Canon
[04/08/2008|13:40] C:\DOCUME~1\pupuce\APPLIC~1\EoRezo
[07/03/2008|18:00] C:\DOCUME~1\pupuce\APPLIC~1\FaxCtr
[06/08/2008|14:32] C:\DOCUME~1\pupuce\APPLIC~1\Grisoft
[04/06/2008|17:03] C:\DOCUME~1\pupuce\APPLIC~1\Help
[24/02/2008|21:47] C:\DOCUME~1\pupuce\APPLIC~1\Identities
[06/08/2008|13:28] C:\DOCUME~1\pupuce\APPLIC~1\InstallShield
[04/08/2008|20:55] C:\DOCUME~1\pupuce\APPLIC~1\ItsLabel
[23/07/2008|10:57] C:\DOCUME~1\pupuce\APPLIC~1\LimeWire
[25/02/2008|13:53] C:\DOCUME~1\pupuce\APPLIC~1\Macromedia
[03/08/2008|14:30] C:\DOCUME~1\pupuce\APPLIC~1\Megaupload
[08/05/2008|16:36] C:\DOCUME~1\pupuce\APPLIC~1\Microsoft
[06/08/2008|13:15] C:\DOCUME~1\pupuce\APPLIC~1\Mozilla
[25/02/2008|14:20] C:\DOCUME~1\pupuce\APPLIC~1\MSNInstaller
[21/04/2008|12:49] C:\DOCUME~1\pupuce\APPLIC~1\Nero
[09/08/2008|16:10] C:\DOCUME~1\pupuce\APPLIC~1\OpenOffice.org2
[09/05/2008|19:05] C:\DOCUME~1\pupuce\APPLIC~1\Samsung
[10/03/2008|18:30] C:\DOCUME~1\pupuce\APPLIC~1\Sun
[25/02/2008|13:47] C:\DOCUME~1\pupuce\APPLIC~1\Talkback
[06/08/2008|12:11] C:\DOCUME~1\UTILIS~1\APPLIC~1\Adobe
[16/06/2008|18:41] C:\DOCUME~1\UTILIS~1\APPLIC~1\Canon
[18/09/2008|14:45] C:\DOCUME~1\UTILIS~1\APPLIC~1\FaxCtr
[06/08/2008|18:11] C:\DOCUME~1\UTILIS~1\APPLIC~1\Grisoft
[20/02/2008|15:00] C:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
[28/08/2008|13:23] C:\DOCUME~1\UTILIS~1\APPLIC~1\LimeWire
[29/02/2008|11:19] C:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia
[05/07/2009|19:30] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft
[04/09/2008|14:58] C:\DOCUME~1\UTILIS~1\APPLIC~1\Mozilla
[21/04/2008|11:21] C:\DOCUME~1\UTILIS~1\APPLIC~1\Nero
[05/07/2009|15:08] C:\DOCUME~1\UTILIS~1\APPLIC~1\OpenOffice.org2
[27/04/2008|22:23] C:\DOCUME~1\UTILIS~1\APPLIC~1\Serif
[19/05/2008|09:35] C:\DOCUME~1\UTILIS~1\APPLIC~1\Sun
[29/02/2008|11:04] C:\DOCUME~1\UTILIS~1\APPLIC~1\Talkback
[08/06/2009|20:51] C:\DOCUME~1\UTILIS~1\APPLIC~1\WinRAR
[12/05/2008|12:34] C:\DOCUME~1\UTILIS~1\APPLIC~1\ZoomBrowser EX
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/07/2009 16:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[13/07/2008|22:02] C:\Program Files\3DO
[26/05/2009|17:49] C:\Program Files\Adobe
[26/11/2008|16:25] C:\Program Files\AdorageI-SAL
[25/02/2008|14:19] C:\Program Files\Alwil Software
[29/04/2009|20:36] C:\Program Files\Ask Search Assistant
[12/09/2008|19:45] C:\Program Files\AVG
[04/07/2009|23:59] C:\Program Files\Avira
[01/08/2008|08:47] C:\Program Files\Canon
[17/05/2009|07:16] C:\Program Files\CCleaner
[20/02/2008|14:53] C:\Program Files\ComPlus Applications
[31/03/2008|07:30] C:\Program Files\Corel
[14/06/2009|16:52] C:\Program Files\eMule
[04/08/2008|13:40] C:\Program Files\EoRezo
[26/11/2008|16:25] C:\Program Files\Eurobarre
[17/05/2009|11:47] C:\Program Files\Fichiers communs
[07/04/2008|20:37] C:\Program Files\Foxit Software
[10/02/2009|01:40] C:\Program Files\Google
[21/05/2009|13:52] C:\Program Files\ICQ6.5
[25/05/2009|21:07] C:\Program Files\ICQ6Toolbar
[09/03/2008|13:49] C:\Program Files\ImageServer
[01/03/2008|13:29] C:\Program Files\IncrediMail
[21/05/2009|13:38] C:\Program Files\InstallShield Installation Information
[05/07/2009|18:07] C:\Program Files\Internet Explorer
[05/07/2009|20:12] C:\Program Files\Java
[26/04/2009|09:57] C:\Program Files\KYE
[09/04/2008|18:44] C:\Program Files\LEXMAR~1
[08/03/2008|10:39] C:\Program Files\Lexmark Fax Solutions
[06/03/2008|22:14] C:\Program Files\Lexmark_6200 Series
[28/04/2009|20:20] C:\Program Files\LimeWire
[07/07/2008|21:51] C:\Program Files\Livre Album Fuji Photo
[04/07/2009|14:19] C:\Program Files\Lx_cats
[29/01/2009|20:03] C:\Program Files\Messenger
[22/04/2009|07:24] C:\Program Files\Messenger Plus! Live
[17/05/2009|11:46] C:\Program Files\MessengerPlus! 3
[30/06/2009|15:32] C:\Program Files\Micro Application
[20/02/2008|14:56] C:\Program Files\microsoft frontpage
[21/04/2008|10:06] C:\Program Files\Microsoft Office
[24/02/2008|22:39] C:\Program Files\Microsoft SQL Server Compact Edition
[08/08/2008|23:52] C:\Program Files\Microsoft Visual Studio 8
[29/09/2008|17:34] C:\Program Files\Movie Maker
[06/07/2009|16:26] C:\Program Files\Mozilla Firefox
[10/10/2008|22:08] C:\Program Files\MSBuild
[25/02/2008|14:20] C:\Program Files\MSN
[20/02/2008|14:52] C:\Program Files\MSN Gaming Zone
[07/03/2008|00:30] C:\Program Files\MSXML 4.0
[20/02/2008|18:27] C:\Program Files\MSXML 6.0
[06/07/2009|16:53] C:\Program Files\Navilog1
[02/06/2008|15:49] C:\Program Files\Nero
[29/09/2008|17:25] C:\Program Files\NetMeeting
[09/08/2008|16:17] C:\Program Files\Neuf
[07/04/2008|20:41] C:\Program Files\OpenOffice.org 2.3
[19/04/2008|12:57] C:\Program Files\OpenOffice.org 2.4
[29/09/2008|17:25] C:\Program Files\Outlook Express
[26/11/2008|16:25] C:\Program Files\PhotoDeluxe HE 3.0
[25/06/2008|11:19] C:\Program Files\PhotoFiltre Studio
[11/02/2009|18:32] C:\Program Files\Picasa2
[07/04/2008|20:42] C:\Program Files\Pinnacle
[07/03/2008|22:18] C:\Program Files\proDAD
[26/06/2009|20:35] C:\Program Files\QuickTime
[20/02/2008|17:32] C:\Program Files\Reference Assemblies
[20/02/2008|14:55] C:\Program Files\Services en ligne
[04/07/2009|20:15] C:\Program Files\Sunbelt Software
[05/11/2008|16:18] C:\Program Files\SystemRequirementsLab
[05/07/2009|19:44] C:\Program Files\trend micro
[31/03/2008|14:27] C:\Program Files\Ulead Systems
[20/02/2008|15:00] C:\Program Files\Uninstall Information
[02/06/2009|21:08] C:\Program Files\VideoLAN
[17/05/2009|11:50] C:\Program Files\Windows Live
[06/08/2008|11:46] C:\Program Files\Windows Live Safety Center
[02/09/2008|15:55] C:\Program Files\Windows Live Toolbar
[26/11/2008|16:25] C:\Program Files\Windows Media Connect 2
[29/09/2008|17:25] C:\Program Files\Windows Media Player
[29/09/2008|17:25] C:\Program Files\Windows NT
[20/02/2008|14:55] C:\Program Files\WindowsUpdate
[03/05/2009|15:31] C:\Program Files\WinRAR
[20/02/2008|14:56] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/05/2009|17:49] C:\Program Files\Fichiers communs\Adobe
[06/11/2008|20:20] C:\Program Files\Fichiers communs\Blizzard Entertainment
[24/02/2008|19:55] C:\Program Files\Fichiers communs\Canon
[02/08/2008|15:20] C:\Program Files\Fichiers communs\InstallShield
[26/08/2008|13:04] C:\Program Files\Fichiers communs\Java
[06/03/2009|22:13] C:\Program Files\Fichiers communs\Microsoft Shared
[20/02/2008|14:54] C:\Program Files\Fichiers communs\MSSoap
[04/06/2008|00:07] C:\Program Files\Fichiers communs\Nero
[20/02/2008|15:44] C:\Program Files\Fichiers communs\ODBC
[26/04/2009|10:51] C:\Program Files\Fichiers communs\PAC207
[20/02/2008|14:54] C:\Program Files\Fichiers communs\Services
[20/02/2008|15:44] C:\Program Files\Fichiers communs\SpeechEngines
[29/09/2008|17:25] C:\Program Files\Fichiers communs\System
[17/05/2009|11:47] C:\Program Files\Fichiers communs\Windows Live
[24/02/2008|22:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 14 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-06 17:00:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 643
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1][D:0]-> C:\DOCUME~1\GILLES\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\GILLES\Cookies
[F:29][D:12]-> C:\DOCUME~1\GILLES\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/07/2009|17:03 - Option : [2]
--------------------\\ Fin du rapport a 17:03:10
( Haxfix n'a pas marché )
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:22, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\skeys.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\GILLES\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner - C:\DOCUME~1\GILLES\LOCALS~1\Temp\AVSETUP_4a50d29c\basic\avupgsvc.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
Re tout le monde,
elec il y a ça a viré : ICQ Service.exe dans C:\Program Files\ICQ6Toolbar\
et puis juste quelques lignes à fixer dans Hijackthis (scan only):
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
=>puis Fix Checked
=>On peut aussi désactiver ctfmon qui sert à rien si il faut...
elec il y a ça a viré : ICQ Service.exe dans C:\Program Files\ICQ6Toolbar\
et puis juste quelques lignes à fixer dans Hijackthis (scan only):
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
=>puis Fix Checked
=>On peut aussi désactiver ctfmon qui sert à rien si il faut...
re nic00, je commence a avoir le cerveau qui bouillonne ; )
je vais regarder ça
pour angel44 : et le ccliner ?
je vais regarder ça
pour angel44 : et le ccliner ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
pour nic00 :
elle utilise la messagerie icq, ce qui lui installe icq toolbar, donc espace pollué !!!
à lire :
https://www.clubic.com/forum/t/resolu-comment-supprimer-icq-toolbar-sous-firefox/380618
pour les fix dans hijackthis, je fais des recherches mais si tu as des sujestions, vas y, lol
elle utilise la messagerie icq, ce qui lui installe icq toolbar, donc espace pollué !!!
à lire :
https://www.clubic.com/forum/t/resolu-comment-supprimer-icq-toolbar-sous-firefox/380618
pour les fix dans hijackthis, je fais des recherches mais si tu as des sujestions, vas y, lol
pour fixer les lignes que notre ami nous soumet, tu lance l'outil hijackthis, puis scanner seulement si tu as la version française de hijackthis (scan only)
puis tu coches les lignes suivantes :
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
=>puis Fix Checked
our t'aider voici le tuto : https://leblogdeclaude.blogspot.com/2007/05/comment-utiliser-hijackthis-fixer.html
puis reposte un nouveau rapport hijackthis STP
puis tu coches les lignes suivantes :
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
=>puis Fix Checked
our t'aider voici le tuto : https://leblogdeclaude.blogspot.com/2007/05/comment-utiliser-hijackthis-fixer.html
puis reposte un nouveau rapport hijackthis STP
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:00, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\skeys.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\GILLES\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner - C:\DOCUME~1\GILLES\LOCALS~1\Temp\AVSETUP_4a50d29c\basic\avupgsvc.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
Scan saved at 19:31:00, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\skeys.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\GILLES\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner - C:\DOCUME~1\GILLES\LOCALS~1\Temp\AVSETUP_4a50d29c\basic\avupgsvc.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
message pour nic00 :
ctfmon :
http://www.commentcamarche.net/contents/processus/ctfmon exe.php3
désolé, c'est trop long à t'expliquer, tu me pardonnera j'éspere , lol
ctfmon :
http://www.commentcamarche.net/contents/processus/ctfmon exe.php3
désolé, c'est trop long à t'expliquer, tu me pardonnera j'éspere , lol
Euh ouai j'ai oublié ça du coup:
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
et ça:
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
pi ça, lol:
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
et ça:
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
pi ça, lol:
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner
je n'en sais rien, si elle utilise un outil du genre reconaissance vocale, c'est cuicuit !!!!!
on le laisse pour le moment si tu es daccord
on le laisse pour le moment si tu es daccord
Oui je sais mais bon...
Ça ne me dérange pas de le laisser.
A angel, il faut fixer ça aussi:
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
et virer le fichier:
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
Ça ne me dérange pas de le laisser.
A angel, il faut fixer ça aussi:
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
et virer le fichier:
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
message pour angel44:
peux tu fixer ces lignes aussi STP ?
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
Message pour nic00 :
ceci est l'outil de la mise à jour d'antivir, faut il le fixer aussi ?
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner
je suis en train de chercher une solution pour virer ICQ TOOLBAR
peux tu fixer ces lignes aussi STP ?
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
Message pour nic00 :
ceci est l'outil de la mise à jour d'antivir, faut il le fixer aussi ?
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner
je suis en train de chercher une solution pour virer ICQ TOOLBAR
voici la solution pour virer les toolbar :
http://www.commentcamarche.net/faq/sujet 17992 desinstaller une toolbar
ouf !!!
http://www.commentcamarche.net/faq/sujet 17992 desinstaller une toolbar
ouf !!!
On va le fixer car le module de mise à jour semble effacé.
Donc angel, il faut désinstaller Antivir et le réinstaller.
Donc angel, il faut désinstaller Antivir et le réinstaller.
J'ai déjà essayer de le désinstallé mais il apparaît pas dans la liste des programmes à modifier ou à supprimer
Voici la solution pour virer les toolbar :
https://www.commentcamarche.net/list 17992 desinstaller une toolbar
on n'arrive pas à desinstaller un toolbar si facilement
https://www.commentcamarche.net/list 17992 desinstaller une toolbar
on n'arrive pas à desinstaller un toolbar si facilement
