Total security
snoupy59
Messages postés
51
Statut
Membre
-
snoupy59 Messages postés 51 Statut Membre -
snoupy59 Messages postés 51 Statut Membre -
Bonjour,
voila depuis se matin j'ai un programme nommé total sécurity qui se manifeste comme un anti virus or je n'ai rien installée conne anti virus car j'ai avast cela est pénible car impossible de travailler total sécurity s'ouvre toute les 5 minutes j'ai essayé de le supprimer avec certain programme mentionner j'ai reboosté mon ordi rien a faire il y est toujours
voila depuis se matin j'ai un programme nommé total sécurity qui se manifeste comme un anti virus or je n'ai rien installée conne anti virus car j'ai avast cela est pénible car impossible de travailler total sécurity s'ouvre toute les 5 minutes j'ai essayé de le supprimer avec certain programme mentionner j'ai reboosté mon ordi rien a faire il y est toujours
A voir également:
- Total security
- Microsoft security essentials - Télécharger - Antivirus & Antimalwares
- Total uninstall - Télécharger - Divers Utilitaires
- Total video converter - Télécharger - Conversion & Codecs
- 360 total security - Télécharger - Antivirus & Antimalwares
- Désinstaller 360 total security ✓ - Forum Antivirus
2 réponses
j'ai oublier voici un rapport hijackthis si sa peu vous aider
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:37:15, on 20/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Documents and Settings\Christine\Mes documents\UPS Widget\UPS_Widget.exe
C:\WINDOWS\FixCamera.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\vsnp2uvc.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\tsnp2uvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\services.exe
C:\windows\Temp\_ex-68.exe
C:\Documents and Settings\All Users\Application Data\16544534\16544534.exe
C:\windows\system32\ctfmon.exe
C:\Windows\LSD\LClock\lclock.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\documents and settings\christine\local settings\application data\lafdi.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\sistray.exe
C:\Documents and Settings\Christine\Application Data\Microsoft\Notification de cadeaux
MSN\lsnfier.exe
F:\disk f de travaille cellier\program\soffice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\system32\hpoipm07.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\ImNotfy.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Documents and Settings\Christine\Bureau\ANTI VIRUS\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.shareware.pro/?lang=fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://melanthios-ana.com/zcvisitor/1624d318-3614-11eb-87b9-12a1ab6c324d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=47f83760-f118-11ea-9bc8-0ac2bbf4ada7
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program
Files\RapidSolution\AudialsOne\Tunebite\plugins\IE\TB_WebRipIePlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program
Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -
C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} -
C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program
Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program
Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program
Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers
communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [UPS Widget] "C:\Documents and Settings\Christine\Mes documents\UPS
Widget\UPS_Widget.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\WINDOWS\tsnp2uvc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [services] C:\windows\services.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PromoReg] C:\windows\Temp\_ex-68.exe
O4 - HKLM\..\Run: [16544534] C:\Documents and Settings\All Users\Application
Data\16544534\16544534.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE
C:\windows\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"
/background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers
communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
-autorun
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe"
/automount
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"
-nosplash -minimized
O4 - HKCU\..\Run: [lafdi] "c:\documents and settings\christine\local settings\application
data\lafdi.exe" lafdi
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE
RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE
RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE
RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default
user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Startup: ikowin32.exe
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and
Settings\Christine\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: StarOffice 7.lnk = F:\disk f de travaille cellier\program\quickstart.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program
Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program
Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583}
- C:\windows\Network Diagnostic\xpnetdiag.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program
Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program
Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program
Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY
Shared\Service\Boonty.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -
C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. -
C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program
Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) -
Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers
communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Fichiers
communs\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Fichiers
communs\Sonic Shared\RoxioUpnpService9.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program
Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software -
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Fichiers communs\SureThing
Shared\stllssvr.exe (file missing)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:37:15, on 20/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Documents and Settings\Christine\Mes documents\UPS Widget\UPS_Widget.exe
C:\WINDOWS\FixCamera.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\vsnp2uvc.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\tsnp2uvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\services.exe
C:\windows\Temp\_ex-68.exe
C:\Documents and Settings\All Users\Application Data\16544534\16544534.exe
C:\windows\system32\ctfmon.exe
C:\Windows\LSD\LClock\lclock.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\documents and settings\christine\local settings\application data\lafdi.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\sistray.exe
C:\Documents and Settings\Christine\Application Data\Microsoft\Notification de cadeaux
MSN\lsnfier.exe
F:\disk f de travaille cellier\program\soffice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\system32\hpoipm07.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\ImNotfy.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Documents and Settings\Christine\Bureau\ANTI VIRUS\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.shareware.pro/?lang=fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://melanthios-ana.com/zcvisitor/1624d318-3614-11eb-87b9-12a1ab6c324d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=47f83760-f118-11ea-9bc8-0ac2bbf4ada7
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program
Files\RapidSolution\AudialsOne\Tunebite\plugins\IE\TB_WebRipIePlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program
Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -
C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} -
C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program
Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program
Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program
Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers
communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [UPS Widget] "C:\Documents and Settings\Christine\Mes documents\UPS
Widget\UPS_Widget.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\WINDOWS\tsnp2uvc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [services] C:\windows\services.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PromoReg] C:\windows\Temp\_ex-68.exe
O4 - HKLM\..\Run: [16544534] C:\Documents and Settings\All Users\Application
Data\16544534\16544534.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE
C:\windows\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"
/background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers
communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
-autorun
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe"
/automount
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"
-nosplash -minimized
O4 - HKCU\..\Run: [lafdi] "c:\documents and settings\christine\local settings\application
data\lafdi.exe" lafdi
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE
RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE
RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE
RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default
user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Startup: ikowin32.exe
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and
Settings\Christine\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: StarOffice 7.lnk = F:\disk f de travaille cellier\program\quickstart.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program
Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program
Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583}
- C:\windows\Network Diagnostic\xpnetdiag.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program
Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program
Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program
Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY
Shared\Service\Boonty.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -
C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. -
C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program
Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) -
Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers
communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Fichiers
communs\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Fichiers
communs\Sonic Shared\RoxioUpnpService9.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program
Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software -
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Fichiers communs\SureThing
Shared\stllssvr.exe (file missing)
Bonjour,
Voici le dernier rapport
Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2665
Windows 5.1.2600 Service Pack 3
24/08/2009 16:29:22
mbam-log-2009-08-24 (16-29-22).txt
Type de recherche: Examen complet (C:\|F:\|I:\|J:\|)
Eléments examinés: 480812
Temps écoulé: 3 hour(s), 44 minute(s), 6 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Voici le dernier rapport
Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2665
Windows 5.1.2600 Service Pack 3
24/08/2009 16:29:22
mbam-log-2009-08-24 (16-29-22).txt
Type de recherche: Examen complet (C:\|F:\|I:\|J:\|)
Eléments examinés: 480812
Temps écoulé: 3 hour(s), 44 minute(s), 6 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
