Rapport highjackthis

Fermé
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022 - 28 oct. 2009 à 16:12
pimprenelle27 Messages postés 20851 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 - 10 déc. 2009 à 00:19
Bonjour,
Bonjour, je cherche à supprimer un virus nommé shredder, quelqu'un peut -il me donner un oup de main pour interpréter ce rapport de highjackthis?


Merci.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:08:35, on 28/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Le Robert\Le Petit Robert\PRHYPER.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Native Instruments\Audio Kontrol 1\Audio Kontrol 1.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\max\Downloads\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Audio Kontrol 1] C:\Program Files\Native Instruments\Audio Kontrol 1\Audio Kontrol 1.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - (no file)
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - (no file)
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI8CBC~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{130B8CB1-F13A-4CC3-8BF5-7FE7473752B1}: NameServer = 192.168.1.1
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service Google Update (gupdate1c9e75f971307a1) (gupdate1c9e75f971307a1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)

35 réponses

masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
2 nov. 2009 à 11:14
Salut Pimprenelle,

J'ai supprimé tout ce qui était dans le dossier de quarantaine. Mais, Pc confidential apparait toujours dans l'onglet "outil" d'internet explorer et ce navigateur web a toujours les memes problèmes notamment à la fermeture d'une fenetre (alors que Mozilla fonctionne correctement). Dois-je envisager un reformatage ?

Merci à toi en tout cas.
0
pimprenelle27 Messages postés 20851 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
2 nov. 2009 à 11:16
on a pas fini refais moi un nouveau RSIT.
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
3 nov. 2009 à 19:27
Salut,
Voila le nouveau rapport RSIT

Run by max at 2009-11-03 19:24:36
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 24 GB (10%) free of 234 GB
Total RAM: 3327 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:24:44, on 03/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Le Robert\Le Petit Robert\PRHYPER.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Native Instruments\Audio Kontrol 1\Audio Kontrol 1.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\eMule\emule.exe
C:\Users\max\Desktop\RSIT.exe
C:\Program Files\trend micro\max.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Audio Kontrol 1] C:\Program Files\Native Instruments\Audio Kontrol 1\Audio Kontrol 1.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - (no file)
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - (no file)
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI8CBC~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{130B8CB1-F13A-4CC3-8BF5-7FE7473752B1}: NameServer = 192.168.1.1
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service Google Update (gupdate1c9e75f971307a1) (gupdate1c9e75f971307a1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
3 nov. 2009 à 22:45
Salut, j'epsere que c'est bien le rapport demandé.
All processes killed
========== FILES ==========
C:\Windows\system32\tmp.txt moved successfully.
Folder move failed. C:\Program Files\Smart-Shopper\Bin\2.5.1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Smart-Shopper\Bin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Smart-Shopper scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXJTUXAX\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQ13B79T\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOXIVW61\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5LCDVG7P\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXJTUXAX\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQ13B79T\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOXIVW61\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5LCDVG7P\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: freenet

User: max
->Temp folder emptied: 13187218 bytes
File delete failed. C:\Users\max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 524751335 bytes
->Java cache emptied: 57447261 bytes
->FireFox cache emptied: 60416514 bytes
->Google Chrome cache emptied: 6797392 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\fwtsqmfile00.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile01.sqm scheduled to be deleted on reboot.
Windows Temp folder emptied: 14682 bytes
RecycleBin emptied: 205714028 bytes

Total Files Cleaned = 828,17 mb


OTM by OldTimer - Version 3.0.0.6 log created on 11032009_221702

Files moved on Reboot...
Folder move failed. C:\Program Files\Smart-Shopper\Bin\2.5.1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Smart-Shopper\Bin\2.5.1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Smart-Shopper\Bin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Smart-Shopper\Bin\2.5.1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Smart-Shopper\Bin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Smart-Shopper scheduled to be moved on reboot.
File move failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXJTUXAX\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQ13B79T\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOXIVW61\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5LCDVG7P\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXJTUXAX\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQ13B79T\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOXIVW61\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5LCDVG7P\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\fwtsqmfile00.sqm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\fwtsqmfile01.sqm scheduled to be moved on reboot.

Registry entries deleted on Reboot...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
5 nov. 2009 à 00:00
Salut,
dernier rapport en date

-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : max ( Not Administrator ! )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:228 Go (Free:16 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:126 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total:1963 Mo (Free:1 Go)
I:\ (USB)
K:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:149 Go (Free:29 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 04/11/2009|23:56 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Playalot Games
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\SmartShopper
C:\Program Files\Smart-Shopper
C:\Program Files\Smart-Shopper\Bin
C:\Program Files\Smart-Shopper\Uninst.exe
C:\Program Files\Smart-Shopper\Bin\2.5.1

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Local Page"="C:\\windows\\system32\\blank.htm"
"ICQ Search"="http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 04/11/2009|23:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 04/11/2009|23:56 - Option : [1]

-----------\\ Fin du rapport a 23:56:37,41
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
5 nov. 2009 à 11:22
Salut,
nouveau rapport :


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : max ( Not Administrator ! )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:228 Go (Free:16 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:126 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total:1963 Mo (Free:1 Go)
I:\ (USB)
K:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:149 Go (Free:29 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 05/11/2009|11:12 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Playalot Games
Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\SmartShopper
Supprime! - C:\Program Files\Smart-Shopper\Bin
Supprime! - C:\Program Files\Smart-Shopper\Uninst.exe
Supprime! - C:\Program Files\Smart-Shopper

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Local Page"="C:\\windows\\system32\\blank.htm"
"ICQ Search"="http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 04/11/2009|23:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 04/11/2009|23:56 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 05/11/2009|11:13 - Option : [2]
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
9 nov. 2009 à 13:17
Salut,
nouveau rapport :


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : max ( Not Administrator ! )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:228 Go (Free:16 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:126 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total:1963 Mo (Free:1 Go)
I:\ (USB)
K:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:149 Go (Free:29 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 05/11/2009|11:12 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Playalot Games
Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\SmartShopper
Supprime! - C:\Program Files\Smart-Shopper\Bin
Supprime! - C:\Program Files\Smart-Shopper\Uninst.exe
Supprime! - C:\Program Files\Smart-Shopper

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Local Page"="C:\\windows\\system32\\blank.htm"
"ICQ Search"="http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 04/11/2009|23:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 04/11/2009|23:56 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 05/11/2009|11:13 - Option : [2]
0
pimprenelle27 Messages postés 20851 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
10 nov. 2009 à 00:48
Oui excuse moi :

▶ Télécharge sur le bureau Navilog1

*Si ton antivirus s'affole , le désactiver
sous vista : Clic-droit sur le raccourci Navilog1 présent sur le bureau et choisis "Exécuter en tant qu'administrateur"
Sous XP : double-clic dessus pour l'installer et le lancer


▶ Quand installé
▶ taper F
▶ Appuyer sur une touche jusqu' arriver aux options
▶ Choisir l'option 1 (recherche/désinfection automatique)

▶ne pas utiliser les autres sans avis , il peut y avoir des processus légitimes

▶un rapport : fixnavi.txt dans ==> C:

▶le copier et le coller dans la réponse
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
11 nov. 2009 à 09:45
Salut Pimprenelle27,
ravi de te retrouver...
Fix Navipromo version 4.0.5 commencé le 11/11/2009 9:31:37,86

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : max ( Administrator )
BOOT : Normal boot


J'ajoute ceci, je viens de faire un nouveau scan avec Lpo sd qui me dit
--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-11 09:45:59
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 704

C:\ (Local Disk) - NTFS - Total:228 Go (Free:10 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:126 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total:1963 Mo (Free:1 Go)
I:\ (USB)
K:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:149 Go (Free:29 Go)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur




Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\max\AppData\Local\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !



*** Scan terminé 11/11/2009 9:40:33,71 ***
0
pimprenelle27 Messages postés 20851 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
11 nov. 2009 à 21:07
y a eu mélange de navipromo avec lop tu peux me remettre ça dans l'ordre STP.
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
14 nov. 2009 à 13:37
Salut,
voila donc le navipromo seul. J'avais ajouté un ajouté un autre scan parce qu'une mise à jour récente de messenger ressemblait à un virus...

Fix Navipromo version 4.0.5 commencé le 14/11/2009 13:31:30,35

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : max ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:228 Go (Free:9 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:126 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total:1963 Mo (Free:1 Go)
I:\ (USB)
K:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:149 Go (Free:29 Go)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur


C:\Windows\prefetch\GAME.EXE-BF9AEB55.pf supprimé !


Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\max\AppData\Local\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok




*** Scan terminé 14/11/2009 13:33:52,73 ***
0
pimprenelle27 Messages postés 20851 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
15 nov. 2009 à 23:58
Et le rapport lop?
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
16 nov. 2009 à 13:16
Salut, voila le rapport lop

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : max ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:228 Go (Free:8 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:127 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total:1963 Mo (Free:1 Go)
I:\ (USB)
K:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:149 Go (Free:29 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 16/11/2009|13:12 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[08/02/2008|18:32] C:\Users\max\AppData\Local\{7148F0A6-6813-11D6-A77B-00B0D0142050}
[01/02/2008|18:50] C:\Users\max\AppData\Local\Adobe
[08/03/2008|13:12] C:\Users\max\AppData\Local\Ahead
[17/04/2008|16:04] C:\Users\max\AppData\Local\Apple
[10/10/2009|19:30] C:\Users\max\AppData\Local\Apple Computer
[27/01/2008|21:46] C:\Users\max\AppData\Local\Application Data
[16/11/2009|12:28] C:\Users\max\AppData\Local\ApplicationHistory
[11/02/2008|11:12] C:\Users\max\AppData\Local\Apps
[27/01/2008|21:48] C:\Users\max\AppData\Local\ATI
[28/06/2009|22:10] C:\Users\max\AppData\Local\Boss Media
[07/11/2009|13:55] C:\Users\max\AppData\Local\d3d9caps.dat
[05/07/2009|20:23] C:\Users\max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[10/02/2008|09:28] C:\Users\max\AppData\Local\eMule
[22/03/2009|23:05] C:\Users\max\AppData\Local\FullTiltPoker
[02/04/2008|15:22] C:\Users\max\AppData\Local\fusioncache.dat
[25/10/2009|22:11] C:\Users\max\AppData\Local\GDIPFONTCACHEV1.DAT
[07/06/2009|12:06] C:\Users\max\AppData\Local\Google
[27/01/2008|21:46] C:\Users\max\AppData\Local\Historique
[16/11/2009|00:44] C:\Users\max\AppData\Local\IconCache.db
[17/11/2008|00:09] C:\Users\max\AppData\Local\Microsoft
[16/03/2008|18:21] C:\Users\max\AppData\Local\Microsoft Help
[27/01/2008|23:24] C:\Users\max\AppData\Local\Mozilla
[12/02/2009|13:24] C:\Users\max\AppData\Local\Native Instruments
[17/02/2009|22:30] C:\Users\max\AppData\Local\Nero
[04/06/2009|20:59] C:\Users\max\AppData\Local\Neuf
[27/01/2008|21:47] C:\Users\max\AppData\Local\PlayMovie
[30/08/2009|12:03] C:\Users\max\AppData\Local\PokerStars
[27/01/2008|21:47] C:\Users\max\AppData\Local\PowerCinema
[02/04/2008|15:35] C:\Users\max\AppData\Local\Sony
[16/11/2009|13:04] C:\Users\max\AppData\Local\Temp
[27/01/2008|21:46] C:\Users\max\AppData\Local\Temporary Internet Files
[27/01/2008|23:24] C:\Users\max\AppData\Local\VirtualStore
[26/10/2009|23:04] C:\Users\max\AppData\Local\xobni_installer_updater.log

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[16/11/2009 12:27][--a------] C:\Windows\tasks\PCConfidential.job
[31/10/2009 15:32][--a------] C:\Windows\tasks\RPCReminder.job
[16/11/2009 12:27][--a------] C:\Windows\tasks\RegPowerClean.job
[16/11/2009 12:25][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[16/11/2009 12:27][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[16/11/2009 12:26][--a------] C:\Windows\tasks\Google Software Updater.job
[29/12/2008 17:17][--a------] C:\Windows\tasks\yxzqrmnk.job
[16/11/2009 12:27][--a------] C:\Windows\tasks\AutoSmartDefrag.job
[16/11/2009 12:23][--ah-----] C:\Windows\tasks\SA.DAT
[16/11/2009 00:44][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[06/05/2007|20:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[16/09/2009|12:46] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[03/04/2009|18:26] C:\ProgramData\{7D88804A-CB1E-43FE-88E8-53F833ADBB43}
[26/08/2009|16:45] C:\ProgramData\1C338
[13/11/2009|17:24] C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[10/02/2008|19:30] C:\ProgramData\addr_file.html
[09/02/2008|16:42] C:\ProgramData\Adobe
[21/06/2008|12:42] C:\ProgramData\Apple
[25/11/2008|11:44] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[13/07/2009|17:15] C:\ProgramData\ArtsAcoustic
[07/12/2007|08:43] C:\ProgramData\ATI
[14/11/2009|13:43] C:\ProgramData\Avira
[10/05/2009|21:24] C:\ProgramData\BOONTY
[28/06/2009|22:10] C:\ProgramData\Boss Media
[27/01/2008|21:42] C:\ProgramData\Bureau
[17/09/2008|14:15] C:\ProgramData\ConeXware
[27/01/2008|21:54] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[09/03/2008|01:07] C:\ProgramData\Downloaded Installations
[10/02/2008|09:29] C:\ProgramData\eMule
[27/01/2008|21:53] C:\ProgramData\eSobi
[27/01/2008|21:42] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[19/08/2008|09:27] C:\ProgramData\fssg
[30/08/2009|13:11] C:\ProgramData\Google
[16/11/2009|12:26] C:\ProgramData\Google Updater
[13/11/2009|17:24] C:\ProgramData\HotbarSA
[29/12/2008|22:37] C:\ProgramData\ICQ
[28/10/2009|20:12] C:\ProgramData\KONAMI
[18/07/2008|14:54] C:\ProgramData\Lavasoft
[08/03/2008|13:13] C:\ProgramData\LightScribe
[23/01/2009|17:47] C:\ProgramData\Malwarebytes
[27/01/2008|21:42] C:\ProgramData\Menu D‚marrer
[07/11/2009|14:31] C:\ProgramData\Microsoft
[11/11/2009|03:03] C:\ProgramData\Microsoft Help
[27/01/2008|21:42] C:\ProgramData\ModŠles
[30/08/2009|13:10] C:\ProgramData\Nero
[05/07/2009|20:21] C:\ProgramData\ntuser.pol
[10/08/2009|18:13] C:\ProgramData\ntusers.log
[07/10/2009|06:40] C:\ProgramData\Office Genuine Advantage
[19/09/2008|14:04] C:\ProgramData\Pinnacle
[29/02/2008|02:50] C:\ProgramData\QuickTime
[13/11/2009|17:47] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[27/01/2008|22:06] C:\ProgramData\Symantec
[10/08/2009|23:27] C:\ProgramData\SymplisIT
[02/05/2008|20:24] C:\ProgramData\Syncrosoft
[31/05/2008|16:21] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[26/10/2009|23:09] C:\ProgramData\Winferno
[08/02/2008|20:32] C:\ProgramData\WLInstaller
[12/02/2008|09:35] C:\ProgramData\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files

[26/08/2009|22:13] C:\Program Files\8085 Simulator v 3.0.0
[31/12/2008|17:55] C:\Program Files\Ableton
[27/01/2008|21:56] C:\Program Files\Acer Arcade Live
[07/12/2007|08:38] C:\Program Files\Acer Inc
[06/05/2007|20:22] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|20:23] C:\Program Files\Adobe
[27/06/2008|08:55] C:\Program Files\Alwil Software
[22/10/2008|19:08] C:\Program Files\Apple Software Update
[07/12/2007|08:33] C:\Program Files\ATI
[12/11/2009|00:06] C:\Program Files\ATI Technologies
[19/09/2008|16:11] C:\Program Files\Audacity 1.3 Beta (Unicode)
[13/03/2008|19:34] C:\Program Files\AviSynth 2.5
[27/01/2009|20:46] C:\Program Files\BitComet
[23/12/2008|10:50] C:\Program Files\Bonjour
[10/05/2009|21:05] C:\Program Files\BoontyGames
[12/11/2009|00:07] C:\Program Files\BSplayer
[10/02/2008|11:48] C:\Program Files\Canon
[11/01/2009|02:40] C:\Program Files\CasinoOnNet
[07/11/2009|14:31] C:\Program Files\Common Files
[17/06/2008|15:46] C:\Program Files\Conduit
[29/01/2008|19:31] C:\Program Files\DAEMON Tools Lite
[07/06/2009|12:03] C:\Program Files\DivX
[02/05/2008|22:43] C:\Program Files\dpp
[22/03/2008|23:10] C:\Program Files\eMule
[13/03/2008|19:33] C:\Program Files\eRightSoft
[27/01/2008|21:57] C:\Program Files\eSobi
[27/01/2008|21:42] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[22/03/2008|10:45] C:\Program Files\FLV Player
[27/10/2009|10:26] C:\Program Files\Free Offers from Freeze.com
[30/08/2009|13:12] C:\Program Files\Full Tilt Poker
[27/01/2008|22:16] C:\Program Files\Glary Utilities
[30/08/2009|13:11] C:\Program Files\Google
[10/02/2008|12:40] C:\Program Files\Guitar Pro 5
[13/11/2009|17:24] C:\Program Files\Hotbar
[29/12/2008|22:37] C:\Program Files\ICQ6Toolbar
[26/08/2009|16:45] C:\Program Files\iMeshMediabarTb
[31/10/2009|15:32] C:\Program Files\InstallShield Installation Information
[10/08/2009|18:13] C:\Program Files\Intel
[18/05/2008|15:06] C:\Program Files\InterActual
[28/10/2009|22:11] C:\Program Files\Internet Explorer
[11/05/2008|10:19] C:\Program Files\IObit
[16/09/2009|12:45] C:\Program Files\iPod
[03/10/2008|07:37] C:\Program Files\IsoBuster
[16/09/2009|12:46] C:\Program Files\iTunes
[13/09/2009|09:42] C:\Program Files\Java
[09/02/2008|17:35] C:\Program Files\K-Lite Codec Pack
[28/10/2009|20:12] C:\Program Files\KONAMI
[18/07/2008|14:54] C:\Program Files\Lavasoft
[11/02/2008|10:29] C:\Program Files\Le Robert
[07/11/2009|14:19] C:\Program Files\Malwarebytes' Anti-Malware
[12/11/2009|00:10] C:\Program Files\Media player classic
[14/11/2009|16:23] C:\Program Files\Microsoft
[08/02/2008|22:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[25/10/2009|11:32] C:\Program Files\Microsoft Office
[25/10/2009|11:13] C:\Program Files\Microsoft Office2
[09/09/2009|16:12] C:\Program Files\Microsoft Silverlight
[02/04/2008|15:29] C:\Program Files\Microsoft SQL Server
[19/02/2008|10:10] C:\Program Files\Microsoft Visual Studio
[17/10/2009|08:37] C:\Program Files\Microsoft Works
[19/02/2008|10:09] C:\Program Files\Microsoft.NET
[26/09/2009|10:29] C:\Program Files\Movie Maker
[11/11/2009|09:52] C:\Program Files\Mozilla Firefox
[25/10/2009|11:32] C:\Program Files\MSBuild
[08/02/2008|21:56] C:\Program Files\MSXML 4.0
[31/08/2009|16:39] C:\Program Files\Native Instruments
[14/11/2009|13:34] C:\Program Files\Navilog1
[30/08/2009|13:01] C:\Program Files\Nero
[14/01/2009|23:03] C:\Program Files\Neuf
[18/07/2008|12:53] C:\Program Files\Panda Security
[06/10/2008|23:07] C:\Program Files\Pinnacle
[26/10/2009|23:05] C:\Program Files\Playalot Games
[30/08/2009|12:50] C:\Program Files\PokerStars
[07/02/2009|22:32] C:\Program Files\PowerArchiver
[10/02/2008|13:00] C:\Program Files\PowerTracks DirectX Plugins
[23/11/2008|18:06] C:\Program Files\Pro Evolution Soccer 2008
[20/05/2008|00:42] C:\Program Files\PSP VintageWarmer
[16/09/2009|12:44] C:\Program Files\QuickTime
[27/01/2008|23:37] C:\Program Files\RALINK
[10/02/2008|16:22] C:\Program Files\Real
[07/12/2007|08:32] C:\Program Files\Realtek
[04/08/2009|21:26] C:\Program Files\REAPER
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[04/06/2009|20:58] C:\Program Files\SFR
[11/02/2008|17:09] C:\Program Files\Smart HDD
[24/09/2008|00:00] C:\Program Files\Smart Projects
[04/05/2008|11:47] C:\Program Files\Sony
[02/04/2008|15:31] C:\Program Files\Sony Setup
[18/02/2009|18:20] C:\Program Files\Spectrasonics
[23/01/2009|19:09] C:\Program Files\Spybot - Search & Destroy
[08/02/2009|18:11] C:\Program Files\Steinberg
[24/08/2008|15:53] C:\Program Files\Sun
[10/08/2009|23:27] C:\Program Files\SymplisIT
[02/12/2008|12:14] C:\Program Files\Syncrosoft
[03/11/2009|19:24] C:\Program Files\Trend Micro
[10/05/2009|21:13] C:\Program Files\Ubisoft
[13/07/2009|17:15] C:\Program Files\Uninstall Information
[08/02/2008|18:23] C:\Program Files\Universalis
[13/11/2009|17:25] C:\Program Files\VideoLAN
[15/08/2009|12:37] C:\Program Files\Vstplugins
[27/01/2008|22:19] C:\Program Files\Webteh
[27/01/2008|22:18] C:\Program Files\Winamp
[26/09/2009|10:29] C:\Program Files\Windows Calendar
[26/09/2009|10:29] C:\Program Files\Windows Collaboration
[26/09/2009|10:29] C:\Program Files\Windows Defender
[26/09/2009|10:29] C:\Program Files\Windows Journal
[14/11/2009|16:23] C:\Program Files\Windows Live
[14/11/2009|16:22] C:\Program Files\Windows Live SkyDrive
[11/11/2009|03:05] C:\Program Files\Windows Mail
[28/10/2009|22:08] C:\Program Files\Windows Media Player
[27/01/2008|21:42] C:\Program Files\Windows NT
[26/09/2009|10:29] C:\Program Files\Windows Photo Gallery
[26/09/2009|10:29] C:\Program Files\Windows Sidebar
[26/10/2009|23:04] C:\Program Files\Winferno
[10/02/2008|10:18] C:\Program Files\WinRAR
[15/04/2008|16:47] C:\Program Files\Xvid
[24/08/2009|20:13] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[09/02/2008|16:42] C:\Program Files\Common Files\Adobe
[16/09/2009|12:45] C:\Program Files\Common Files\Apple
[19/02/2008|10:10] C:\Program Files\Common Files\DESIGNER
[01/05/2008|20:16] C:\Program Files\Common Files\Digidesign
[07/06/2009|12:03] C:\Program Files\Common Files\DivX Shared
[06/05/2007|20:30] C:\Program Files\Common Files\InstallShield
[08/02/2008|18:33] C:\Program Files\Common Files\Java
[06/05/2007|20:17] C:\Program Files\Common Files\LightScribe
[25/10/2009|11:32] C:\Program Files\Common Files\microsoft shared
[31/08/2009|16:40] C:\Program Files\Common Files\Native Instruments
[30/08/2009|13:11] C:\Program Files\Common Files\Nero
[30/10/2009|17:32] C:\Program Files\Common Files\NewTech Infosystems
[15/03/2008|17:36] C:\Program Files\Common Files\PX Storage Engine
[10/02/2008|16:22] C:\Program Files\Common Files\Real
[27/06/2008|08:23] C:\Program Files\Common Files\Scanner
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[27/01/2008|22:07] C:\Program Files\Common Files\Symantec Shared
[29/10/2009|14:17] C:\Program Files\Common Files\System
[07/11/2009|14:31] C:\Program Files\Common Files\Windows Live
[08/02/2008|20:37] C:\Program Files\Common Files\WindowsLiveInstaller
[26/10/2009|23:04] C:\Program Files\Common Files\Winferno
[10/02/2008|16:22] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 73 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-16 13:12:49
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 704

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:50][D:11]-> C:\Users\max\AppData\Local\Temp
[F:98][D:1]-> C:\Users\max\AppData\Roaming\MICROS~1\Windows\Cookies
[F:860][D:7]-> C:\Users\max\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:55][D:3]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 29/10/2009|15:13 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 11/11/2009| 9:48 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 16/11/2009|12:37 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 16/11/2009|12:49 - Option : [1]
5 - "C:\Lop SD\LopR_5.txt" - 16/11/2009|13:05 - Option : [1]
6 - "C:\Lop SD\LopR_6.txt" - 16/11/2009|13:14 - Option : [1]

--------------------\\ Fin du rapport a 13:14:55
[ UAC => 1 ]
0
pimprenelle27 Messages postés 20851 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
16 nov. 2009 à 13:35
tu peux me refaire un RSIT STP.
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
16 nov. 2009 à 13:40
VOila:
Logfile of random's system information tool 1.06 (written by random/random)
Run by max at 2009-11-16 13:36:45
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 9 GB (4%) free of 234 GB
Total RAM: 3327 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:36:59, on 16/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Smart HDD\GPIO\GPIOManager.exe
C:\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Le Robert\Le Petit Robert\PRHYPER.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\max\Desktop\desinfection\RSIT.exe
C:\Program Files\trend micro\max.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: D - {CBFC15E9-29B7-3CB1-81C4-16BE66D36875} - C:\Windows\system32\mq72899.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [GPIO] C:\Program Files\smart HDD\GPIO\GPIOManager.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avgnt] "C:\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI8CBC~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{130B8CB1-F13A-4CC3-8BF5-7FE7473752B1}: NameServer = 192.168.1.1
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service Google Update (gupdate1c9e75f971307a1) (gupdate1c9e75f971307a1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
16 nov. 2009 à 14:09
nouveau rapport

############################## | UsbFix V6.053 |

User : max (Administrateurs) # PC-DE-MAX
Update on 14/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 14:03:43 | 16/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Phenom(tm) 9500 Quad-Core Processor
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18828
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 228,13 Go (8,79 Go free) [ACER] # NTFS
D:\ -> Disque fixe local # 227,87 Go (127,1 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible # 1,92 Go (1,83 Go free) # FAT
I:\ -> Disque amovible
K:\ -> Disque CD-ROM
N:\ -> Disque fixe local # 149,05 Go (29,95 Go free) [BANK] # NTFS
O:\ -> Disque amovible # 974,23 Mo (924,81 Mo free) # FAT

############################## | Processus actifs |

C:\Windows\System32\smss.exe 468
C:\Windows\system32\csrss.exe 548
C:\Windows\system32\wininit.exe 604
C:\Windows\system32\csrss.exe 616
C:\Windows\system32\services.exe 652
C:\Windows\system32\lsass.exe 664
C:\Windows\system32\lsm.exe 676
C:\Windows\system32\svchost.exe 820
C:\Windows\system32\winlogon.exe 880
C:\Windows\system32\svchost.exe 952
C:\Windows\System32\svchost.exe 1012
C:\Windows\system32\Ati2evxx.exe 1040
C:\Windows\System32\svchost.exe 1064
C:\Windows\System32\svchost.exe 1092
C:\Windows\system32\svchost.exe 1124
C:\Windows\system32\svchost.exe 1228
C:\Windows\system32\SLsvc.exe 1256
C:\Windows\system32\svchost.exe 1328
C:\Windows\system32\svchost.exe 1448
C:\Windows\system32\Ati2evxx.exe 1652
C:\Windows\System32\spoolsv.exe 1760
C:\Avira\AntiVir Desktop\sched.exe 1824
C:\Windows\system32\svchost.exe 1844
C:\Avira\AntiVir Desktop\avguard.exe 1392
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1428
C:\Program Files\Bonjour\mDNSResponder.exe 1444
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2084
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe 2120
C:\Windows\system32\svchost.exe 2208
C:\Windows\system32\svchost.exe 2232
C:\Windows\System32\svchost.exe 2288
C:\Windows\system32\SearchIndexer.exe 2320
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe 2388
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 2560
C:\Windows\system32\WUDFHost.exe 2792
C:\Windows\system32\taskeng.exe 2940
C:\Windows\system32\taskeng.exe 3568
C:\Windows\system32\Dwm.exe 1832
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe 3696
C:\Windows\system32\taskeng.exe 316
C:\Windows\Explorer.EXE 3140
C:\Program Files\Java\jre6\bin\jusched.exe 3724
C:\Windows\RtHDVCpl.exe 1288
C:\Program Files\QuickTime\QTTask.exe 3772
C:\Program Files\iTunes\iTunesHelper.exe 4036
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE 4044
C:\Program Files\Smart HDD\GPIO\GPIOManager.exe 4052
C:\Avira\AntiVir Desktop\avgnt.exe 1112
C:\Program Files\Le Robert\Le Petit Robert\PRHYPER.EXE 2980
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 2204
C:\Windows\ehome\ehtray.exe 2380
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1788
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe 2104
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe 2168
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE 1180
C:\Windows\System32\mobsync.exe 2752
C:\Windows\system32\wbem\unsecapp.exe 1300
C:\Windows\system32\wbem\wmiprvse.exe 2756
C:\Windows\ehome\ehmsas.exe 520
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe 2692
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 3880
C:\Program Files\iPod\bin\iPodService.exe 4384
C:\Windows\system32\conime.exe 4716
C:\Program Files\Windows Live\Contacts\wlcomm.exe 4840
C:\Program Files\eMule\emule.exe 4568
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2296
C:\Windows\system32\NOTEPAD.EXE 5864
C:\Program Files\Mozilla Firefox\firefox.exe 5716
C:\Program Files\Windows Media Player\wmplayer.exe 2044
C:\Windows\system32\SearchProtocolHost.exe 2228
C:\Windows\system32\SearchFilterHost.exe 5132
C:\Windows\system32\wbem\wmiprvse.exe 2372

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{5defd43d-cd1c-11dc-8029-001c25539385}
shell\AutoRun\command =K:\autorun.exe

################## | Suspect | https://www.virustotal.com/gui/ |


################## | Cracks / Keygens / Serials |

"D:\Mp3\Classique\Prokofiev\Concerti\Steinberg Cubase SX3 v3.01.514\Cubase SX 3.01.514 Update and Crack\Cubasesx3.exe"
23/12/2004 04:11 |Size 20467712 |Crc32 aaf27eea |Md5 49afae1731c5af98561dd9aba99570cc

"D:\Mp3\Classique\Prokofiev\Concerti\Steinberg Cubase SX3 v3.01.514\Cubase SX 3.01.514 Update and Crack\Update_Cubase_SX_3.01.514.exe"
28/12/2004 14:09 |Size 14222206 |Crc32 6693f470 |Md5 6d21ab37d8e7f212bf53e79b23f8e3b0

"D:\Software\chessmaster 10 fr\CHESSMASTER 10 Fr + crack\chessmaster10.exe"
26/04/2007 09:41 |Size 751864 |Crc32 a9a007c4 |Md5 315f2624963865823e01a46a3e0b6696

"D:\Software\chessmaster 10 fr\CHESSMASTER 10 Fr + crack\crack\Chessmaster.exe"
25/04/2007 20:05 |Size 29184 |Crc32 2af78013 |Md5 9fe3e093ca444ab36bdbd09de340b1c5


################## | ! Fin du rapport # UsbFix V6.053 ! |
0
pimprenelle27 Messages postés 20851 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
3 déc. 2009 à 01:22
Refais moi un RSIT car depuis le temps ça a du changer.
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
3 déc. 2009 à 08:47
salut, voila le RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by max at 2009-12-03 08:37:14
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 2 GB (1%) free of 234 GB
Total RAM: 3327 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:37:51, on 03/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Smart HDD\GPIO\GPIOManager.exe
C:\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Le Robert\Le Petit Robert\PRHYPER.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\max\Desktop\desinfection\RSIT.exe
C:\Program Files\trend micro\max.exe
C:\Windows\system32\conime.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: D - {CBFC15E9-29B7-3CB1-81C4-16BE66D36875} - C:\Windows\system32\mq72899.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [GPIO] C:\Program Files\smart HDD\GPIO\GPIOManager.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avgnt] "C:\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI8CBC~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{130B8CB1-F13A-4CC3-8BF5-7FE7473752B1}: NameServer = 192.168.1.1
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service Google Update (gupdate1c9e75f971307a1) (gupdate1c9e75f971307a1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
0
pimprenelle27 Messages postés 20851 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
6 déc. 2009 à 23:09
dommage que tu n'ai pas été au bout, car il pouvait en rester d'autre le scan est long car tu doit avoir beaucoup de choses à scanner dans ton ordi mais vide la quarantaine.
0
masque007 Messages postés 71 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 30 mai 2022
9 déc. 2009 à 13:26
Salut,
J'ai vidé la quarantaine, mais le pb c'est que Shredder et PC confidentiial sont toujours dans mon pc et Ie plante toujours.
0