A voir également:
- Ralentissement du PC
- Ralentissement pc - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Whatsapp pc - Télécharger - Messagerie
- Double ecran pc - Guide
3 réponses
Narco!4
Messages postés
2385
Date d'inscription
dimanche 25 janvier 2009
Statut
Contributeur
Dernière intervention
25 octobre 2012
467
18 nov. 2009 à 11:16
18 nov. 2009 à 11:16
Bonjour,
télécharge GenProc http://www.genproc.com/GenProc.exe
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
télécharge GenProc http://www.genproc.com/GenProc.exe
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
Narco!4
Messages postés
2385
Date d'inscription
dimanche 25 janvier 2009
Statut
Contributeur
Dernière intervention
25 octobre 2012
467
18 nov. 2009 à 11:39
18 nov. 2009 à 11:39
Fait ces manips
Rapport cleannavi :
Fix Navipromo version 4.0.5 commencé le 18/11/2009 12:17:53,73
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : XP ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091117-1] 4.8.1351 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:38 Go (Free:18 Go)
D:\ (Local Disk) - NTFS - Total:36 Go (Free:23 Go)
E:\ (USB)
F:\ (CD or DVD)
Recherche executée en mode sans échec
Nettoyage executé en mode sans échec
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\prefetch\GAMEINSTLR.EXE-0116AB79.pf supprimé !
C:\WINDOWS\system32\aqlpywb.dat supprimé !
C:\WINDOWS\system32\aqlpywb_nav.dat supprimé !
C:\WINDOWS\system32\aqlpywb_navps.dat supprimé !
C:\WINDOWS\system32\icjour.dat supprimé !
C:\WINDOWS\system32\icjour_nav.dat supprimé !
C:\WINDOWS\system32\icjour_navps.dat supprimé !
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\XP\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat Egroup supprimé !
Certificat OOO-Favorit supprimé !
*** Scan terminé 18/11/2009 12:20:36,18 ***
rapport TB :
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : XP ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091117-1] 4.8.1351 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:38 Go (Free:18 Go)
D:\ (Local Disk) - NTFS - Total:36 Go (Free:23 Go)
E:\ (USB)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 18/11/2009|12:22 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\GamesBar\Localization-French.ini
Supprime! - C:\Program Files\GamesBar\Localization2-French.ini
Supprime! - C:\Program Files\GamesBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://pro.orange.fr/"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Default_Page_URL"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 18/11/2009|12:24 - Option : [2]
-----------\\ Fin du rapport a 12:24:11,28
Rapport lopR :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : XP ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091117-1] 4.8.1351 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:38 Go (Free:18 Go)
D:\ (Local Disk) - NTFS - Total:36 Go (Free:23 Go)
E:\ (USB)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 18/11/2009|12:24 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\DomPlayer
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[22/05/2009|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/09/2007|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[13/10/2008|08:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/05/2009|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/08/2007|09:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[12/11/2009|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
[18/06/2007|12:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[15/05/2007|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EBP
[01/02/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ECL
[25/04/2008|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FAM
[02/11/2009|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[19/03/2008|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[10/11/2005|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[29/08/2007|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[17/03/2009|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/09/2007|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[03/11/2008|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[04/11/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[03/06/2009|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[10/11/2009|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap
[16/10/2009|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[27/05/2004|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[09/11/2007|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[18/11/2009|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[30/09/2004|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
[30/09/2004|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
[13/11/2009|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[09/06/2009|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoConverter
[24/04/2007|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/04/2007|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[29/02/2008|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[23/10/2009|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[26/04/2004|09:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/10/2009|14:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[17/02/2006|11:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[31/08/2007|10:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/03/2009|16:47] C:\DOCUME~1\XP\APPLIC~1\3M
[04/07/2008|15:14] C:\DOCUME~1\XP\APPLIC~1\AccurateRip
[01/08/2005|11:05] C:\DOCUME~1\XP\APPLIC~1\Active Disk
[26/12/2007|12:05] C:\DOCUME~1\XP\APPLIC~1\Adobe
[19/05/2008|12:49] C:\DOCUME~1\XP\APPLIC~1\AdobeUM
[29/06/2009|12:48] C:\DOCUME~1\XP\APPLIC~1\Apple Computer
[27/04/2004|09:17] C:\DOCUME~1\XP\APPLIC~1\Arcsoft
[24/10/2008|09:13] C:\DOCUME~1\XP\APPLIC~1\Azureus
[14/11/2005|08:33] C:\DOCUME~1\XP\APPLIC~1\Canon
[15/05/2007|14:42] C:\DOCUME~1\XP\APPLIC~1\Comptabilit‚
[18/06/2007|12:49] C:\DOCUME~1\XP\APPLIC~1\CyberLink
[18/06/2007|15:13] C:\DOCUME~1\XP\APPLIC~1\DivX
[15/05/2007|14:42] C:\DOCUME~1\XP\APPLIC~1\EBP
[21/11/2008|13:55] C:\DOCUME~1\XP\APPLIC~1\eSoft Imaging
[28/01/2008|14:14] C:\DOCUME~1\XP\APPLIC~1\Google
[09/01/2009|16:11] C:\DOCUME~1\XP\APPLIC~1\gtk-2.0
[29/04/2004|15:20] C:\DOCUME~1\XP\APPLIC~1\Help
[10/11/2005|09:40] C:\DOCUME~1\XP\APPLIC~1\HP
[07/07/2008|15:09] C:\DOCUME~1\XP\APPLIC~1\Icone
[02/11/2009|15:46] C:\DOCUME~1\XP\APPLIC~1\Identities
[24/09/2009|10:55] C:\DOCUME~1\XP\APPLIC~1\Image Zone Express
[27/11/2006|14:37] C:\DOCUME~1\XP\APPLIC~1\Lavasoft
[26/04/2004|10:05] C:\DOCUME~1\XP\APPLIC~1\Leadertech
[02/12/2005|12:22] C:\DOCUME~1\XP\APPLIC~1\Macromedia
[11/09/2008|15:07] C:\DOCUME~1\XP\APPLIC~1\Media Player Classic
[23/10/2009|15:08] C:\DOCUME~1\XP\APPLIC~1\Microsoft
[12/02/2009|16:21] C:\DOCUME~1\XP\APPLIC~1\MSN6
[06/01/2009|12:13] C:\DOCUME~1\XP\APPLIC~1\OpenOffice.org
[16/10/2009|09:55] C:\DOCUME~1\XP\APPLIC~1\Real
[27/04/2004|09:10] C:\DOCUME~1\XP\APPLIC~1\ScanSoft
[05/09/2007|13:03] C:\DOCUME~1\XP\APPLIC~1\Sun
[23/10/2009|14:47] C:\DOCUME~1\XP\APPLIC~1\System
[24/09/2007|12:38] C:\DOCUME~1\XP\APPLIC~1\Talkback
[28/05/2009|09:28] C:\DOCUME~1\XP\APPLIC~1\TuneAid
[13/10/2008|08:36] C:\DOCUME~1\XP\APPLIC~1\vlc
[22/06/2009|14:59] C:\DOCUME~1\XP\APPLIC~1\WinRAR
[12/11/2009|16:02] C:\DOCUME~1\XP\APPLIC~1\Zylom
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[18/11/2009 10:54][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{FAE19171-1D35-44C5-9F00-A8564C78D669}.job
[15/08/2009 07:17][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/11/2009 12:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[27/11/2006|14:20] C:\Program Files\Adobe
[13/11/2008|14:07] C:\Program Files\AGI
[23/11/2007|11:59] C:\Program Files\Alwil Software
[23/06/2009|08:56] C:\Program Files\Apache Software Foundation
[13/10/2008|08:27] C:\Program Files\Apple Software Update
[27/04/2004|09:09] C:\Program Files\ArcSoft
[17/09/2007|13:30] C:\Program Files\Artwork
[12/11/2009|16:09] C:\Program Files\bfgclient
[22/05/2009|10:43] C:\Program Files\Bonjour
[02/11/2007|15:15] C:\Program Files\Boonty
[02/11/2007|15:15] C:\Program Files\BoontyGames
[27/04/2004|09:11] C:\Program Files\Canon
[19/01/2009|16:42] C:\Program Files\CCleaner
[16/05/2007|13:48] C:\Program Files\Certigreffe
[26/04/2004|09:24] C:\Program Files\ComPlus Applications
[18/06/2007|12:42] C:\Program Files\Cyberlink
[24/09/2007|12:36] C:\Program Files\DivX Codec
[24/09/2007|12:37] C:\Program Files\DivX Content Uploader
[24/09/2007|12:36] C:\Program Files\DivX Converter
[24/09/2007|12:37] C:\Program Files\DivX Player
[24/09/2007|12:37] C:\Program Files\DivX Web Player
[01/02/2008|13:36] C:\Program Files\ECL
[10/11/2005|09:42] C:\Program Files\EPSON
[18/09/2009|14:18] C:\Program Files\Fast Browser Search
[16/10/2009|09:52] C:\Program Files\Fichiers communs
[15/01/2008|16:08] C:\Program Files\Gemplus
[16/10/2009|16:10] C:\Program Files\Google
[31/10/2008|09:25] C:\Program Files\Hewlett-Packard
[31/10/2008|09:26] C:\Program Files\HP
[04/07/2008|15:14] C:\Program Files\Illustrate
[23/10/2009|14:38] C:\Program Files\InstallShield Installation Information
[16/10/2009|09:06] C:\Program Files\Internet Explorer
[09/01/2008|09:30] C:\Program Files\Inventel
[26/04/2004|10:12] C:\Program Files\Iomega
[29/06/2009|12:41] C:\Program Files\iPod
[29/06/2009|12:41] C:\Program Files\iTunes
[07/05/2009|10:32] C:\Program Files\Java
[22/04/2008|13:49] C:\Program Files\Kaspersky Lab
[27/11/2006|14:19] C:\Program Files\Lavasoft
[27/04/2004|09:20] C:\Program Files\Logitech
[03/11/2008|15:35] C:\Program Files\Messenger
[15/07/2009|13:25] C:\Program Files\Messenger Plus! Live
[17/03/2009|16:05] C:\Program Files\Microsoft
[11/05/2007|02:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/04/2004|09:27] C:\Program Files\microsoft frontpage
[23/03/2007|09:28] C:\Program Files\Microsoft Office
[17/03/2009|16:05] C:\Program Files\Microsoft Office Outlook Connector
[09/09/2009|16:22] C:\Program Files\Microsoft Silverlight
[29/02/2008|13:49] C:\Program Files\Microsoft SQL Server Compact Edition
[26/04/2004|10:17] C:\Program Files\Microsoft Visual Studio
[13/04/2007|02:16] C:\Program Files\Microsoft Works
[15/10/2008|07:51] C:\Program Files\Movie Maker
[10/11/2009|10:35] C:\Program Files\Mozilla Firefox
[15/08/2009|09:25] C:\Program Files\MSBuild
[26/04/2004|09:23] C:\Program Files\MSN
[26/04/2004|09:23] C:\Program Files\MSN Gaming Zone
[02/04/2008|12:39] C:\Program Files\MSN Messenger
[07/07/2008|09:01] C:\Program Files\MSXML 4.0
[18/11/2009|12:20] C:\Program Files\Navilog1
[16/09/2009|14:45] C:\Program Files\NCH Software
[15/10/2008|07:47] C:\Program Files\NetMeeting
[10/11/2009|13:11] C:\Program Files\Oberon Media
[06/01/2009|12:09] C:\Program Files\OpenOffice.org 3
[28/07/2008|10:50] C:\Program Files\orange
[13/08/2009|11:20] C:\Program Files\Outlook Express
[16/03/2009|16:53] C:\Program Files\Photo Frame Genius
[10/11/2009|14:45] C:\Program Files\PopCap Games
[29/06/2009|12:39] C:\Program Files\QuickTime
[01/02/2008|16:04] C:\Program Files\Real
[15/08/2009|09:24] C:\Program Files\Reference Assemblies
[26/04/2004|09:58] C:\Program Files\S3Inc
[27/04/2004|09:10] C:\Program Files\ScanSoft
[18/09/2009|14:18] C:\Program Files\Search Guard Plus
[18/09/2009|14:18] C:\Program Files\Search Guard PlusU
[26/04/2004|09:26] C:\Program Files\Services en ligne
[01/10/2009|14:51] C:\Program Files\SGPSA
[01/10/2009|08:21] C:\Program Files\Spybot - Search & Destroy
[25/04/2008|15:12] C:\Program Files\steek
[21/03/2008|14:03] C:\Program Files\Trend Micro
[23/10/2009|14:38] C:\Program Files\Ubisoft
[15/05/2007|13:44] C:\Program Files\Uninstall Information
[18/11/2009|10:31] C:\Program Files\VideoLAN
[04/05/2009|14:19] C:\Program Files\VirginMega
[17/03/2009|16:04] C:\Program Files\Windows Live
[27/02/2009|16:38] C:\Program Files\Windows Live Safety Center
[17/03/2009|15:51] C:\Program Files\Windows Live SkyDrive
[23/01/2008|14:24] C:\Program Files\Windows Media Connect 2
[15/10/2008|07:46] C:\Program Files\Windows Media Player
[15/10/2008|07:46] C:\Program Files\Windows NT
[07/02/2006|17:35] C:\Program Files\WindowsUpdate
[22/06/2009|14:59] C:\Program Files\WinRAR
[26/04/2004|09:27] C:\Program Files\xerox
[17/05/2006|09:03] C:\Program Files\Yahoo!
[02/12/2005|12:28] C:\Program Files\Zero G Registry
[18/11/2009|10:29] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/12/2007|11:05] C:\Program Files\Fichiers communs\Adobe
[29/06/2009|12:41] C:\Program Files\Fichiers communs\Apple
[26/04/2004|10:18] C:\Program Files\Fichiers communs\DESIGNER
[27/04/2004|09:05] C:\Program Files\Fichiers communs\EPSON
[02/12/2005|12:25] C:\Program Files\Fichiers communs\Hewlett-Packard
[10/11/2005|09:45] C:\Program Files\Fichiers communs\HP
[23/10/2009|14:43] C:\Program Files\Fichiers communs\InstallShield
[14/09/2007|09:23] C:\Program Files\Fichiers communs\Java
[27/04/2004|09:20] C:\Program Files\Fichiers communs\Logitech
[05/03/2009|10:01] C:\Program Files\Fichiers communs\Microsoft Shared
[26/04/2004|09:25] C:\Program Files\Fichiers communs\MSSoap
[28/07/2008|10:50] C:\Program Files\Fichiers communs\Oberon Media
[26/04/2004|10:08] C:\Program Files\Fichiers communs\ODBC
[16/10/2009|09:53] C:\Program Files\Fichiers communs\Real
[27/04/2004|09:10] C:\Program Files\Fichiers communs\ScanSoft Shared
[14/09/2007|09:32] C:\Program Files\Fichiers communs\Services
[26/04/2004|10:08] C:\Program Files\Fichiers communs\SpeechEngines
[02/12/2005|12:22] C:\Program Files\Fichiers communs\SWF Studio
[05/05/2009|07:59] C:\Program Files\Fichiers communs\Symantec Shared
[17/03/2009|16:05] C:\Program Files\Fichiers communs\System
[17/03/2009|13:48] C:\Program Files\Fichiers communs\Windows Live
[29/02/2008|13:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/10/2009|09:52] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 14 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-18 12:27:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1040
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:29][D:0]-> C:\DOCUME~1\XP\Cookies
[F:1392][D:12]-> C:\DOCUME~1\XP\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 18/11/2009|12:28 - Option : [2]
--------------------\\ Fin du rapport a 12:28:53
nouveau rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:06, on 18/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\hpzipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://pro.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder -
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader4.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) - https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - https://www.canalblog.com/sharedDocs/misc/uploader/ImageUploader5.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://files-mjf.jeuxvideo-flash.com/popcap/popcaploader_v10_fr.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\hpzipm12.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
Fix Navipromo version 4.0.5 commencé le 18/11/2009 12:17:53,73
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : XP ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091117-1] 4.8.1351 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:38 Go (Free:18 Go)
D:\ (Local Disk) - NTFS - Total:36 Go (Free:23 Go)
E:\ (USB)
F:\ (CD or DVD)
Recherche executée en mode sans échec
Nettoyage executé en mode sans échec
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\prefetch\GAMEINSTLR.EXE-0116AB79.pf supprimé !
C:\WINDOWS\system32\aqlpywb.dat supprimé !
C:\WINDOWS\system32\aqlpywb_nav.dat supprimé !
C:\WINDOWS\system32\aqlpywb_navps.dat supprimé !
C:\WINDOWS\system32\icjour.dat supprimé !
C:\WINDOWS\system32\icjour_nav.dat supprimé !
C:\WINDOWS\system32\icjour_navps.dat supprimé !
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\XP\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat Egroup supprimé !
Certificat OOO-Favorit supprimé !
*** Scan terminé 18/11/2009 12:20:36,18 ***
rapport TB :
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : XP ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091117-1] 4.8.1351 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:38 Go (Free:18 Go)
D:\ (Local Disk) - NTFS - Total:36 Go (Free:23 Go)
E:\ (USB)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 18/11/2009|12:22 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\GamesBar\Localization-French.ini
Supprime! - C:\Program Files\GamesBar\Localization2-French.ini
Supprime! - C:\Program Files\GamesBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://pro.orange.fr/"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Default_Page_URL"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 18/11/2009|12:24 - Option : [2]
-----------\\ Fin du rapport a 12:24:11,28
Rapport lopR :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : XP ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091117-1] 4.8.1351 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:38 Go (Free:18 Go)
D:\ (Local Disk) - NTFS - Total:36 Go (Free:23 Go)
E:\ (USB)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 18/11/2009|12:24 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\DomPlayer
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[22/05/2009|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/09/2007|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[13/10/2008|08:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/05/2009|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/08/2007|09:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[12/11/2009|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
[18/06/2007|12:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[15/05/2007|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EBP
[01/02/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ECL
[25/04/2008|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FAM
[02/11/2009|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[19/03/2008|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[10/11/2005|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[29/08/2007|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[17/03/2009|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/09/2007|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[03/11/2008|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[04/11/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[03/06/2009|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[10/11/2009|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap
[16/10/2009|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[27/05/2004|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[09/11/2007|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[18/11/2009|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[30/09/2004|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
[30/09/2004|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
[13/11/2009|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[09/06/2009|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoConverter
[24/04/2007|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/04/2007|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[29/02/2008|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[23/10/2009|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[26/04/2004|09:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/10/2009|14:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[17/02/2006|11:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[31/08/2007|10:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/03/2009|16:47] C:\DOCUME~1\XP\APPLIC~1\3M
[04/07/2008|15:14] C:\DOCUME~1\XP\APPLIC~1\AccurateRip
[01/08/2005|11:05] C:\DOCUME~1\XP\APPLIC~1\Active Disk
[26/12/2007|12:05] C:\DOCUME~1\XP\APPLIC~1\Adobe
[19/05/2008|12:49] C:\DOCUME~1\XP\APPLIC~1\AdobeUM
[29/06/2009|12:48] C:\DOCUME~1\XP\APPLIC~1\Apple Computer
[27/04/2004|09:17] C:\DOCUME~1\XP\APPLIC~1\Arcsoft
[24/10/2008|09:13] C:\DOCUME~1\XP\APPLIC~1\Azureus
[14/11/2005|08:33] C:\DOCUME~1\XP\APPLIC~1\Canon
[15/05/2007|14:42] C:\DOCUME~1\XP\APPLIC~1\Comptabilit‚
[18/06/2007|12:49] C:\DOCUME~1\XP\APPLIC~1\CyberLink
[18/06/2007|15:13] C:\DOCUME~1\XP\APPLIC~1\DivX
[15/05/2007|14:42] C:\DOCUME~1\XP\APPLIC~1\EBP
[21/11/2008|13:55] C:\DOCUME~1\XP\APPLIC~1\eSoft Imaging
[28/01/2008|14:14] C:\DOCUME~1\XP\APPLIC~1\Google
[09/01/2009|16:11] C:\DOCUME~1\XP\APPLIC~1\gtk-2.0
[29/04/2004|15:20] C:\DOCUME~1\XP\APPLIC~1\Help
[10/11/2005|09:40] C:\DOCUME~1\XP\APPLIC~1\HP
[07/07/2008|15:09] C:\DOCUME~1\XP\APPLIC~1\Icone
[02/11/2009|15:46] C:\DOCUME~1\XP\APPLIC~1\Identities
[24/09/2009|10:55] C:\DOCUME~1\XP\APPLIC~1\Image Zone Express
[27/11/2006|14:37] C:\DOCUME~1\XP\APPLIC~1\Lavasoft
[26/04/2004|10:05] C:\DOCUME~1\XP\APPLIC~1\Leadertech
[02/12/2005|12:22] C:\DOCUME~1\XP\APPLIC~1\Macromedia
[11/09/2008|15:07] C:\DOCUME~1\XP\APPLIC~1\Media Player Classic
[23/10/2009|15:08] C:\DOCUME~1\XP\APPLIC~1\Microsoft
[12/02/2009|16:21] C:\DOCUME~1\XP\APPLIC~1\MSN6
[06/01/2009|12:13] C:\DOCUME~1\XP\APPLIC~1\OpenOffice.org
[16/10/2009|09:55] C:\DOCUME~1\XP\APPLIC~1\Real
[27/04/2004|09:10] C:\DOCUME~1\XP\APPLIC~1\ScanSoft
[05/09/2007|13:03] C:\DOCUME~1\XP\APPLIC~1\Sun
[23/10/2009|14:47] C:\DOCUME~1\XP\APPLIC~1\System
[24/09/2007|12:38] C:\DOCUME~1\XP\APPLIC~1\Talkback
[28/05/2009|09:28] C:\DOCUME~1\XP\APPLIC~1\TuneAid
[13/10/2008|08:36] C:\DOCUME~1\XP\APPLIC~1\vlc
[22/06/2009|14:59] C:\DOCUME~1\XP\APPLIC~1\WinRAR
[12/11/2009|16:02] C:\DOCUME~1\XP\APPLIC~1\Zylom
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[18/11/2009 10:54][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{FAE19171-1D35-44C5-9F00-A8564C78D669}.job
[15/08/2009 07:17][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/11/2009 12:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[27/11/2006|14:20] C:\Program Files\Adobe
[13/11/2008|14:07] C:\Program Files\AGI
[23/11/2007|11:59] C:\Program Files\Alwil Software
[23/06/2009|08:56] C:\Program Files\Apache Software Foundation
[13/10/2008|08:27] C:\Program Files\Apple Software Update
[27/04/2004|09:09] C:\Program Files\ArcSoft
[17/09/2007|13:30] C:\Program Files\Artwork
[12/11/2009|16:09] C:\Program Files\bfgclient
[22/05/2009|10:43] C:\Program Files\Bonjour
[02/11/2007|15:15] C:\Program Files\Boonty
[02/11/2007|15:15] C:\Program Files\BoontyGames
[27/04/2004|09:11] C:\Program Files\Canon
[19/01/2009|16:42] C:\Program Files\CCleaner
[16/05/2007|13:48] C:\Program Files\Certigreffe
[26/04/2004|09:24] C:\Program Files\ComPlus Applications
[18/06/2007|12:42] C:\Program Files\Cyberlink
[24/09/2007|12:36] C:\Program Files\DivX Codec
[24/09/2007|12:37] C:\Program Files\DivX Content Uploader
[24/09/2007|12:36] C:\Program Files\DivX Converter
[24/09/2007|12:37] C:\Program Files\DivX Player
[24/09/2007|12:37] C:\Program Files\DivX Web Player
[01/02/2008|13:36] C:\Program Files\ECL
[10/11/2005|09:42] C:\Program Files\EPSON
[18/09/2009|14:18] C:\Program Files\Fast Browser Search
[16/10/2009|09:52] C:\Program Files\Fichiers communs
[15/01/2008|16:08] C:\Program Files\Gemplus
[16/10/2009|16:10] C:\Program Files\Google
[31/10/2008|09:25] C:\Program Files\Hewlett-Packard
[31/10/2008|09:26] C:\Program Files\HP
[04/07/2008|15:14] C:\Program Files\Illustrate
[23/10/2009|14:38] C:\Program Files\InstallShield Installation Information
[16/10/2009|09:06] C:\Program Files\Internet Explorer
[09/01/2008|09:30] C:\Program Files\Inventel
[26/04/2004|10:12] C:\Program Files\Iomega
[29/06/2009|12:41] C:\Program Files\iPod
[29/06/2009|12:41] C:\Program Files\iTunes
[07/05/2009|10:32] C:\Program Files\Java
[22/04/2008|13:49] C:\Program Files\Kaspersky Lab
[27/11/2006|14:19] C:\Program Files\Lavasoft
[27/04/2004|09:20] C:\Program Files\Logitech
[03/11/2008|15:35] C:\Program Files\Messenger
[15/07/2009|13:25] C:\Program Files\Messenger Plus! Live
[17/03/2009|16:05] C:\Program Files\Microsoft
[11/05/2007|02:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/04/2004|09:27] C:\Program Files\microsoft frontpage
[23/03/2007|09:28] C:\Program Files\Microsoft Office
[17/03/2009|16:05] C:\Program Files\Microsoft Office Outlook Connector
[09/09/2009|16:22] C:\Program Files\Microsoft Silverlight
[29/02/2008|13:49] C:\Program Files\Microsoft SQL Server Compact Edition
[26/04/2004|10:17] C:\Program Files\Microsoft Visual Studio
[13/04/2007|02:16] C:\Program Files\Microsoft Works
[15/10/2008|07:51] C:\Program Files\Movie Maker
[10/11/2009|10:35] C:\Program Files\Mozilla Firefox
[15/08/2009|09:25] C:\Program Files\MSBuild
[26/04/2004|09:23] C:\Program Files\MSN
[26/04/2004|09:23] C:\Program Files\MSN Gaming Zone
[02/04/2008|12:39] C:\Program Files\MSN Messenger
[07/07/2008|09:01] C:\Program Files\MSXML 4.0
[18/11/2009|12:20] C:\Program Files\Navilog1
[16/09/2009|14:45] C:\Program Files\NCH Software
[15/10/2008|07:47] C:\Program Files\NetMeeting
[10/11/2009|13:11] C:\Program Files\Oberon Media
[06/01/2009|12:09] C:\Program Files\OpenOffice.org 3
[28/07/2008|10:50] C:\Program Files\orange
[13/08/2009|11:20] C:\Program Files\Outlook Express
[16/03/2009|16:53] C:\Program Files\Photo Frame Genius
[10/11/2009|14:45] C:\Program Files\PopCap Games
[29/06/2009|12:39] C:\Program Files\QuickTime
[01/02/2008|16:04] C:\Program Files\Real
[15/08/2009|09:24] C:\Program Files\Reference Assemblies
[26/04/2004|09:58] C:\Program Files\S3Inc
[27/04/2004|09:10] C:\Program Files\ScanSoft
[18/09/2009|14:18] C:\Program Files\Search Guard Plus
[18/09/2009|14:18] C:\Program Files\Search Guard PlusU
[26/04/2004|09:26] C:\Program Files\Services en ligne
[01/10/2009|14:51] C:\Program Files\SGPSA
[01/10/2009|08:21] C:\Program Files\Spybot - Search & Destroy
[25/04/2008|15:12] C:\Program Files\steek
[21/03/2008|14:03] C:\Program Files\Trend Micro
[23/10/2009|14:38] C:\Program Files\Ubisoft
[15/05/2007|13:44] C:\Program Files\Uninstall Information
[18/11/2009|10:31] C:\Program Files\VideoLAN
[04/05/2009|14:19] C:\Program Files\VirginMega
[17/03/2009|16:04] C:\Program Files\Windows Live
[27/02/2009|16:38] C:\Program Files\Windows Live Safety Center
[17/03/2009|15:51] C:\Program Files\Windows Live SkyDrive
[23/01/2008|14:24] C:\Program Files\Windows Media Connect 2
[15/10/2008|07:46] C:\Program Files\Windows Media Player
[15/10/2008|07:46] C:\Program Files\Windows NT
[07/02/2006|17:35] C:\Program Files\WindowsUpdate
[22/06/2009|14:59] C:\Program Files\WinRAR
[26/04/2004|09:27] C:\Program Files\xerox
[17/05/2006|09:03] C:\Program Files\Yahoo!
[02/12/2005|12:28] C:\Program Files\Zero G Registry
[18/11/2009|10:29] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/12/2007|11:05] C:\Program Files\Fichiers communs\Adobe
[29/06/2009|12:41] C:\Program Files\Fichiers communs\Apple
[26/04/2004|10:18] C:\Program Files\Fichiers communs\DESIGNER
[27/04/2004|09:05] C:\Program Files\Fichiers communs\EPSON
[02/12/2005|12:25] C:\Program Files\Fichiers communs\Hewlett-Packard
[10/11/2005|09:45] C:\Program Files\Fichiers communs\HP
[23/10/2009|14:43] C:\Program Files\Fichiers communs\InstallShield
[14/09/2007|09:23] C:\Program Files\Fichiers communs\Java
[27/04/2004|09:20] C:\Program Files\Fichiers communs\Logitech
[05/03/2009|10:01] C:\Program Files\Fichiers communs\Microsoft Shared
[26/04/2004|09:25] C:\Program Files\Fichiers communs\MSSoap
[28/07/2008|10:50] C:\Program Files\Fichiers communs\Oberon Media
[26/04/2004|10:08] C:\Program Files\Fichiers communs\ODBC
[16/10/2009|09:53] C:\Program Files\Fichiers communs\Real
[27/04/2004|09:10] C:\Program Files\Fichiers communs\ScanSoft Shared
[14/09/2007|09:32] C:\Program Files\Fichiers communs\Services
[26/04/2004|10:08] C:\Program Files\Fichiers communs\SpeechEngines
[02/12/2005|12:22] C:\Program Files\Fichiers communs\SWF Studio
[05/05/2009|07:59] C:\Program Files\Fichiers communs\Symantec Shared
[17/03/2009|16:05] C:\Program Files\Fichiers communs\System
[17/03/2009|13:48] C:\Program Files\Fichiers communs\Windows Live
[29/02/2008|13:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/10/2009|09:52] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 14 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-18 12:27:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1040
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:29][D:0]-> C:\DOCUME~1\XP\Cookies
[F:1392][D:12]-> C:\DOCUME~1\XP\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 18/11/2009|12:28 - Option : [2]
--------------------\\ Fin du rapport a 12:28:53
nouveau rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:06, on 18/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\hpzipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://pro.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder -
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader4.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) - https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - https://www.canalblog.com/sharedDocs/misc/uploader/ImageUploader5.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://files-mjf.jeuxvideo-flash.com/popcap/popcaploader_v10_fr.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\hpzipm12.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
Narco!4
Messages postés
2385
Date d'inscription
dimanche 25 janvier 2009
Statut
Contributeur
Dernière intervention
25 octobre 2012
467
18 nov. 2009 à 18:01
18 nov. 2009 à 18:01
# Etape 1/ Télécharge :
ToolsCleaner! (A.Rothstein & Dj QUIOU) sur ton Bureau.
# Etape 2/
- Double-clique sur ToolsCleaner2.exe pour le lancer.
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options Facultatives.
- Clique sur Quitter pour obtenir le rapport C:\TCleaner.txt
# Etape 3/
Poste un rapport Nod32 (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
ToolsCleaner! (A.Rothstein & Dj QUIOU) sur ton Bureau.
# Etape 2/
- Double-clique sur ToolsCleaner2.exe pour le lancer.
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options Facultatives.
- Clique sur Quitter pour obtenir le rapport C:\TCleaner.txt
# Etape 3/
Poste un rapport Nod32 (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
Bonjour !
Alors voila le rapport ToolsCleaner! et le rapport Nod32....
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]
--> Recherche:
C:\cleannavi.txt: trouvé !
C:\lopR.txt: trouvé !
C:\TB.txt: trouvé !
C:\Lop SD: trouvé !
C:\GenProc: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\XP\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\XP\Bureau\Raccourcis Bureau non utilisés\catchme.log: trouvé !
C:\GenProc\Genproc.exe: trouvé !
C:\GenProc\Outil\hijackthis.log: trouvé !
C:\GenProc\Outil\mbr.exe: trouvé !
C:\GenProc\Page\GenProc[*].html: trouvé !
C:\Lop SD\catchme.exe: trouvé !
C:\Lop SD\catchme.log: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Program Files\Trend Micro\HijackThis\backups\hijackthis.log: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\XP\Bureau\HijackThis.lnk: supprimé !
C:\Lop SD\catchme.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\cleannavi.txt: supprimé !
C:\lopR.txt: supprimé !
C:\TB.txt: supprimé !
C:\Documents and Settings\XP\Bureau\Raccourcis Bureau non utilisés\catchme.log: supprimé !
C:\GenProc\Genproc.exe: supprimé !
C:\GenProc\Outil\hijackthis.log: supprimé !
C:\GenProc\Outil\mbr.exe: supprimé !
C:\GenProc\Page\GenProc[*].html: ERREUR DE SUPPRESSION !!
C:\Lop SD\catchme.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\backups\hijackthis.log: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\Lop SD: supprimé !
C:\GenProc: supprimé !
C:\Toolbar SD: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Corbeille vidée!
Fichiers temporaires nettoyés !
C:\WINDOWS\system32\decrlfegs.exe a variant of Win32/Adware.NaviPromo application cleaned by deleting - quarantined
D:\TELECHARGEMENT LOGICIELS\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe Win32/Toolbar.AskSBar application deleted - quarantined
Merci =)
Alors voila le rapport ToolsCleaner! et le rapport Nod32....
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]
--> Recherche:
C:\cleannavi.txt: trouvé !
C:\lopR.txt: trouvé !
C:\TB.txt: trouvé !
C:\Lop SD: trouvé !
C:\GenProc: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\XP\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\XP\Bureau\Raccourcis Bureau non utilisés\catchme.log: trouvé !
C:\GenProc\Genproc.exe: trouvé !
C:\GenProc\Outil\hijackthis.log: trouvé !
C:\GenProc\Outil\mbr.exe: trouvé !
C:\GenProc\Page\GenProc[*].html: trouvé !
C:\Lop SD\catchme.exe: trouvé !
C:\Lop SD\catchme.log: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Program Files\Trend Micro\HijackThis\backups\hijackthis.log: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\XP\Bureau\HijackThis.lnk: supprimé !
C:\Lop SD\catchme.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\cleannavi.txt: supprimé !
C:\lopR.txt: supprimé !
C:\TB.txt: supprimé !
C:\Documents and Settings\XP\Bureau\Raccourcis Bureau non utilisés\catchme.log: supprimé !
C:\GenProc\Genproc.exe: supprimé !
C:\GenProc\Outil\hijackthis.log: supprimé !
C:\GenProc\Outil\mbr.exe: supprimé !
C:\GenProc\Page\GenProc[*].html: ERREUR DE SUPPRESSION !!
C:\Lop SD\catchme.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\backups\hijackthis.log: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\Lop SD: supprimé !
C:\GenProc: supprimé !
C:\Toolbar SD: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Corbeille vidée!
Fichiers temporaires nettoyés !
C:\WINDOWS\system32\decrlfegs.exe a variant of Win32/Adware.NaviPromo application cleaned by deleting - quarantined
D:\TELECHARGEMENT LOGICIELS\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe Win32/Toolbar.AskSBar application deleted - quarantined
Merci =)
18 nov. 2009 à 11:38
Rapport GenProc 2.650 [1] - 18/11/2009 à 11:32:02
@ Windows XP Service Pack 3 - Mode normal
@ Internet Explorer 8.0.6001.18702 [Navigateur par défaut]
Il est impératif de désactiver le résident TeaTimer de Spybot pendant l'ensemble des manipulations qui vont suivre. Aide Tea-Timer : http://ww11.genproc.com/spybot/spybot.html
Dans CCleaner, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures" ; par la suite, laisse-le avec ses réglages par défaut. C'est tout.
# Etape 1/ Télécharge :
- Lop S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 (Eric 71 & Angeldark) sur ton Bureau.
- Navilog1 http://il.mafioso.pagesperso-orange.fr/Navifix/Navilog1.exe (IL-MAFIOSO) sur ton Bureau.
- Toolbar-S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3 (Team IDN) sur ton Bureau.
Redémarre en mode sans échec comme indiqué ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; Choisis ta session courante *** XP *** (pour retrouver le rapport, clique sur le raccourci "Rapport GenProc[1]" sur ton bureau).
# Etape 2/
Double clique sur le raccourci Navilog1 sur le Bureau, et choisis l'option 1 ; valide et patiente jusqu'au message "Scan terminé le......".
# Etape 3/
Lance Toolbar-S&D situé sur le Bureau. Tape sur "2" puis valide en appuyant sur "Entrée". Ne ferme pas la fenêtre lors de la suppression.
# Etape 4/
Double-clique sur Lop S&D pour lancer l'installation, séléctionne la langue souhaitée, puis choisis l'Option 2 - Suppression - et patiente jusqu'à ce qu'il ait terminé.
# Etape 5/
Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.
# Etape 6/
Redémarre normalement et poste, dans la même réponse :
- Le contenu du rapport cleannavi.txt situé dans C:\ ;
- Le contenu du rapport TB.txt situé dans C:\ ;
- Le contenu du rapport lopR.txt situé dans C:\ ;
- Un nouveau rapport HijackThis https://forums.cnetfrance.fr/tutoriels-securite-informatique/1549-hijackthis-comment-l-utiliser ;
- Un nouveau rapport GenProc ;
Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.
~~ Arguments de la procédure ~~
# Détections [1] GenProc 2.650 18/11/2009 à 11:32:24
Lop:le 18/11/2009 à 11:34:22 "C:\Program Files\DomPlayer"
Navipromo:le 18/11/2009 à 11:34:22 HKCU\....\Lanconfig
Toolbar:le 18/11/2009 à 11:34:24 "C:\Program Files\GamesBar"
----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------
~~ Fin à 11:35:02 ~~