Problème de telechargement, virus??

Fermé
lenoill7931 Messages postés 16 Date d'inscription jeudi 7 janvier 2010 Statut Membre Dernière intervention 21 décembre 2010 - 7 janv. 2010 à 22:11
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 - 10 janv. 2010 à 10:37
Bonjour,
depuis quelque jour je télécharge à du 3xko/s et vu que j'aime télécharger, c'est un peu ennuyeux :/ et je suppose que ça doit être un virus :o Pouvez-vous m'aider svp :'(?

j'ai utiliser Hijackthis et ça me met ça (mais pour moi, c'est pire que du japonais--'):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:52:28, on 7/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O3 - Toolbar: (no name) - {84938242-5C5B-4A55-B6B9-A1507543B418} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\system32\WinUpd.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe" /m=0
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RomStation] "C:\Program Files\RomStation\RomStation.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamini.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: RAID Manager.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk133YYBE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.gateietool.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.gateietool.com/redirect.php (file missing)
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O21 - SSODL: breadthes - {5c4f2cbc-f32d-4a03-9812-86f39379811b} - (no file)
O22 - SharedTaskScheduler: breadthes - {5c4f2cbc-f32d-4a03-9812-86f39379811b} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1c99d09aa69c136) (gupdate1c99d09aa69c136) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

22 réponses

flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
10 janv. 2010 à 10:37
Ok, la suite :


-Passer de avast à Antivir :


Desinstalle avast qui n'est pas terrible à l'aide de cet outil :


https://www.avast.com/fr-fr/uninstall-utility

Telecharge Avira Antivir ( bien mieux et gratuit ) ici :

http://www.commentcamarche.net/telecharger/telecharger-55-antivir


Puis :


Configure avira comme ceci et lancer un scan après une mise à jour :

•Configuration de Antivir :
clic droit sur son icône dans la barre des taches et sélectionner Configurer Antivir.
cocher la case : Mode Expert( en haut à gauche de la fenêtre)..
=> Cliquer sur Scanner dans le volet de gauche :
> Dans "Fichiers" sélectionner Tous les fichiers.
> Dans procédure de recherche, cocher Autoriser l'arrêt, et dans "priorité scanner" sélectionner Moyen.
> Dans "Autres réglages" cocher toutes les cases.
NE SURTOUT PAS OUBLIER LA RECHERCHE DES ROOTKIT QUI EST TRES IMPORTANTE !
> Cliquer sur "Recherche" dans le volet de gauche et appliquer les mêmes paramètres que précédemment.
=> Dérouler "Recherche" en cliquant sur le +. Cliquer sur "Heuristique" :
=> Cocher "Heuristique de MacroVirus" et "Heuristique fichier Win32" avec degré d'indentification MOYEN !
=> Dans le volet de gauche, dérouler "Guard" :
coche : contrôler pendant la lecture et l’écriture, puis à côté : tous les fichiers.
aide en images :
http://www.commentcamarche.net/...
Tuto configuration en vidéo (merci à Nico pour la vidéo) :
http://sd-1.archive-host.com/membres/up/829108531491024/video-Antivir.zip
1
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
7 janv. 2010 à 22:12
Bonsoir,

En effet, tu es inefcté :


Pour les ordinateurs équipés de Windows Vista et Windows 7, la désactivation du Contrôle des comptes utilisateurs est obligatoire
sous peine de ne pas pouvoir faire fonctionner correctement l'outil.
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

>Ad-Remover<

>Telecharge Ad-Remover et enregistre-le sur ton bureau :

https://www.commentcamarche.net/telecharger/securite/2547-ad-remover/

>Désactive ton antivirus le temps de la manip
>Déconnecte-toi d'Internet et ferme toutes applications en cours
>Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
>Au menu principal, choisis l'option L ( Nettoyage )
>Poste le rapport généré (C:\Ad-Report-CLEAN.log).
>N'oublie pas de réactiver ton anti-virus
0
jacques.gache Messages postés 33442 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 640
7 janv. 2010 à 22:17
bonjour, désolé j'avais pas vu que le sujet était déjà pris en charge je me retire @+
0
Salut,
Vous etes obliger d'utiliser un proxy?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
lenoill7931 Messages postés 16 Date d'inscription jeudi 7 janvier 2010 Statut Membre Dernière intervention 21 décembre 2010
8 janv. 2010 à 17:08
eeuuhhh,j'ai telecharger le programme, je le lance, je tape L, mon pc redémarre, et quand je me connecte sur ma session, ça met que "windows ne trouve pas c:\program~1\ad-remover\adr_01.bat......etc.

je fais quoi, stp?
0
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 17:17
Essaie en mode sans echec ( tapote F8 au demarrage du pc )
0
lenoill7931 Messages postés 16 Date d'inscription jeudi 7 janvier 2010 Statut Membre Dernière intervention 21 décembre 2010
8 janv. 2010 à 17:53
quand je tape f8 au démarrage ça me demande de selection "boot device" ou quelque chose comme ça...^^' avec
"-st Floppy Drive
-PM - pionner DVD-RV DVR-110D
-PS-DVD-ROM BPV316E
-3m- MAXTOR 6V160E0"

et avant de faire une erreur je préfère demander >.<
Je dois sélectionner un des quatre??? help please!!

PS: je suis nul niveau informatique, je sais :'(
0
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 19:06
Essaie avec F5
0
Pour F8 vous etiez dans le premier fait attendre quelque second avant d appuyé sur F8
0
lenoill7931 Messages postés 16 Date d'inscription jeudi 7 janvier 2010 Statut Membre Dernière intervention 21 décembre 2010
8 janv. 2010 à 19:52
voilà =D

.
Updated by C_XX on 05.01.2010 at 18:50
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 19:32:09, ven. 08/01/2010 | Normal Boot | Option: CLEAN
Executed from: C:\PROGRA~1\Ad-Remover\
Operating system: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Computer Name: ROBERT-65A6F78C | Current user: Zangetsu

.
============== NEUTRALIZED ELEMENT(S) ==============
.

C:\WINDOWS\System32\f3PSSavr.scr
C:\Program Files\FunWebProducts
C:\Program Files\MyWebSearch
C:\Program Files\ShoppingReport
C:\DOCUME~1\Zangetsu\APPLIC~1\Desktopicon
C:\DOCUME~1\Zangetsu\APPLIC~1\ShoppingReport
C:\DOCUME~1\Zangetsu\MENUDM~1\Ebay.lnk
C:\Program Files\MSN Messenger\Riched20.dll
C:\Program Files\Internet Explorer\msimg32.dll

(!) -- Temp files deleted.

.
HKCU\software\Fun Web Products
HKCU\software\FunWebProducts
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
HKCU\software\MyWebSearch
HKCU\software\ShoppingReport
HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\Software\Classes\CLSID\{2EFF3CF7-99C1-4c29-BC2B-68E057E22340}
HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
HKLM\software\classes\FunWebProducts.DataControl
HKLM\software\classes\FunWebProducts.DataControl.1
HKLM\software\classes\FunWebProducts.HistoryKillerScheduler
HKLM\software\classes\FunWebProducts.HistoryKillerScheduler.1
HKLM\software\classes\FunWebProducts.HistorySwatterControlBar
HKLM\software\classes\FunWebProducts.HistorySwatterControlBar.1
HKLM\software\classes\FunWebProducts.HTMLMenu
HKLM\software\classes\FunWebProducts.HTMLMenu.1
HKLM\software\classes\FunWebProducts.HTMLMenu.2
HKLM\software\classes\FunWebProducts.IECookiesManager
HKLM\software\classes\FunWebProducts.IECookiesManager.1
HKLM\software\classes\FunWebProducts.KillerObjManager
HKLM\software\classes\FunWebProducts.KillerObjManager.1
HKLM\software\classes\FunWebProducts.PopSwatterBarButton
HKLM\software\classes\FunWebProducts.PopSwatterBarButton.1
HKLM\software\classes\FunWebProducts.PopSwatterSettingsControl
HKLM\software\classes\FunWebProducts.PopSwatterSettingsControl.1
HKLM\software\classes\FunWebProducts.ShellViewControl
HKLM\software\classes\FunWebProducts.ShellViewControl.1
HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
HKLM\software\classes\MyWebSearch.HTMLPanel
HKLM\software\classes\MyWebSearch.HTMLPanel.1
HKLM\software\classes\MyWebSearch.OutlookAddin
HKLM\software\classes\MyWebSearch.OutlookAddin.1
HKLM\software\classes\MyWebSearch.PseudoTransparentPlugin
HKLM\software\classes\MyWebSearch.PseudoTransparentPlugin.1
HKLM\software\classes\MyWebSearchToolBar.SettingsPlugin
HKLM\software\classes\MyWebSearchToolBar.SettingsPlugin.1
HKLM\software\classes\MyWebSearchToolBar.ToolbarPlugin
HKLM\software\classes\MyWebSearchToolBar.ToolbarPlugin.1
HKLM\software\classes\ScreenSaverControl.ScreenSaverInstaller
HKLM\software\classes\ScreenSaverControl.ScreenSaverInstaller.1
HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
HKLM\Software\Classes\TypeLib\{621FEACD-8857-43A6-AE26-451D670D5370}
HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
HKLM\software\FocusInteractive
HKLM\software\Fun Web Products
HKLM\software\FunWebProducts
HKLM\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKLM\software\microsoft\internet explorer\searchscopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources\\F3PopularScreenSavers
HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2EFF3CF7-99C1-4C29-BC2B-68E057E22340}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform\\FunWebProducts
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin
HKLM\software\microsoft\windows\currentversion\uninstall\MyWebSearch bar Uninstall
HKLM\software\microsoft\windows\currentversion\uninstall\ShoppingReport
HKLM\software\MyWebSearch
HKLM\software\ShoppingReport
HKU\S-1-5-21-1757981266-1614895754-725345543-1008\Software\Microsoft\Internet Explorer\Searchscopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
.
============== Added scan ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
ProfilePath: 8xxtjzk0.default (Zangetsu)
.
(Zangetsu, prefs.js) Browser.download.dir, C:\Documents and Settings\Zangetsu\Bureau
(Zangetsu, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Zangetsu\Bureau
(Zangetsu, prefs.js) Browser.search.defaultenginename, Yahoo
(Zangetsu, prefs.js) Browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2187070&SearchSource=3&q=
(Zangetsu, prefs.js) Browser.startup.homepage, google.be
(Zangetsu, prefs.js) Extensions.enabledItems, delatv@detectvideo.com:0.4,{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{b905bc9d-6059-4517-a6b4-950d26299a2b}:2.3.0.4,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
(Zangetsu, prefs.js) Keyword.URL, hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
.
(Zangetsu, prefs.js) ERASED - Browser.search.defaultthis.engineName, radiodofus Customized Web Search
.
.
* Internet Explorer Version 7.0.5730.11 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\Zangetsu\Mes documents\DofusPatch_v1_23_0_to_v1_24_0.exe
.
===================================
.
13721 Byte(s) - C:\Ad-Report-CLEAN[1].log
.
0 File(s) - C:\DOCUME~1\Zangetsu\LOCALS~1\Temp
3 File(s) - C:\WINDOWS\Temp
0 File(s) - C:\WINDOWS\Prefetch
.
17 File(s) - C:\PROGRA~1\Ad-Remover\BACKUP
97 File(s) - C:\PROGRA~1\Ad-Remover\QUARANTINE
.
End at: 19:41:17 | ven. 08/01/2010 - CLEAN[1]
.
============== E.O.F ==============
.
Alors, c'est grave???
0
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 20:04
Ok, fait ceci :


>Telecharge RSIT ici et enregistre-le sur ton bureau :

http://images.malwareremoval.com/random/RSIT.exe

>Double-clique sur RSIT.exe qui se trouve sur le bureau

>Le programme se lance, choisi "1month" et clique sur "continue"

>Laisse faire l'outil et poste le rapport qui s'affiche.


>Voici un tuto d'aide :

https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
0
lenoill7931 Messages postés 16 Date d'inscription jeudi 7 janvier 2010 Statut Membre Dernière intervention 21 décembre 2010
8 janv. 2010 à 20:09
Logfile of random's system information tool 1.06 (written by random/random)
Run by Zangetsu at 2010-01-08 20:08:14
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 21 GB (14%) free of 153 GB
Total RAM: 1023 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:08:16, on 8/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zangetsu\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Zangetsu.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {84938242-5C5B-4A55-B6B9-A1507543B418} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\system32\WinUpd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamini.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: RAID Manager.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.gateietool.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.gateietool.com/redirect.php (file missing)
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O21 - SSODL: breadthes - {5c4f2cbc-f32d-4a03-9812-86f39379811b} - (no file)
O22 - SharedTaskScheduler: breadthes - {5c4f2cbc-f32d-4a03-9812-86f39379811b} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1c99d09aa69c136) (gupdate1c99d09aa69c136) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 20:59
Fait ceci :


/!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs(uac)

https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

Téléchargez Lop S&D.exe sur le Bureau



https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Certaines infections bloquent les telechargements d' outils de desinfection utilisez ce lien alternatif:
http://ww38.toofiles.com/fr/oip/documents/exe/yop4.html

* Double-cliquez dessus pour lancer l'installation

* Puis double-cliquez sur le raccourci Lop S&D présent sur le Bureau

* Séléctionnez la langue souhaitée, puis choisir l'option 1 (Recherche)

* Patientez jusqu'à la fin du scan

* Postez le rapport généré sur un forum(C:\lopR.txt)


Tutorial (aide) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956­.htm
0
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 22:04
La suite :


/!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs(uac)

https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac


* Puis double-cliquez sur le raccourci Lop S&D présent sur le Bureau

* Séléctionnez la langue souhaitée, puis choisir l'option 2 (Suppression)

* Patientez jusqu'à la fin du scan

* Postez le rapport généré sur un forum(C:\lopR.txt)


Tutorial (aide) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956­.htm
0
lenoill7931 Messages postés 16 Date d'inscription jeudi 7 janvier 2010 Statut Membre Dernière intervention 21 décembre 2010
8 janv. 2010 à 22:48
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 06/17/05 12:02:26 Ver: 08.00.10
USER : Zangetsu ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1368 [VPS 100108-0] 4.8.1368 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:20 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( ven. 08/01/2010|22:07 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[04/11/2009|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/06/2008|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10/06/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[13/05/2009|23:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[16/09/2006|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[03/07/2007|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[22/06/2006|10:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[27/07/2009|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
[20/04/2009|09:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/01/2010|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[27/06/2006|15:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[08/06/2009|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Insight Software
[08/06/2009|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Insight Software Solutions
[04/09/2009|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[17/09/2006|08:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[27/07/2009|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
[26/08/2009|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[11/03/2009|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[21/10/2009|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[05/09/2009|04:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA Corporation
[16/08/2006|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[06/03/2009|06:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[04/09/2009|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\page
[04/09/2009|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
[16/09/2006|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[05/06/2009|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PMB Files
[18/10/2009|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[26/03/2009|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[18/07/2006|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[22/03/2008|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[11/11/2009|08:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/08/2006|13:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/03/2008|09:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/03/2008|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[02/03/2007|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[25/05/2009|06:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[08/04/2008|20:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[23/11/2009|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[23/11/2009|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[22/06/2006|09:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[22/06/2006|09:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft


[25/05/2009|15:48] C:\DOCUME~1\Sylvain\APPLIC~1\Adobe
[02/06/2009|10:05] C:\DOCUME~1\Sylvain\APPLIC~1\Creative
[18/04/2009|16:17] C:\DOCUME~1\Sylvain\APPLIC~1\Google
[18/04/2009|16:15] C:\DOCUME~1\Sylvain\APPLIC~1\Identities
[20/04/2009|10:14] C:\DOCUME~1\Sylvain\APPLIC~1\Macromedia
[10/06/2009|12:13] C:\DOCUME~1\Sylvain\APPLIC~1\Microsoft
[22/05/2009|16:55] C:\DOCUME~1\Sylvain\APPLIC~1\Mozilla
[06/05/2009|09:23] C:\DOCUME~1\Sylvain\APPLIC~1\Real
[18/04/2009|16:17] C:\DOCUME~1\Sylvain\APPLIC~1\Yahoo!

[25/11/2008|17:54] C:\DOCUME~1\Zangetsu\APPLIC~1\AccurateRip
[22/09/2009|18:41] C:\DOCUME~1\Zangetsu\APPLIC~1\Adobe
[09/06/2008|20:42] C:\DOCUME~1\Zangetsu\APPLIC~1\AdobeUM
[29/11/2009|14:19] C:\DOCUME~1\Zangetsu\APPLIC~1\app
[16/06/2009|18:09] C:\DOCUME~1\Zangetsu\APPLIC~1\Apple Computer
[30/03/2009|06:07] C:\DOCUME~1\Zangetsu\APPLIC~1\ArcSoft
[13/06/2009|12:59] C:\DOCUME~1\Zangetsu\APPLIC~1\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[15/02/2008|18:35] C:\DOCUME~1\Zangetsu\APPLIC~1\Creative
[19/06/2009|23:37] C:\DOCUME~1\Zangetsu\APPLIC~1\CyberLink
[08/04/2008|15:18] C:\DOCUME~1\Zangetsu\APPLIC~1\DAEMON Tools
[11/03/2008|17:02] C:\DOCUME~1\Zangetsu\APPLIC~1\DivX
[16/12/2009|21:03] C:\DOCUME~1\Zangetsu\APPLIC~1\Dofus 2
[28/11/2009|13:43] C:\DOCUME~1\Zangetsu\APPLIC~1\Dofus 2 Online
[02/12/2009|20:52] C:\DOCUME~1\Zangetsu\APPLIC~1\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[02/12/2009|20:59] C:\DOCUME~1\Zangetsu\APPLIC~1\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[09/12/2009|14:04] C:\DOCUME~1\Zangetsu\APPLIC~1\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[28/11/2009|13:18] C:\DOCUME~1\Zangetsu\APPLIC~1\DofusOnline.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[04/11/2009|17:39] C:\DOCUME~1\Zangetsu\APPLIC~1\DofusOnline.D3C9F6CBD45122AC696063EA7CD9E35E7469708A.1
[29/11/2009|14:19] C:\DOCUME~1\Zangetsu\APPLIC~1\DofusOnline-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[28/11/2009|13:49] C:\DOCUME~1\Zangetsu\APPLIC~1\dvdcss
[04/09/2009|20:57] C:\DOCUME~1\Zangetsu\APPLIC~1\EmailNotifier
[28/10/2009|21:48] C:\DOCUME~1\Zangetsu\APPLIC~1\fltk.org
[03/06/2009|16:59] C:\DOCUME~1\Zangetsu\APPLIC~1\FMZilla
[04/09/2009|20:14] C:\DOCUME~1\Zangetsu\APPLIC~1\GetRightToGo
[13/03/2008|21:31] C:\DOCUME~1\Zangetsu\APPLIC~1\GlobalSCAPE
[04/03/2009|21:43] C:\DOCUME~1\Zangetsu\APPLIC~1\Google
[23/02/2008|20:45] C:\DOCUME~1\Zangetsu\APPLIC~1\Help
[13/06/2009|12:54] C:\DOCUME~1\Zangetsu\APPLIC~1\HLSW
[14/02/2008|17:10] C:\DOCUME~1\Zangetsu\APPLIC~1\Identities
[26/06/2008|10:43] C:\DOCUME~1\Zangetsu\APPLIC~1\InstallShield
[04/09/2009|20:57] C:\DOCUME~1\Zangetsu\APPLIC~1\LimeWire
[17/02/2008|17:16] C:\DOCUME~1\Zangetsu\APPLIC~1\Macromedia
[23/02/2008|22:13] C:\DOCUME~1\Zangetsu\APPLIC~1\Media Player Classic
[12/11/2009|21:09] C:\DOCUME~1\Zangetsu\APPLIC~1\Microsoft
[27/08/2008|22:26] C:\DOCUME~1\Zangetsu\APPLIC~1\Mozilla
[18/10/2009|10:10] C:\DOCUME~1\Zangetsu\APPLIC~1\Real
[02/12/2009|20:52] C:\DOCUME~1\Zangetsu\APPLIC~1\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[29/11/2009|14:19] C:\DOCUME~1\Zangetsu\APPLIC~1\RegLocal.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[27/06/2009|13:02] C:\DOCUME~1\Zangetsu\APPLIC~1\Samsung
[05/01/2010|21:01] C:\DOCUME~1\Zangetsu\APPLIC~1\Skype
[11/04/2008|19:23] C:\DOCUME~1\Zangetsu\APPLIC~1\skypePM
[24/02/2008|15:47] C:\DOCUME~1\Zangetsu\APPLIC~1\Sun
[04/09/2009|14:54] C:\DOCUME~1\Zangetsu\APPLIC~1\SystemRequirementsLab
[28/12/2008|22:05] C:\DOCUME~1\Zangetsu\APPLIC~1\teamspeak2
[08/01/2010|21:32] C:\DOCUME~1\Zangetsu\APPLIC~1\vlc
[16/03/2008|20:53] C:\DOCUME~1\Zangetsu\APPLIC~1\WinRAR
[22/11/2008|15:23] C:\DOCUME~1\Zangetsu\APPLIC~1\Xfire
[11/03/2008|17:02] C:\DOCUME~1\Zangetsu\APPLIC~1\Yahoo!

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[08/01/2010 21:59][--a--c---] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1614895754-725345543-1008UA.job
[08/01/2010 19:59][--a--c---] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1614895754-725345543-1008Core.job
[08/01/2010 21:44][--a--c---] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[08/01/2010 19:45][--a--c---] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[08/01/2010 19:45][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[07/01/2010 19:32][--a--c---] C:\WINDOWS\tasks\HP Usg Daily.job
[08/01/2010 19:44][--ah-c---] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[20/08/2006|03:31] C:\Program Files\ACE Mega CoDecS Pack
[22/09/2009|18:40] C:\Program Files\Adobe
[08/01/2010|19:41] C:\Program Files\Ad-Remover
[18/10/2009|15:54] C:\Program Files\adslTV
[05/09/2009|04:21] C:\Program Files\AGEIA Technologies
[22/06/2006|09:55] C:\Program Files\Ahead
[22/03/2008|16:21] C:\Program Files\Alwil Software
[20/04/2008|08:26] C:\Program Files\Ankama Games
[16/06/2009|18:08] C:\Program Files\Apple Software Update
[26/06/2008|11:33] C:\Program Files\ArcSoft
[04/09/2009|20:54] C:\Program Files\Ashampoo
[04/09/2009|14:32] C:\Program Files\ASUS
[22/06/2006|09:51] C:\Program Files\ASUSTeK
[16/12/2008|22:20] C:\Program Files\Audacity
[03/07/2007|17:03] C:\Program Files\Audible
[23/03/2007|19:58] C:\Program Files\Auralog
[08/12/2007|07:58] C:\Program Files\azertyuiop
[20/12/2006|12:00] C:\Program Files\Azureus
[16/03/2008|14:13] C:\Program Files\Battleships Forever
[30/05/2009|19:47] C:\Program Files\BitLord
[18/10/2009|15:57] C:\Program Files\Bonjour
[24/12/2006|23:01] C:\Program Files\Boonty
[17/09/2006|10:54] C:\Program Files\BoontyGames
[07/08/2009|12:32] C:\Program Files\CamStudio
[27/06/2009|16:16] C:\Program Files\CCleaner
[04/09/2009|20:57] C:\Program Files\Cheat Engine
[26/08/2009|14:51] C:\Program Files\Circle Dvelopement
[27/04/2009|16:30] C:\Program Files\Common Files
[22/06/2006|09:12] C:\Program Files\ComPlus Applications
[13/06/2008|17:55] C:\Program Files\Convertor
[09/06/2009|20:28] C:\Program Files\Creative
[03/07/2007|17:00] C:\Program Files\Creative Installation Information
[19/10/2009|15:46] C:\Program Files\CursorXP
[22/06/2006|10:00] C:\Program Files\CyberLink
[09/04/2008|17:53] C:\Program Files\DAEMON Tools Lite
[07/08/2009|12:00] C:\Program Files\DebugMode
[05/12/2006|20:25] C:\Program Files\Dial-Messenger
[27/06/2009|13:03] C:\Program Files\DIFX
[02/11/2009|08:16] C:\Program Files\DivX
[16/12/2009|21:38] C:\Program Files\Dofus
[03/12/2009|13:58] C:\Program Files\Dofus 2
[28/11/2009|09:39] C:\Program Files\Dofus 2 Online
[12/09/2009|21:07] C:\Program Files\DofusArena2
[10/09/2009|17:26] C:\Program Files\DofusBeta
[13/06/2009|13:00] C:\Program Files\DofusCalc
[17/01/2008|17:44] C:\Program Files\Eidos
[29/04/2009|19:03] C:\Program Files\Eltima Software
[09/08/2006|13:57] C:\Program Files\eMule
[16/03/2008|14:12] C:\Program Files\Fatal Hearts Demo
[04/11/2009|15:53] C:\Program Files\Fichiers communs
[04/09/2009|20:57] C:\Program Files\FlashGet
[23/09/2009|17:20] C:\Program Files\Free Audio Pack
[14/10/2009|15:41] C:\Program Files\Free Music Zilla
[27/06/2006|16:39] C:\Program Files\GlobalSCAPE
[11/03/2008|22:42] C:\Program Files\GOA
[22/12/2009|18:56] C:\Program Files\Google
[06/12/2008|18:34] C:\Program Files\Gpotato.eu
[03/12/2009|21:10] C:\Program Files\Graphmatica
[05/05/2008|20:32] C:\Program Files\Gravity
[18/01/2008|19:32] C:\Program Files\H-Craft_Demo_v1_2
[27/06/2006|15:30] C:\Program Files\Hewlett-Packard
[04/12/2008|16:40] C:\Program Files\HP
[07/08/2009|12:03] C:\Program Files\HyCam2
[25/11/2008|19:11] C:\Program Files\Illustrate
[28/10/2009|16:38] C:\Program Files\InstallShield Installation Information
[22/06/2006|09:38] C:\Program Files\Intel
[08/01/2010|19:40] C:\Program Files\Internet Explorer
[22/06/2006|09:47] C:\Program Files\ITE
[04/11/2009|08:19] C:\Program Files\Java
[03/08/2009|22:51] C:\Program Files\Justdo Software
[06/03/2008|20:46] C:\Program Files\K-Lite Codec Pack
[16/03/2008|14:12] C:\Program Files\Kong
[17/02/2009|19:53] C:\Program Files\LimeWire
[28/10/2009|16:38] C:\Program Files\Logitech
[25/05/2007|18:29] C:\Program Files\LucasArts
[04/09/2009|22:59] C:\Program Files\ma-config.com
[24/01/2007|13:18] C:\Program Files\Malware-Wiped
[27/06/2009|13:02] C:\Program Files\MarkAny
[22/06/2006|09:46] C:\Program Files\Marvell
[22/12/2006|00:41] C:\Program Files\Media Player Classic
[17/09/2006|08:37] C:\Program Files\Mes Jeux T‚l‚charg‚s
[26/08/2008|17:33] C:\Program Files\Messenger
[26/08/2009|14:51] C:\Program Files\Messenger Plus! Live
[17/12/2008|18:36] C:\Program Files\M‚tronome - Version D‚mo
[02/10/2009|15:56] C:\Program Files\Microsoft
[02/03/2008|01:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/11/2008|19:59] C:\Program Files\Microsoft Encarta
[22/06/2006|09:16] C:\Program Files\microsoft frontpage
[22/11/2008|17:13] C:\Program Files\Microsoft Games
[08/09/2009|16:35] C:\Program Files\Microsoft Office
[02/10/2009|16:01] C:\Program Files\Microsoft Office Outlook Connector
[10/09/2009|15:37] C:\Program Files\Microsoft Silverlight
[02/03/2008|09:12] C:\Program Files\Microsoft SQL Server Compact Edition
[08/04/2008|16:07] C:\Program Files\Microsoft.NET
[26/08/2008|17:30] C:\Program Files\Movie Maker
[07/01/2010|17:42] C:\Program Files\Mozilla Firefox
[07/08/2009|12:47] C:\Program Files\MSBuild
[08/09/2009|16:34] C:\Program Files\MSECACHE
[23/06/2006|19:43] C:\Program Files\MSN
[22/06/2006|09:12] C:\Program Files\MSN Gaming Zone
[08/01/2010|19:40] C:\Program Files\MSN Messenger
[15/11/2006|21:39] C:\Program Files\MSXML 4.0
[23/02/2008|22:20] C:\Program Files\MX Simulator
[04/09/2009|14:27] C:\Program Files\My Company Name
[26/06/2008|10:46] C:\Program Files\MyDSC2
[02/06/2009|18:28] C:\Program Files\MyMediaRecorder (YouTube & Dailymotion Enabled)
[24/03/2009|20:56] C:\Program Files\NDSROM Player
[26/08/2008|17:27] C:\Program Files\NetMeeting
[16/05/2008|19:24] C:\Program Files\NetProject
[19/08/2006|22:05] C:\Program Files\NovaLogic
[05/09/2009|04:20] C:\Program Files\NVIDIA Corporation
[22/06/2006|09:12] C:\Program Files\Online Services
[20/08/2006|00:02] C:\Program Files\OpenOffice.org 2.0
[04/05/2008|17:47] C:\Program Files\Opera
[21/12/2009|10:58] C:\Program Files\osu!
[14/08/2009|08:34] C:\Program Files\Outlook Express
[28/11/2006|16:11] C:\Program Files\Overland
[05/06/2009|18:33] C:\Program Files\Pando Networks
[30/10/2009|17:45] C:\Program Files\Pcsx2
[19/08/2006|21:37] C:\Program Files\PhotoFiltre
[30/11/2008|17:43] C:\Program Files\Plus!
[01/04/2009|19:49] C:\Program Files\Real
[07/08/2009|12:46] C:\Program Files\Reference Assemblies
[12/05/2008|14:58] C:\Program Files\ReflexiveArcade
[08/01/2010|06:30] C:\Program Files\RomStation
[16/06/2009|18:08] C:\Program Files\Safari
[27/06/2009|13:01] C:\Program Files\Samsung
[13/07/2008|22:40] C:\Program Files\Satsuki Decoder Pack
[13/07/2008|22:40] C:\Program Files\SDPbackup
[22/06/2006|09:14] C:\Program Files\Services en ligne
[14/11/2006|15:55] C:\Program Files\Silkroad
[26/03/2009|17:05] C:\Program Files\Skype
[13/06/2009|12:59] C:\Program Files\Slayers Online
[12/05/2008|15:03] C:\Program Files\Slickball
[14/07/2008|11:04] C:\Program Files\Sun
[18/07/2006|16:42] C:\Program Files\support.com
[04/09/2009|14:54] C:\Program Files\SystemRequirementsLab
[13/04/2008|13:38] C:\Program Files\TaalNet1
[30/05/2009|13:24] C:\Program Files\Teamspeak2_RC2
[22/11/2008|15:09] C:\Program Files\THQ
[12/10/2009|17:55] C:\Program Files\TI Education
[24/11/2009|17:21] C:\Program Files\Trend Micro
[22/06/2006|09:33] C:\Program Files\Uninstall Information
[30/07/2009|04:38] C:\Program Files\Unlocker
[30/01/2008|18:04] C:\Program Files\Valve
[09/06/2009|20:29] C:\Program Files\Veoh Networks
[30/04/2008|01:55] C:\Program Files\Video ActiveX Object
[23/03/2009|17:35] C:\Program Files\VideoLAN
[11/12/2008|20:43] C:\Program Files\Wakfu
[02/10/2009|15:59] C:\Program Files\Windows Live
[02/03/2008|09:11] C:\Program Files\Windows Live Favorites
[13/01/2009|20:37] C:\Program Files\Windows Live SkyDrive
[13/01/2009|20:41] C:\Program Files\Windows Live Toolbar
[07/12/2006|15:30] C:\Program Files\Windows Media Connect 2
[04/09/2009|20:57] C:\Program Files\Windows Media Player
[26/08/2008|17:27] C:\Program Files\Windows NT
[22/06/2006|09:14] C:\Program Files\WindowsUpdate
[16/03/2008|20:53] C:\Program Files\WinRAR
[27/10/2009|14:00] C:\Program Files\World of Warcraft
[22/06/2006|09:16] C:\Program Files\xerox
[22/11/2008|15:22] C:\Program Files\Xfire
[11/03/2008|17:01] C:\Program Files\Yahoo!
[28/03/2007|16:10] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[21/10/2009|17:16] C:\Program Files\Fichiers communs\Adobe
[16/12/2009|21:06] C:\Program Files\Fichiers communs\Adobe AIR
[22/06/2006|09:55] C:\Program Files\Fichiers communs\Ahead
[10/06/2008|14:42] C:\Program Files\Fichiers communs\Apple
[13/05/2009|23:50] C:\Program Files\Fichiers communs\Blizzard Entertainment
[16/09/2006|18:44] C:\Program Files\Fichiers communs\BOONTY Shared
[03/07/2007|16:58] C:\Program Files\Fichiers communs\Creative
[08/04/2008|16:08] C:\Program Files\Fichiers communs\DESIGNER
[05/04/2009|19:10] C:\Program Files\Fichiers communs\DivX Shared
[27/06/2006|15:29] C:\Program Files\Fichiers communs\HP
[22/06/2006|09:50] C:\Program Files\Fichiers communs\InstallShield
[16/09/2006|12:36] C:\Program Files\Fichiers communs\Java
[03/08/2009|22:51] C:\Program Files\Fichiers communs\Justdo
[28/10/2009|16:39] C:\Program Files\Fichiers communs\Logitech
[17/09/2006|08:37] C:\Program Files\Fichiers communs\Macrovision Shared
[08/09/2009|16:35] C:\Program Files\Fichiers communs\Microsoft Shared
[22/06/2006|09:13] C:\Program Files\Fichiers communs\MSSoap
[22/06/2006|16:53] C:\Program Files\Fichiers communs\ODBC
[18/10/2009|10:09] C:\Program Files\Fichiers communs\Real
[22/06/2006|09:13] C:\Program Files\Fichiers communs\Services
[22/06/2006|16:53] C:\Program Files\Fichiers communs\SpeechEngines
[22/03/2008|15:52] C:\Program Files\Fichiers communs\Symantec Shared
[02/10/2009|16:01] C:\Program Files\Fichiers communs\System
[12/10/2009|17:54] C:\Program Files\Fichiers communs\TI Shared
[09/01/2009|18:04] C:\Program Files\Fichiers communs\Windows Live
[02/03/2008|09:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/09/2009|04:22] C:\Program Files\Fichiers communs\Wise Installation Wizard
[18/10/2009|10:08] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 58 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 22:10:04
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 44

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:16][D:5]-> C:\DOCUME~1\Zangetsu\LOCALS~1\Temp
[F:16][D:0]-> C:\DOCUME~1\Zangetsu\Cookies
[F:50][D:5]-> C:\DOCUME~1\Zangetsu\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - ven. 08/01/2010|21:04 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - ven. 08/01/2010|22:11 - Option : [2]

--------------------\\ Fin du rapport a 22:11:10
0
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
9 janv. 2010 à 09:15
Reposte un nouveau rapport RSIT stp.
0
lenoill7931 Messages postés 16 Date d'inscription jeudi 7 janvier 2010 Statut Membre Dernière intervention 21 décembre 2010
9 janv. 2010 à 12:57
Logfile of random's system information tool 1.06 (written by random/random)
Run by Zangetsu at 2010-01-09 12:55:25
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 21 GB (14%) free of 153 GB
Total RAM: 1023 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:33, on 9/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zangetsu\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Zangetsu.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {84938242-5C5B-4A55-B6B9-A1507543B418} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\system32\WinUpd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Zangetsu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamini.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: RAID Manager.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.gateietool.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.gateietool.com/redirect.php (file missing)
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/...
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O21 - SSODL: breadthes - {5c4f2cbc-f32d-4a03-9812-86f39379811b} - (no file)
O22 - SharedTaskScheduler: breadthes - {5c4f2cbc-f32d-4a03-9812-86f39379811b} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1c99d09aa69c136) (gupdate1c99d09aa69c136) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
9 janv. 2010 à 13:10
Fait ceci :


1->Telecharge Hijackthis puis :


- Ferme toutes tes applications ( navigateur compris ) et déconnecte toi .

Lance Hijackthis mais click sur " Do a scan only "
Tu vois donc apparaitre le résultat du scan : une multitudes de lignes ,chacunes précédées d'un carré vide .
Tu vas cliquer sur les carrés des lignes suivantes :

O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\system32\WinUpd.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamini.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe

O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E}

O21 - SSODL: breadthes - {5c4f2cbc-f32d-4a03-9812-86f39379811b} - (no file)
O22 - SharedTaskScheduler: breadthes - {5c4f2cbc-f32d-4a03-9812-86f39379811b} - (no file)

O3 - Toolbar: (no name) - {84938242-5C5B-4A55-B6B9-A1507543B418} - (no file)
O4 - Global Startup: RAID Manager.lnk = ?
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.gateietool.com/redirect.php (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe


O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')


O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe



Tu cliques en bas sur le bouton FIX CHECKED et valides.



2-•/!\ Utilisateur de Vista : Ne pas oublier de désactiver l’UAC juste le temps de désinfection de ton pc, il sera à réactiver plus tard :
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac­er-l-uac
Télécharge OtmoveIT (de Old_Timer) sur ton Bureau
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
https://www.androidworld.fr/
(c est le numéro 7 en bas de la page) :

* Double-clique sur OTMoveIt.exe pour le lancer.
/!\Utilisateur de Vista : Clique droit sur le logo de OtmoveIT, « exécuter en tant qu’Administrateur »
* Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.

* Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.


:processes
explorer.exe
:files
C:\Program Files\Video ActiveX Object\isamonitor.exe
C:\Program Files\NetProject\scit.exe
C:\Program Files\BitLord\BitLord.exe
C:\WINDOWS\system32\WinUpd.exe

:services
Boonty Games


:Commands
[emptytemp]
[purity]
[start explorer]
[Reboot]




# clique sur MoveIt! pour lancer la suppression.
# Le résultat apparaitra dans le cadre "Results".
# Clique sur Exit pour fermer.
# Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
# Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.
0
lenoill7931 Messages postés 16 Date d'inscription jeudi 7 janvier 2010 Statut Membre Dernière intervention 21 décembre 2010
9 janv. 2010 à 14:00
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\Program Files\Video ActiveX Object\isamonitor.exe not found.
File/Folder C:\Program Files\NetProject\scit.exe not found.
C:\Program Files\BitLord\BitLord.exe moved successfully.
C:\WINDOWS\system32\WinUpd.exe moved successfully.
========== SERVICES/DRIVERS ==========
Service Boonty Games stopped successfully!
Service Boonty Games deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 2476192 bytes
->Google Chrome cache emptied: 9932973 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1476593 bytes

User: ROBERT
->Temporary Internet Files folder emptied: 44735911 bytes

User: Sylvain
->Temp folder emptied: 49092 bytes
->Temporary Internet Files folder emptied: 54008277 bytes
->FireFox cache emptied: 34186594 bytes

User: Zangetsu
->Temp folder emptied: 541205 bytes
->Temporary Internet Files folder emptied: 2837462 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55751491 bytes
->Google Chrome cache emptied: 51096966 bytes
->Apple Safari cache emptied: 32561499 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114937 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 82283 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 10963522 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 289,00 mb


OTM by OldTimer - Version 3.1.4.0 log created on 01092010_135305

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_4f4.dat not found!

Registry entries deleted on Reboot...
0
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
9 janv. 2010 à 17:38
Ok, :


>Telecharge malwarebytes ici :


https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

. sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. enregistres le sur le bureau
/!\Utilisateur de Vista : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu’Administrateur »

. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0
lenoill7931 Messages postés 16 Date d'inscription jeudi 7 janvier 2010 Statut Membre Dernière intervention 21 décembre 2010
9 janv. 2010 à 20:27
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3527
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

9/01/2010 20:20:09
mbam-log-2010-01-09 (20-20-09).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 365726
Temps écoulé: 1 hour(s), 53 minute(s), 2 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 49

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{035c1836-0d78-dabc-f4a7-d5d0517ee1f9} (Rogue.MalwareWiped) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoPl.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video ActiveX Object (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\717305 (Trojan.BHO) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Zangetsu\Bureau\dossiers\      \pcsx2\plugins\PadSSSPSX-PM.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Zangetsu\Mes documents\rom\Pcsx2\plugins\PadSSSPSX.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\DOCUME~1\Zangetsu\APPLIC~1\DESKTO~1\eBayShortcuts.exe.vir (Adware.ADON) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MSNMES~1\riched20.dll.vir (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\2.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\2.bin\MWSOEPLG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\2.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\F3RESTUB.DLL.vir (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\F3SCHMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\M3HTML.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\M3IDLE.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\M3OUTLCN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\M3SKIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\M3SKPLAY.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\M3SLSRCH.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\MWSOEPLG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\bar\3.bin\NPMYWEBS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\SrchAstt\2.bin\MWSSRCAS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MYWEBS~1\SrchAstt\3.bin\MWSSRCAS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Pcsx2\plugins\PadSSSPSX.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP761\A0342062.rbf (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP777\A0348832.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360256.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360292.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360257.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360258.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360259.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360269.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360270.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360275.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360276.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360278.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360279.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360280.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360281.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360282.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360283.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360284.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360285.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360286.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360287.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360289.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360290.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D4D554E-43F7-4911-A9F5-299A1A1DA073}\RP797\A0360294.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
0