Trojan horse
Résolu/Fermé
A voir également:
- Trojan horse
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Csrss.exe trojan ✓ - Forum Virus
- [Virus] Trojan ou virus dans csrss.exe et spo - Forum Virus
- Problème csrss.exe, virus? ✓ - Forum Virus
- Trojan b901 ✓ - Forum Virus
27 réponses
voila pour lop
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Home Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) X2 Dual-Core Mobile RM-74 )
BIOS : Default System BIOS
USER : eshak ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:286 Go (Free:195 Go)
D:\ (Local Disk) - NTFS - Total:11 Go (Free:1 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 09.03.2010| 9:53 )
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Users\eshak\AppData\Local\Temp\nsbBBE0.tmp
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[06.03.2010|22:04] C:\Users\eshak\AppData\Local\Adobe
[17.11.2009|23:05] C:\Users\eshak\AppData\Local\Application Data
[17.11.2009|23:30] C:\Users\eshak\AppData\Local\ATI
[17.11.2009|23:31] C:\Users\eshak\AppData\Local\AtStart.txt
[06.03.2010|22:15] C:\Users\eshak\AppData\Local\C44FA4CE-85A5-463A-9526-4B6A6EE31322.txt
[06.03.2010|23:54] C:\Users\eshak\AppData\Local\d3d9caps.dat
[08.03.2010|00:21] C:\Users\eshak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[17.11.2009|23:31] C:\Users\eshak\AppData\Local\DSwitch.txt
[27.02.2010|00:23] C:\Users\eshak\AppData\Local\GDIPFONTCACHEV1.DAT
[08.02.2010|20:18] C:\Users\eshak\AppData\Local\Google
[21.11.2009|23:43] C:\Users\eshak\AppData\Local\Hewlett-Packard
[17.11.2009|23:05] C:\Users\eshak\AppData\Local\History
[08.03.2010|22:20] C:\Users\eshak\AppData\Local\IconCache.db
[06.03.2010|22:26] C:\Users\eshak\AppData\Local\Microsoft
[03.01.2010|22:15] C:\Users\eshak\AppData\Local\Microsoft Games
[17.11.2009|23:10] C:\Users\eshak\AppData\Local\Microsoft Help
[17.11.2009|23:31] C:\Users\eshak\AppData\Local\QSwitch.txt
[17.11.2009|23:14] C:\Users\eshak\AppData\Local\Seven Zip
[09.03.2010|09:53] C:\Users\eshak\AppData\Local\Temp
[17.11.2009|23:05] C:\Users\eshak\AppData\Local\Temporary Internet Files
[18.11.2009|00:57] C:\Users\eshak\AppData\Local\VirtualStore
[18.11.2009|13:34] C:\Users\eshak\AppData\Local\Yahoo
[18.11.2009|00:53] C:\Users\eshak\AppData\Local\Yahoo!
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[09.03.2010 09:44][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{1B5256F6-5FF3-408F-9DE9-D72B5B4C11A6}.job
[08.03.2010 21:39][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[09.03.2010 09:43][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[21.02.2010 12:37][--a------] C:\Windows\tasks\HPCeeScheduleForeshak.job
[09.03.2010 09:43][--ah-----] C:\Windows\tasks\SA.DAT
[08.03.2010 22:20][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[21.01.2009|12:14] C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[17.11.2009|23:14] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[17.11.2008|15:03] C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[21.01.2009|12:13] C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[17.11.2008|14:57] C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[21.01.2009|12:11] C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[21.01.2009|12:13] C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[17.11.2008|14:55] C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[17.11.2008|15:03] C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[21.01.2009|12:14] C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[04.12.2009|00:52] C:\ProgramData\Adobe
[17.11.2008|15:15] C:\ProgramData\AOL
[02.11.2006|14:02] C:\ProgramData\Application Data
[21.01.2009|11:33] C:\ProgramData\Atheros
[21.01.2009|12:18] C:\ProgramData\ATI
[06.03.2010|22:30] C:\ProgramData\AVG Security Toolbar
[06.03.2010|22:28] C:\ProgramData\avg9
[25.12.2009|19:40] C:\ProgramData\CanonBJ
[18.11.2009|14:27] C:\ProgramData\CyberLink
[02.11.2006|14:02] C:\ProgramData\Desktop
[02.11.2006|14:02] C:\ProgramData\Documents
[02.11.2006|14:02] C:\ProgramData\Favorites
[10.12.2009|21:11] C:\ProgramData\Google
[21.01.2009|12:14] C:\ProgramData\Hewlett-Packard
[07.03.2010|17:42] C:\ProgramData\Malwarebytes
[23.11.2009|20:49] C:\ProgramData\Microsoft
[10.12.2009|21:40] C:\ProgramData\Microsoft Help
[17.01.2010|18:05] C:\ProgramData\Norton
[17.11.2008|14:03] C:\ProgramData\NortonInstaller
[07.03.2010|22:55] C:\ProgramData\ntuser.pol
[24.01.2010|00:41] C:\ProgramData\Office Genuine Advantage
[05.03.2010|00:40] C:\ProgramData\Real
[07.03.2010|22:38] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|14:02] C:\ProgramData\Start Menu
[17.11.2009|23:32] C:\ProgramData\Symantec
[21.01.2009|12:14] C:\ProgramData\Temp
[02.11.2006|14:02] C:\ProgramData\Templates
[22.11.2009|01:07] C:\ProgramData\WildTangent
[18.11.2009|00:53] C:\ProgramData\Yahoo!
[17.01.2010|18:26] C:\ProgramData\Yahoo! Companion
--------------------\\ Listing des dossiers dans C:\Program Files
[03.01.2010|17:11] C:\Program Files\A4Tech
[17.11.2009|23:14] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[17.11.2009|23:09] C:\Program Files\Adobe
[21.01.2009|11:33] C:\Program Files\AMD
[17.11.2008|15:15] C:\Program Files\AOL
[21.01.2009|11:33] C:\Program Files\Atheros
[21.01.2009|11:24] C:\Program Files\ATI
[21.01.2009|11:26] C:\Program Files\ATI Technologies
[06.03.2010|22:28] C:\Program Files\AVG
[21.01.2009|11:32] C:\Program Files\Cisco
[17.01.2010|18:07] C:\Program Files\Common Files
[17.11.2008|15:04] C:\Program Files\CyberLink
[21.01.2009|11:28] C:\Program Files\DIFX
[18.11.2009|02:18] C:\Program Files\DivX
[06.03.2010|23:03] C:\Program Files\EasyBits For Kids
[07.12.2009|19:07] C:\Program Files\FreeTime
[10.12.2009|21:11] C:\Program Files\Google
[21.01.2009|12:10] C:\Program Files\Hewlett-Packard
[03.12.2009|22:58] C:\Program Files\HP
[17.11.2008|14:52] C:\Program Files\HP Games
[21.01.2009|11:31] C:\Program Files\IDT
[21.01.2009|12:14] C:\Program Files\InstallShield Installation Information
[31.01.2010|23:01] C:\Program Files\Internet Explorer
[10.12.2009|21:08] C:\Program Files\Java
[23.11.2009|20:51] C:\Program Files\Microsoft
[02.11.2006|13:37] C:\Program Files\Microsoft Games
[17.11.2009|23:12] C:\Program Files\Microsoft Office
[24.01.2010|00:39] C:\Program Files\Microsoft Silverlight
[23.11.2009|20:46] C:\Program Files\Microsoft SQL Server Compact Edition
[23.11.2009|20:49] C:\Program Files\Microsoft Sync Framework
[23.11.2009|22:31] C:\Program Files\Microsoft Works
[17.11.2009|23:12] C:\Program Files\Microsoft.NET
[30.11.2009|02:51] C:\Program Files\Movie Maker
[02.11.2006|13:37] C:\Program Files\MSBuild
[20.11.2009|01:25] C:\Program Files\MSXML 4.0
[17.11.2009|23:20] C:\Program Files\Online Services
[18.11.2009|01:12] C:\Program Files\PoivY.com
[06.12.2009|00:14] C:\Program Files\Real
[21.01.2009|11:31] C:\Program Files\Realtek
[02.11.2006|13:37] C:\Program Files\Reference Assemblies
[17.11.2009|23:30] C:\Program Files\SMINST
[07.03.2010|22:39] C:\Program Files\Spybot - Search & Destroy
[21.01.2009|11:27] C:\Program Files\Synaptics
[07.03.2010|21:10] C:\Program Files\Trend Micro
[02.11.2006|14:01] C:\Program Files\Uninstall Information
[04.12.2009|00:54] C:\Program Files\uTorrent
[06.12.2009|01:01] C:\Program Files\VideoLAN
[30.11.2009|02:51] C:\Program Files\Windows Calendar
[30.11.2009|02:51] C:\Program Files\Windows Collaboration
[30.11.2009|02:51] C:\Program Files\Windows Defender
[30.11.2009|02:51] C:\Program Files\Windows Journal
[23.11.2009|20:50] C:\Program Files\Windows Live
[23.11.2009|20:43] C:\Program Files\Windows Live SkyDrive
[12.02.2010|22:32] C:\Program Files\Windows Mail
[30.11.2009|02:51] C:\Program Files\Windows Media Player
[02.11.2006|13:37] C:\Program Files\Windows NT
[30.11.2009|02:51] C:\Program Files\Windows Photo Gallery
[06.12.2009|23:22] C:\Program Files\Windows Portable Devices
[30.11.2009|02:51] C:\Program Files\Windows Sidebar
[18.11.2009|00:53] C:\Program Files\Yahoo!
[07.03.2010|22:43] C:\Program Files\ZHPDiag
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[17.11.2009|23:08] C:\Program Files\Common Files\Adobe
[17.11.2009|23:09] C:\Program Files\Common Files\Adobe AIR
[17.11.2009|23:12] C:\Program Files\Common Files\DESIGNER
[18.11.2009|02:17] C:\Program Files\Common Files\DivX Shared
[17.11.2008|15:39] C:\Program Files\Common Files\InstallShield
[17.11.2008|15:28] C:\Program Files\Common Files\Java
[21.01.2009|12:02] C:\Program Files\Common Files\LightScribe
[26.11.2009|22:22] C:\Program Files\Common Files\microsoft shared
[18.11.2009|02:18] C:\Program Files\Common Files\PX Storage Engine
[06.12.2009|00:14] C:\Program Files\Common Files\Real
[02.11.2006|12:18] C:\Program Files\Common Files\Services
[02.11.2006|12:18] C:\Program Files\Common Files\SpeechEngines
[30.11.2009|02:51] C:\Program Files\Common Files\System
[23.11.2009|20:37] C:\Program Files\Common Files\Windows Live
[06.12.2009|00:14] C:\Program Files\Common Files\xing shared
--------------------\\ Process
( 93 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-09 09:54:31
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MSNIWPL\google_no[7].txt 12279 bytes
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:220][D:74]-> C:\Users\eshak\AppData\Local\Temp
[F:458][D:1]-> C:\Users\eshak\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2214][D:5]-> C:\Users\eshak\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 08.03.2010|12:29 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09.03.2010| 9:57 - Option : [2]
--------------------\\ Fin du rapport a 9:57:10
[ UAC => 1 ]
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Home Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) X2 Dual-Core Mobile RM-74 )
BIOS : Default System BIOS
USER : eshak ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:286 Go (Free:195 Go)
D:\ (Local Disk) - NTFS - Total:11 Go (Free:1 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 09.03.2010| 9:53 )
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Users\eshak\AppData\Local\Temp\nsbBBE0.tmp
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[06.03.2010|22:04] C:\Users\eshak\AppData\Local\Adobe
[17.11.2009|23:05] C:\Users\eshak\AppData\Local\Application Data
[17.11.2009|23:30] C:\Users\eshak\AppData\Local\ATI
[17.11.2009|23:31] C:\Users\eshak\AppData\Local\AtStart.txt
[06.03.2010|22:15] C:\Users\eshak\AppData\Local\C44FA4CE-85A5-463A-9526-4B6A6EE31322.txt
[06.03.2010|23:54] C:\Users\eshak\AppData\Local\d3d9caps.dat
[08.03.2010|00:21] C:\Users\eshak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[17.11.2009|23:31] C:\Users\eshak\AppData\Local\DSwitch.txt
[27.02.2010|00:23] C:\Users\eshak\AppData\Local\GDIPFONTCACHEV1.DAT
[08.02.2010|20:18] C:\Users\eshak\AppData\Local\Google
[21.11.2009|23:43] C:\Users\eshak\AppData\Local\Hewlett-Packard
[17.11.2009|23:05] C:\Users\eshak\AppData\Local\History
[08.03.2010|22:20] C:\Users\eshak\AppData\Local\IconCache.db
[06.03.2010|22:26] C:\Users\eshak\AppData\Local\Microsoft
[03.01.2010|22:15] C:\Users\eshak\AppData\Local\Microsoft Games
[17.11.2009|23:10] C:\Users\eshak\AppData\Local\Microsoft Help
[17.11.2009|23:31] C:\Users\eshak\AppData\Local\QSwitch.txt
[17.11.2009|23:14] C:\Users\eshak\AppData\Local\Seven Zip
[09.03.2010|09:53] C:\Users\eshak\AppData\Local\Temp
[17.11.2009|23:05] C:\Users\eshak\AppData\Local\Temporary Internet Files
[18.11.2009|00:57] C:\Users\eshak\AppData\Local\VirtualStore
[18.11.2009|13:34] C:\Users\eshak\AppData\Local\Yahoo
[18.11.2009|00:53] C:\Users\eshak\AppData\Local\Yahoo!
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[09.03.2010 09:44][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{1B5256F6-5FF3-408F-9DE9-D72B5B4C11A6}.job
[08.03.2010 21:39][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[09.03.2010 09:43][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[21.02.2010 12:37][--a------] C:\Windows\tasks\HPCeeScheduleForeshak.job
[09.03.2010 09:43][--ah-----] C:\Windows\tasks\SA.DAT
[08.03.2010 22:20][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[21.01.2009|12:14] C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[17.11.2009|23:14] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[17.11.2008|15:03] C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[21.01.2009|12:13] C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[17.11.2008|14:57] C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[21.01.2009|12:11] C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[21.01.2009|12:13] C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[17.11.2008|14:55] C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[17.11.2008|15:03] C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[21.01.2009|12:14] C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[04.12.2009|00:52] C:\ProgramData\Adobe
[17.11.2008|15:15] C:\ProgramData\AOL
[02.11.2006|14:02] C:\ProgramData\Application Data
[21.01.2009|11:33] C:\ProgramData\Atheros
[21.01.2009|12:18] C:\ProgramData\ATI
[06.03.2010|22:30] C:\ProgramData\AVG Security Toolbar
[06.03.2010|22:28] C:\ProgramData\avg9
[25.12.2009|19:40] C:\ProgramData\CanonBJ
[18.11.2009|14:27] C:\ProgramData\CyberLink
[02.11.2006|14:02] C:\ProgramData\Desktop
[02.11.2006|14:02] C:\ProgramData\Documents
[02.11.2006|14:02] C:\ProgramData\Favorites
[10.12.2009|21:11] C:\ProgramData\Google
[21.01.2009|12:14] C:\ProgramData\Hewlett-Packard
[07.03.2010|17:42] C:\ProgramData\Malwarebytes
[23.11.2009|20:49] C:\ProgramData\Microsoft
[10.12.2009|21:40] C:\ProgramData\Microsoft Help
[17.01.2010|18:05] C:\ProgramData\Norton
[17.11.2008|14:03] C:\ProgramData\NortonInstaller
[07.03.2010|22:55] C:\ProgramData\ntuser.pol
[24.01.2010|00:41] C:\ProgramData\Office Genuine Advantage
[05.03.2010|00:40] C:\ProgramData\Real
[07.03.2010|22:38] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|14:02] C:\ProgramData\Start Menu
[17.11.2009|23:32] C:\ProgramData\Symantec
[21.01.2009|12:14] C:\ProgramData\Temp
[02.11.2006|14:02] C:\ProgramData\Templates
[22.11.2009|01:07] C:\ProgramData\WildTangent
[18.11.2009|00:53] C:\ProgramData\Yahoo!
[17.01.2010|18:26] C:\ProgramData\Yahoo! Companion
--------------------\\ Listing des dossiers dans C:\Program Files
[03.01.2010|17:11] C:\Program Files\A4Tech
[17.11.2009|23:14] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[17.11.2009|23:09] C:\Program Files\Adobe
[21.01.2009|11:33] C:\Program Files\AMD
[17.11.2008|15:15] C:\Program Files\AOL
[21.01.2009|11:33] C:\Program Files\Atheros
[21.01.2009|11:24] C:\Program Files\ATI
[21.01.2009|11:26] C:\Program Files\ATI Technologies
[06.03.2010|22:28] C:\Program Files\AVG
[21.01.2009|11:32] C:\Program Files\Cisco
[17.01.2010|18:07] C:\Program Files\Common Files
[17.11.2008|15:04] C:\Program Files\CyberLink
[21.01.2009|11:28] C:\Program Files\DIFX
[18.11.2009|02:18] C:\Program Files\DivX
[06.03.2010|23:03] C:\Program Files\EasyBits For Kids
[07.12.2009|19:07] C:\Program Files\FreeTime
[10.12.2009|21:11] C:\Program Files\Google
[21.01.2009|12:10] C:\Program Files\Hewlett-Packard
[03.12.2009|22:58] C:\Program Files\HP
[17.11.2008|14:52] C:\Program Files\HP Games
[21.01.2009|11:31] C:\Program Files\IDT
[21.01.2009|12:14] C:\Program Files\InstallShield Installation Information
[31.01.2010|23:01] C:\Program Files\Internet Explorer
[10.12.2009|21:08] C:\Program Files\Java
[23.11.2009|20:51] C:\Program Files\Microsoft
[02.11.2006|13:37] C:\Program Files\Microsoft Games
[17.11.2009|23:12] C:\Program Files\Microsoft Office
[24.01.2010|00:39] C:\Program Files\Microsoft Silverlight
[23.11.2009|20:46] C:\Program Files\Microsoft SQL Server Compact Edition
[23.11.2009|20:49] C:\Program Files\Microsoft Sync Framework
[23.11.2009|22:31] C:\Program Files\Microsoft Works
[17.11.2009|23:12] C:\Program Files\Microsoft.NET
[30.11.2009|02:51] C:\Program Files\Movie Maker
[02.11.2006|13:37] C:\Program Files\MSBuild
[20.11.2009|01:25] C:\Program Files\MSXML 4.0
[17.11.2009|23:20] C:\Program Files\Online Services
[18.11.2009|01:12] C:\Program Files\PoivY.com
[06.12.2009|00:14] C:\Program Files\Real
[21.01.2009|11:31] C:\Program Files\Realtek
[02.11.2006|13:37] C:\Program Files\Reference Assemblies
[17.11.2009|23:30] C:\Program Files\SMINST
[07.03.2010|22:39] C:\Program Files\Spybot - Search & Destroy
[21.01.2009|11:27] C:\Program Files\Synaptics
[07.03.2010|21:10] C:\Program Files\Trend Micro
[02.11.2006|14:01] C:\Program Files\Uninstall Information
[04.12.2009|00:54] C:\Program Files\uTorrent
[06.12.2009|01:01] C:\Program Files\VideoLAN
[30.11.2009|02:51] C:\Program Files\Windows Calendar
[30.11.2009|02:51] C:\Program Files\Windows Collaboration
[30.11.2009|02:51] C:\Program Files\Windows Defender
[30.11.2009|02:51] C:\Program Files\Windows Journal
[23.11.2009|20:50] C:\Program Files\Windows Live
[23.11.2009|20:43] C:\Program Files\Windows Live SkyDrive
[12.02.2010|22:32] C:\Program Files\Windows Mail
[30.11.2009|02:51] C:\Program Files\Windows Media Player
[02.11.2006|13:37] C:\Program Files\Windows NT
[30.11.2009|02:51] C:\Program Files\Windows Photo Gallery
[06.12.2009|23:22] C:\Program Files\Windows Portable Devices
[30.11.2009|02:51] C:\Program Files\Windows Sidebar
[18.11.2009|00:53] C:\Program Files\Yahoo!
[07.03.2010|22:43] C:\Program Files\ZHPDiag
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[17.11.2009|23:08] C:\Program Files\Common Files\Adobe
[17.11.2009|23:09] C:\Program Files\Common Files\Adobe AIR
[17.11.2009|23:12] C:\Program Files\Common Files\DESIGNER
[18.11.2009|02:17] C:\Program Files\Common Files\DivX Shared
[17.11.2008|15:39] C:\Program Files\Common Files\InstallShield
[17.11.2008|15:28] C:\Program Files\Common Files\Java
[21.01.2009|12:02] C:\Program Files\Common Files\LightScribe
[26.11.2009|22:22] C:\Program Files\Common Files\microsoft shared
[18.11.2009|02:18] C:\Program Files\Common Files\PX Storage Engine
[06.12.2009|00:14] C:\Program Files\Common Files\Real
[02.11.2006|12:18] C:\Program Files\Common Files\Services
[02.11.2006|12:18] C:\Program Files\Common Files\SpeechEngines
[30.11.2009|02:51] C:\Program Files\Common Files\System
[23.11.2009|20:37] C:\Program Files\Common Files\Windows Live
[06.12.2009|00:14] C:\Program Files\Common Files\xing shared
--------------------\\ Process
( 93 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-09 09:54:31
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MSNIWPL\google_no[7].txt 12279 bytes
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:220][D:74]-> C:\Users\eshak\AppData\Local\Temp
[F:458][D:1]-> C:\Users\eshak\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2214][D:5]-> C:\Users\eshak\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 08.03.2010|12:29 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09.03.2010| 9:57 - Option : [2]
--------------------\\ Fin du rapport a 9:57:10
[ UAC => 1 ]
et pour rsit cette fois pas d infotxt juste log j espere que c est normal
Logfile of random's system information tool 1.06 (written by random/random)
Run by eshak at 2010-03-09 10:07:38
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 200 GB (68%) free of 293 GB
Total RAM: 3069 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:07:42, on 09.03.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\PoivY.com\PoivY\PoivY.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\ytbb.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Users\eshak\Desktop\RSIT.exe
C:\Program Files\trend micro\eshak.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [PoivY] "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Googles oppdateringstjeneste (gupdate1ca67ecf57615e0) (gupdate1ca67ecf57615e0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by eshak at 2010-03-09 10:07:38
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 200 GB (68%) free of 293 GB
Total RAM: 3069 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:07:42, on 09.03.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\PoivY.com\PoivY\PoivY.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\ytbb.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Users\eshak\Desktop\RSIT.exe
C:\Program Files\trend micro\eshak.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [PoivY] "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Googles oppdateringstjeneste (gupdate1ca67ecf57615e0) (gupdate1ca67ecf57615e0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
Utilisateur anonyme
Modifié par Guillaume5188 le 9/03/2010 à 18:26
Modifié par Guillaume5188 le 9/03/2010 à 18:26
Bonsoir
? Rends toi sur ce site :
https://www.virustotal.com/gui/
? Clique sur " parcourir ", cherche ces fichiers :
C:\Windows\system32\C44FA4CE-85A5-463A-9526-4B6A6EE31322.txt
? Clique sur Send File.
? Un rapport va s'élaborer ligne à ligne.
? Attends la fin. Il doit comprendre la taille du fichier envoyé.
? Sauvegarde le rapport avec le bloc-notes.
? Copie le dans ta réponse.
(!) Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyser le fichier maintenant
@+
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
? Rends toi sur ce site :
https://www.virustotal.com/gui/
? Clique sur " parcourir ", cherche ces fichiers :
C:\Windows\system32\C44FA4CE-85A5-463A-9526-4B6A6EE31322.txt
? Clique sur Send File.
? Un rapport va s'élaborer ligne à ligne.
? Attends la fin. Il doit comprendre la taille du fichier envoyé.
? Sauvegarde le rapport avec le bloc-notes.
? Copie le dans ta réponse.
(!) Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyser le fichier maintenant
@+
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
Bonsoir,
j'ai rendu l'ordinateur à mon beau-frère. Ca fait trois jours que je lui pique et là il ne comprend plus pourquoi parce qu'il ne voit pas de changement, son ordi marche tout à fait normalement...
Pour le programme à la con je l'ai supprimé en passant par ajout/suppression des programmes de toutes façons il ne s'en servait pas donc...
J'espère qu'il n'y a plus de virus ?
De toutes façons merci beaucoup pour votre aide :)
Vous avez beaucoup de patience, j'admire *chapeau bas*
j'ai rendu l'ordinateur à mon beau-frère. Ca fait trois jours que je lui pique et là il ne comprend plus pourquoi parce qu'il ne voit pas de changement, son ordi marche tout à fait normalement...
Pour le programme à la con je l'ai supprimé en passant par ajout/suppression des programmes de toutes façons il ne s'en servait pas donc...
J'espère qu'il n'y a plus de virus ?
De toutes façons merci beaucoup pour votre aide :)
Vous avez beaucoup de patience, j'admire *chapeau bas*
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
9 mars 2010 à 20:22
9 mars 2010 à 20:22
Re
Donc ;le problème est résolu?
Je te propose de clore ce post.
@+
Donc ;le problème est résolu?
Je te propose de clore ce post.
@+
