Problème de pubs sur EI - Page 6

Résolu
Précédent
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
Réponse 101 / 183
raffiné Messages postés 217 Statut Membre 1
 
pour la question précédente oui dr web les a mis en quarantaine .voici le rapport OAD

16/11/2007 ---- 16:09:32,45

----------------------------------
§§§§§§ [fonts/svchost.exe ] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete

********************
[Registre]
********************

Aucune entrée détectée

*******************
[Fichier]
*******************

*********************
[Même date]
*********************

Aucun fichier créé à la même date détecté

Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
0
Réponse 102 / 183
chrifleur Messages postés 1099 Statut Contributeur 18
 
bien!!! antivir a vraiment travaillé comme un chef!!!
on va y arriver!!!
vide ta quarantaine de antivir supprimer pas restaurer!!

supprime Dr Web

redémarre en mode sans échec et scanne à nouveau avec antivir
je pense que le rapport devrait être bien plus court cette fois ci...
tu me le postes

supprime combofix, si tu ne l'as pas déjà fait...
il faut toujours le dernière version de ce genre d'outil...

Télécharge combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
désactive ton antivirus, antispyware, et Spybot (résident) durant l'utilisation de ComboFix . Merci. Tu réactives ensuite.
Double clique combofix.exe.
Tape sur la touche Y (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
0
Réponse 103 / 183
raffiné Messages postés 217 Statut Membre 1
 
antivir est en train de scanner dés que j'ai le résulta je t'envoie le rapport l'osque j'ai redemarer l'ordi une fois tous installer sur le bureau le message suivant est apparu

erreur de chargement de c:\ windows\ system 32\ snaegqwb.dll

le module spécifié est introuvable dans le passer déja eu ce genre de message j'ai cliclé sur ok est c'est parti
0
Réponse 104 / 183
raffiné Messages postés 217 Statut Membre 1
 
j'ai oublier d'écrie RUNDLL erreur de chargement de c:\ windows\ system 32\ snaegqwb.dll

le module spécifié est introuvable dans le passer déja eu ce genre de message j'ai cliclé sur ok est c'est parti
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 105 / 183
chrifleur Messages postés 1099 Statut Contributeur 18
 
pour ce message, aucun problème, c'est une ligne à fixer dans hijack this, un programme infectieux qui veut se lancer mais qui a été supprimé...
tu me remettras un rapport hijack this que je vois cela...
j'attends ton rapport antiivir
0
Réponse 106 / 183
raffiné Messages postés 217 Statut Membre 1
 
voici le rapport antivir effectivement il est beaucoup plus court il parait déja plus sain

AntiVir PersonalEdition Classic
Report file date: vendredi 16 novembre 2007 16:53

Scanning for 932349 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: MORAND-FAMILY

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:16
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:56
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 14:05:14
ANTIVIR3.VDF : 7.0.0.225 96256 Bytes 16/11/2007 14:04:28
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 15/11/2007 14:05:14
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:02
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:22

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: vendredi 16 novembre 2007 16:53

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'shellmon.exe' - '1' Module(s) have been scanned
Scan process 'AOLSP Scheduler.exe' - '1' Module(s) have been scanned
Scan process 'Printkey 2000 Fr.exe' - '1' Module(s) have been scanned
Scan process 'AOLTRAY.EXE' - '1' Module(s) have been scanned
Scan process 'WAOL.EXE' - '1' Module(s) have been scanned
Scan process 'MSMSGS.EXE' - '1' Module(s) have been scanned
Scan process 'robotaskbaricon.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'VSNPSTD2.EXE' - '1' Module(s) have been scanned
Scan process 'WINAMPA.EXE' - '1' Module(s) have been scanned
Scan process 'E_FATI9BE.EXE' - '1' Module(s) have been scanned
Scan process 'QTTASK.EXE' - '1' Module(s) have been scanned
Scan process 'aolsoftware.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'MsPMSPSv.exe' - '1' Module(s) have been scanned
Scan process 'SYMLCSVC.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
41 processes with 41 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '31' files ).

Starting the file scan:

Begin scan in 'C:\' <FFM74F4>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll
[WARNING] The file could not be opened!
Begin scan in 'F:\' <HOME>

End of the scan: vendredi 16 novembre 2007 17:43
Used time: 49:13 min

The scan has been done completely.

7544 Scanning directories
437800 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
437800 Files not concerned
12936 Archives were scanned
3 Warnings
4 Notes
0
Réponse 107 / 183
raffiné Messages postés 217 Statut Membre 1
 
voila le rapport de combofix

ComboFix 07-11-08.1 - NUNUR 2007-11-16 17:52:46.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.229 [GMT 1:00]
Running from: C:\Documents and Settings\NUNUR\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\BRIAN\Bureau\Live Safety Center.lnk
C:\Documents and Settings\BRIAN\Bureau\Online Security Guide.lnk
C:\Documents and Settings\BRIAN\Favoris\Online Security Guide.lnk
C:\Documents and Settings\NUNUR\Favoris\Online Security Guide.lnk
C:\WINDOWS\cookies.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-16 to 2007-11-16 ))))))))))))))))))))))))))))))))))))
.

2007-11-16 17:52 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-16 10:38 <REP> d-------- C:\Documents and Settings\NUNUR\DoctorWeb
2007-11-15 15:03 <REP> d-------- C:\Program Files\Avira
2007-11-15 15:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-14 12:50 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-13 14:46 <REP> d-------- C:\Program Files\Navilog1
2007-11-13 12:53 3,764 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-13 11:29 <REP> d-------- C:\Documents and Settings\All Users\Modèles
2007-11-11 12:15 88,128 --a------ C:\WINDOWS\system32\gfntpoqj.dll
2007-11-10 23:42 <REP> d-------- C:\Documents and Settings\BRIAN\Application Data\vlc
2007-11-10 18:36 <REP> d-------- C:\HHeJay
2007-11-09 20:27 <REP> d-------- C:\Program Files\CCleaner
2007-11-09 16:06 <REP> d-------- C:\Program Files\Trend Micro
2007-11-08 22:08 4,608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys
2007-11-08 20:15 <REP> d-------- C:\Program Files\RegCleaner
2007-11-08 18:20 <REP> d-------- C:\Program Files\Alwil Software
2007-11-08 09:37 <REP> d-------- C:\WINDOWS\Sun
2007-11-08 09:24 172 --a------ C:\1444.bat
2007-11-07 15:32 <REP> d-------- C:\WINDOWS\system32\Mz18r
2007-11-07 10:31 35,328 --a------ C:\WINDOWS\system32\byxvtqr.dll
2007-11-07 09:11 35,328 --a------ C:\WINDOWS\system32\xxyywwv.dll
2007-11-06 12:24 35,328 --a------ C:\WINDOWS\system32\vtusrrq.dll
2007-11-06 10:11 <REP> d-------- C:\Documents and Settings\DYLAN\Application Data\AOL
2007-11-06 10:05 35,328 --a------ C:\WINDOWS\system32\nnnlllk.dll
2007-11-06 08:34 35,328 --a------ C:\WINDOWS\system32\ljjkhed.dll
2007-11-05 12:17 35,328 --a------ C:\WINDOWS\system32\wvutrqn.dll
2007-11-05 12:17 786 --a------ C:\6946.bat
2007-11-05 11:26 83,008 --a------ C:\WINDOWS\system32\ebkarbda.dll
2007-11-05 09:36 <REP> d-------- C:\Documents and Settings\BRIAN\Application Data\LimeWire
2007-11-05 09:32 35,328 --a------ C:\WINDOWS\system32\efcdebx.dll
2007-11-04 23:13 786 --a------ C:\3191.bat
2007-11-04 23:12 35,328 --a------ C:\WINDOWS\system32\pmnmnnl.dll
2007-11-04 23:12 786 --a------ C:\3295.bat
2007-11-04 16:39 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-11-04 16:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-04 01:14 <REP> d-------- C:\Documents and Settings\NUNUR\Application Data\LimeWire
2007-11-02 18:00 <REP> d-------- C:\Program Files\DofusArena2
2007-10-31 18:03 <REP> d-------- C:\Program Files\GrabIt
2007-10-30 12:36 <REP> d-------- C:\Hermes
2007-10-30 12:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Samsung
2007-10-30 12:33 137,884 -ra------ C:\WINDOWS\system32\drivers\sscdmdm.sys
2007-10-30 12:33 80,272 -ra------ C:\WINDOWS\system32\drivers\sscdbus.sys
2007-10-30 12:33 11,877 -ra------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
2007-10-30 12:33 11,877 -ra------ C:\WINDOWS\system32\drivers\sscdcm.sys
2007-10-30 12:33 11,188 -ra------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
2007-10-30 12:33 11,188 -ra------ C:\WINDOWS\system32\drivers\sscdwh.sys
2007-10-30 12:33 10,864 -ra------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
2007-10-30 12:31 <REP> d-------- C:\Program Files\Samsung
2007-10-28 00:31 <REP> d-------- C:\Documents and Settings\BRIAN\Application Data\Leadertech
2007-10-27 18:33 <REP> d-------- C:\Program Files\Messenger Plus! Live
2007-10-27 18:28 <REP> d-------- C:\Documents and Settings\NOLAN\Contacts
2007-10-27 18:27 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-10-27 18:26 <REP> d-------- C:\Documents and Settings\NOLAN\WINDOWS
2007-10-27 18:26 <REP> d--h----- C:\Documents and Settings\NOLAN\Voisinage réseau
2007-10-27 18:26 <REP> d---s---- C:\Documents and Settings\NOLAN\UserData
2007-10-27 18:26 <REP> d--h----- C:\Documents and Settings\NOLAN\Modèles
2007-10-27 18:26 <REP> dr------- C:\Documents and Settings\NOLAN\Mes documents
2007-10-27 18:26 <REP> dr------- C:\Documents and Settings\NOLAN\Menu Démarrer
2007-10-27 18:26 <REP> dr------- C:\Documents and Settings\NOLAN\Favoris
2007-10-27 18:26 <REP> d-------- C:\Documents and Settings\NOLAN\Bureau
2007-10-27 18:26 <REP> d-------- C:\Documents and Settings\NOLAN\Application Data\Roxio
2007-10-27 18:26 <REP> d-------- C:\Documents and Settings\NOLAN\Application Data\CyberLink
2007-10-27 14:57 <REP> d-------- C:\Documents and Settings\NUNUR\Application Data\SlySoft
2007-10-27 13:55 <REP> d-------- C:\Documents and Settings\NUNUR\Application Data\Leadertech
2007-10-22 22:15 <REP> d-------- C:\Documents and Settings\NUNUR\Shared
2007-10-22 22:14 <REP> d-------- C:\Program Files\Java
2007-10-22 22:13 <REP> d-------- C:\Program Files\Fichiers communs\Java
2007-10-22 22:07 <REP> d-------- C:\Program Files\BearShare Applications
2007-10-20 22:51 155 --a------ C:\WINDOWS\system32\netwbix32.dll
2007-10-20 14:21 <REP> d-------- C:\Program Files\Lemoncast
2007-10-18 21:01 <REP> d-------- C:\WINDOWS\system32\LogFiles
2007-10-18 21:01 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-10-16 16:45 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-10-16 16:45 54,784 --a------ C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-10-16 16:33 308,224 --a------ C:\WINDOWS\IsUn040c.exe
2007-10-16 16:31 <REP> d-------- C:\Program Files\Fichiers communs\snpstd2
2007-10-16 16:31 302,720 --a------ C:\WINDOWS\system32\drivers\snpstd2.sys
2007-10-16 16:31 245,408 --a------ C:\WINDOWS\system32\unicows.dll
2007-10-16 16:31 61,440 --a------ C:\WINDOWS\system32\csnpstd2.dll
2007-10-16 16:31 53,248 --a------ C:\WINDOWS\system32\dsnpstd2.dll
2007-10-16 16:31 40,960 --a------ C:\WINDOWS\vsnpstd2.exe
2007-10-16 16:31 40,960 --a------ C:\WINDOWS\system32\rsnpstd2.dll
2007-10-16 16:31 36,864 --a------ C:\WINDOWS\system32\vsnpstd2.dll
2007-10-16 16:31 20,480 --a------ C:\WINDOWS\usnpstd2.exe
2007-10-16 16:09 <REP> d-------- C:\Program Files\Fichiers communs\snct511
2007-10-16 16:09 307,200 --a------ C:\WINDOWS\vidcap32.exe
2007-10-16 16:09 229,376 --a------ C:\WINDOWS\system32\drivers\snct511.sys
2007-10-16 16:09 61,440 --a------ C:\WINDOWS\system32\dsnct511.dll
2007-10-16 16:09 49,152 --a------ C:\WINDOWS\system32\vsnct511.dll
2007-10-16 16:09 28,672 --a------ C:\WINDOWS\vsnct511.exe
2007-10-16 16:09 20,480 --a------ C:\WINDOWS\dsnct511.exe
2007-10-16 15:59 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2007-10-16 15:59 <REP> d-------- C:\Program Files\Windows Media Components
2007-10-16 15:59 <REP> d-------- C:\Program Files\Mingjong
2007-10-16 15:57 53,248 --a------ C:\WINDOWS\amcap.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-10 08:34 --------- d-----w C:\Program Files\Micro Application
2007-10-09 22:14 --------- d-----w C:\Program Files\TryMedia
2007-10-09 22:14 --------- d-----w C:\Program Files\InterVideo
2007-10-09 15:40 --------- d-----w C:\Documents and Settings\BRIAN\Application Data\AOL
2007-10-06 16:49 --------- d-----w C:\Documents and Settings\DYLAN\Application Data\vlc
2007-10-05 22:37 --------- d-----w C:\Program Files\AC3Filter
2007-10-02 17:22 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\InfraRecorder
2007-10-02 13:49 --------- d-----w C:\Program Files\CDex
2007-09-30 12:56 --------- d-----w C:\Program Files\eMule
2007-09-28 09:37 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\MSN6
2007-09-28 09:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\MSN6
2007-09-27 21:28 --------- d-----w C:\Program Files\AviSynth 2.5
2007-09-27 21:26 --------- d-----w C:\Program Files\Ripp-it_AM
2007-09-27 16:40 --------- d-----w C:\Program Files\Simple PDF
2007-09-27 15:54 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-09-26 16:31 --------- d-----w C:\Documents and Settings\DYLAN\Application Data\Ecran de veille
2007-09-26 14:07 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-09-25 15:51 --------- d-----w C:\Program Files\Fichiers communs\Scanner
2007-09-25 08:21 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\Ahead
2007-09-24 20:43 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\AdobeUM
2007-09-24 20:38 --------- d-----w C:\Program Files\DVD Shrink
2007-09-24 20:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-09-24 17:30 --------- d-----w C:\Program Files\Google
2007-09-24 13:00 --------- d-----w C:\Program Files\Siber Systems
2007-09-24 13:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\RoboForm
2007-09-24 11:59 --------- d-----w C:\Program Files\PrintKey 2000 Fr
2007-09-24 11:47 --------- d-----w C:\Program Files\MSN Messenger
2007-09-24 11:43 --------- d-----w C:\Program Files\Winamp
2007-09-24 11:40 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\vlc
2007-09-24 11:39 --------- d-----w C:\Program Files\VideoLAN
2007-09-24 11:37 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\Smart Panel
2007-09-24 11:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
2007-09-24 11:30 --------- d-----w C:\Program Files\Smart Panel
2007-09-24 11:28 --------- d-----w C:\Program Files\epson
2007-09-24 10:41 --------- d-----w C:\Program Files\QuickTime
2007-09-24 10:41 --------- d-----w C:\Program Files\Learn2.com
2007-09-24 10:41 --------- d-----w C:\Program Files\AOL Compagnon
2007-09-24 10:41 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\You've Got Pictures Screensaver
2007-09-24 10:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
2007-09-24 10:40 8,552 ----a-w C:\WINDOWS\system32\drivers\asctrm.sys
2007-09-24 10:40 --------- d-----w C:\Program Files\Real
2007-09-24 10:40 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-09-24 10:40 --------- d-----w C:\Program Files\AOL 9.0
2007-09-24 10:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-09-24 10:05 --------- d-----w C:\Program Files\Fichiers communs\Nero
2007-09-24 10:03 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-09-24 10:03 --------- d-----w C:\Program Files\Ahead
2007-09-24 10:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2007-09-24 09:52 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\AOL
2007-09-24 09:51 --------- d-----w C:\Program Files\Viewpoint
2007-09-24 09:51 --------- d-----w C:\Program Files\Fichiers communs\Nullsoft
2007-09-24 09:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-09-24 09:50 --------- d-----w C:\Program Files\AOL 9.0 VR
2007-09-24 09:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-09-24 09:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-09-24 09:11 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Symantec
2007-09-24 08:53 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-09-24 08:53 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\Symantec
2007-09-24 08:42 --------- d-----w C:\Program Files\Fichiers communs\aolshare
2007-09-24 08:42 --------- d-----w C:\Program Files\AOL 8.0
2007-09-24 08:41 --------- d-----w C:\Program Files\Fichiers communs\AOL
2007-09-24 08:30 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
2007-09-24 08:30 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
2007-09-24 08:13 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-09-24 08:13 --------- d-----w C:\Program Files\AOLbox
2007-09-21 20:56 24,192 ----a-w C:\Documents and Settings\NUNUR\usbsermptxp.sys
2007-09-21 20:56 22,768 ----a-w C:\WINDOWS\system32\drivers\usbsermpt.sys
2007-09-21 20:56 22,768 ----a-w C:\Documents and Settings\NUNUR\usbsermpt.sys
2007-09-21 20:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\BVRP Software
2007-08-22 12:57 96,768 ------w C:\WINDOWS\system32\dllcache\inseng.dll
2007-08-22 12:57 669,696 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-22 12:57 620,032 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-22 12:57 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-22 12:57 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-22 12:57 474,624 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-08-22 12:57 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-22 12:57 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-08-22 12:57 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-08-22 12:57 3,085,824 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-22 12:57 251,904 ------w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-08-22 12:57 205,824 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-22 12:57 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-22 12:57 152,064 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-08-22 12:57 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-22 12:57 1,498,624 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-08-22 12:57 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-08-22 12:57 1,023,488 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-08-21 10:19 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2007-08-21 07:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 07:17 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 10:59 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 10:59 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 10:59 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 10:59 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 10:59 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 10:59 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-17 11:22 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2003-10-23 16:52 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( snapshot@2007-11-12_17.51.17.64 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-03-13 09:57:12 163,328 ----a-w C:\WINDOWS\erdnt\subs\F3M\ERDNT.EXE
- 2007-10-10 08:21:48 12,288 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-11-14 17:16:44 12,288 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2007-10-10 08:21:48 135,168 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-11-14 17:16:44 135,168 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-10-10 08:21:48 11,264 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2007-11-14 17:16:44 11,264 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-10-10 08:21:48 27,136 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-11-14 17:16:44 27,136 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-10-10 08:21:48 4,096 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-11-14 17:16:44 4,096 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2007-10-10 08:21:48 794,624 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-11-14 17:16:44 794,624 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-10-10 08:21:48 249,856 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-11-14 17:16:44 249,856 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2007-10-10 08:21:48 23,040 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-11-14 17:16:44 23,040 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-10-10 08:21:46 286,720 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2007-11-14 17:16:44 286,720 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-10-10 08:21:46 409,600 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-11-14 17:16:44 409,600 ----a-r C:\WINDOWS\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-08-09 12:04:12 40,768 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2007-07-18 13:22:20 21,312 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2007-11-15 14:05:14 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:38 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
+ 2002-08-21 04:10:16 204,800 ----a-w C:\WINDOWS\system32\INKED.DLL
+ 2005-05-16 18:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2006-03-20 12:17:24 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2006-03-20 12:17:20 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
- 2007-09-28 06:19:40 18,089,592 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-11-02 07:12:58 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
- 2006-12-19 22:49:48 8,509,952 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-25 16:43:26 8,516,608 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2002-08-21 04:13:12 189,952 ----a-w C:\WINDOWS\system32\WISPTIS.EXE
- 2007-08-21 10:50:52 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 15:07:16 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{088180AD-70EF-4C1D-AB23-E6EE9ACA18FE}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0B209275-6EE0-407C-A9FF-AD7E0EC3AD98}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C160F34-BF48-4849-94BE-457A136DAD1B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1C1DD717-53B2-485E-A17B-C9977C205E10}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25791D44-C0D3-4C39-937F-AF713D375660}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28D460C4-1C74-4D0D-8BB5-875A071CB6F5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2CEF41EC-BFCF-4BEA-A01A-18DBC973274B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{348F760A-FCAF-4703-94D8-0F9BBB2C2C98}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3FCCF749-C5A0-4941-81F2-2305C249B898}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41515D6E-7986-4643-88F6-9C62BF8A2CB3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{465FADD0-61FC-467A-8D43-ABA86B056D20}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{480BC6CF-1A62-4220-8A7E-DB4C29F8F7FD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{52945d56-b7f0-47b8-87dd-bf9dad386ad5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5BD69F69-1E68-45E0-8A15-CC95B4DB8487}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5E27209A-37FF-45C6-9C38-7E88B9114DB6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6669F3AF-F6B8-4A18-9665-F3B0DF2496FD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6A850F86-3B8D-4B62-B222-601FB9971D11}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6b6cd879-90ae-4172-be08-bcd015fdea0e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6BB415C4-DE26-4E1B-A3A2-7D155B24EF2B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7EAFDC3D-0E24-4ECE-80DB-BB5DBE63CCF9}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85e25d19-08be-4a5a-afd1-7ab77c86475c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8780F9AA-1D46-410A-A4D5-436DD9A3958D}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87A8E2C3-05E9-41F7-802B-2447F1DFECFD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87B8166D-5B9E-4AFB-B889-098CE589DBF9}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9177ef4d-addb-4307-8091-5e53fe7b5299}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95bb197c-3231-44fb-b92a-d774a91e6b42}]
C:\WINDOWS\system32\lhbbtoms.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A5B8E8E7-F0AD-4706-8F32-FA445E14689E}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A63D1678-5752-4707-9373-EED82A2141D9}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A75C902D-25C1-4C6D-A621-8636605EC3BF}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A995E20D-E25C-4180-BFCB-CD3D79BE3352}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF78DC4D-9983-4DCC-935B-40E45BACD126}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B012230C-373E-410D-947B-9281B8361DE0}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B8C7F479-A434-470D-9DF6-1A2A93E2F63A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BFA0FE9F-E173-4E2E-967B-83E8B7A20C3F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dc91ffeb-db15-4a9f-b398-fd3332b497f8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7E8CB79-BCE4-4EF0-9A05-D1775127D97E}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ECB4E168-7421-4BCE-8475-263DCECA2C6F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EF08CB24-7B84-4E24-BAE1-2B5FBD12AA1A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F328F8D8-48AB-414F-ADC5-3582B5C00DC3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 08:34 C:\WINDOWS\SOUNDMAN.EXE]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-09-29 13:23]
"nwiz"="nwiz.exe" [2004-09-29 13:23 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2004-09-29 13:23]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1190623827\ee\AOLSoftware.exe" [2006-09-26 02:52]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-24 11:41]
"EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe" [2004-03-04 05:00]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-02-13 20:29]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [2004-01-05 18:34]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []
"21551a7a"="C:\WINDOWS\system32\snaegqwb.dll" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2007-09-24 14:45]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 18:24]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
"AOL Fast Start"="C:\Program Files\AOL 9.0 VR\AOL.exe" [2007-06-21 13:44]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SpybotDeletingA6697"=command /c del "C:\WINDOWS\system32\noxqnobr.dllbox"
"SpybotDeletingC970"=cmd /c del "C:\WINDOWS\system32\noxqnobr.dllbox"

C:\Documents and Settings\NUNUR\Menu D‚marrer\Programmes\D‚marrage\
PrintKey 2000 Fr.lnk - C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe [2001-06-25 21:14:14]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
AOL 9.0 Ic“ne AOL.lnk - C:\Program Files\AOL 9.0\aoltray.exe [2007-09-24 11:40:16]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccyyxw]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnmnnl]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtusrrq]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvutrqn]

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
R3 snpstd2;USB PC Camera (SN9C103);C:\WINDOWS\system32\DRIVERS\snpstd2.sys
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
S3 SetupNTGLM7X;SetupNTGLM7X;\??\H:\NTGLM7X.sys
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys
S3 sscdmdfl;SAMSUNG CDMA Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
S3 sscdmdm;SAMSUNG CDMA Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-15 18:55:14 C:\WINDOWS\Tasks\Start AntiVir PersonalEdition Classic.job"
- C:\PROGRA~1\Avira\ANTIVI~1\avcenter.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-16 17:54:12
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-16 17:54:40
C:\ComboFix2.txt ... 2007-11-12 18:20
.
--- E O F ---
0
Réponse 108 / 183
raffiné Messages postés 217 Statut Membre 1
 
rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:09:37, on 16/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\AOL\1190623827\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
c:\program files\fichiers communs\aol\1190623827\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\Program Files\Fichiers communs\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {088180AD-70EF-4C1D-AB23-E6EE9ACA18FE} - (no file)
O2 - BHO: (no name) - {0B209275-6EE0-407C-A9FF-AD7E0EC3AD98} - (no file)
O2 - BHO: (no name) - {0C160F34-BF48-4849-94BE-457A136DAD1B} - (no file)
O2 - BHO: (no name) - {1C1DD717-53B2-485E-A17B-C9977C205E10} - (no file)
O2 - BHO: (no name) - {25791D44-C0D3-4C39-937F-AF713D375660} - (no file)
O2 - BHO: (no name) - {28D460C4-1C74-4D0D-8BB5-875A071CB6F5} - (no file)
O2 - BHO: (no name) - {2CEF41EC-BFCF-4BEA-A01A-18DBC973274B} - (no file)
O2 - BHO: (no name) - {348F760A-FCAF-4703-94D8-0F9BBB2C2C98} - (no file)
O2 - BHO: (no name) - {3FCCF749-C5A0-4941-81F2-2305C249B898} - (no file)
O2 - BHO: (no name) - {41515D6E-7986-4643-88F6-9C62BF8A2CB3} - (no file)
O2 - BHO: (no name) - {465FADD0-61FC-467A-8D43-ABA86B056D20} - (no file)
O2 - BHO: (no name) - {480BC6CF-1A62-4220-8A7E-DB4C29F8F7FD} - (no file)
O2 - BHO: (no name) - {52945d56-b7f0-47b8-87dd-bf9dad386ad5} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5BD69F69-1E68-45E0-8A15-CC95B4DB8487} - (no file)
O2 - BHO: (no name) - {5E27209A-37FF-45C6-9C38-7E88B9114DB6} - (no file)
O2 - BHO: (no name) - {6669F3AF-F6B8-4A18-9665-F3B0DF2496FD} - (no file)
O2 - BHO: (no name) - {6A850F86-3B8D-4B62-B222-601FB9971D11} - (no file)
O2 - BHO: (no name) - {6b6cd879-90ae-4172-be08-bcd015fdea0e} - (no file)
O2 - BHO: (no name) - {6BB415C4-DE26-4E1B-A3A2-7D155B24EF2B} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EAFDC3D-0E24-4ECE-80DB-BB5DBE63CCF9} - (no file)
O2 - BHO: (no name) - {85e25d19-08be-4a5a-afd1-7ab77c86475c} - (no file)
O2 - BHO: (no name) - {8780F9AA-1D46-410A-A4D5-436DD9A3958D} - (no file)
O2 - BHO: (no name) - {87A8E2C3-05E9-41F7-802B-2447F1DFECFD} - (no file)
O2 - BHO: (no name) - {87B8166D-5B9E-4AFB-B889-098CE589DBF9} - (no file)
O2 - BHO: (no name) - {9177ef4d-addb-4307-8091-5e53fe7b5299} - (no file)
O2 - BHO: {24b6e19a-477d-a29b-bf44-1323c791bb59} - {95bb197c-3231-44fb-b92a-d774a91e6b42} - C:\WINDOWS\system32\lhbbtoms.dll (file missing)
O2 - BHO: (no name) - {A5B8E8E7-F0AD-4706-8F32-FA445E14689E} - (no file)
O2 - BHO: (no name) - {A63D1678-5752-4707-9373-EED82A2141D9} - (no file)
O2 - BHO: (no name) - {A75C902D-25C1-4C6D-A621-8636605EC3BF} - (no file)
O2 - BHO: (no name) - {A995E20D-E25C-4180-BFCB-CD3D79BE3352} - (no file)
O2 - BHO: (no name) - {AF78DC4D-9983-4DCC-935B-40E45BACD126} - (no file)
O2 - BHO: (no name) - {B012230C-373E-410D-947B-9281B8361DE0} - (no file)
O2 - BHO: (no name) - {B8C7F479-A434-470D-9DF6-1A2A93E2F63A} - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: (no name) - {BFA0FE9F-E173-4E2E-967B-83E8B7A20C3F} - (no file)
O2 - BHO: (no name) - {dc91ffeb-db15-4a9f-b398-fd3332b497f8} - (no file)
O2 - BHO: (no name) - {E7E8CB79-BCE4-4EF0-9A05-D1775127D97E} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {ECB4E168-7421-4BCE-8475-263DCECA2C6F} - (no file)
O2 - BHO: (no name) - {EF08CB24-7B84-4E24-BAE1-2B5FBD12AA1A} - (no file)
O2 - BHO: (no name) - {F328F8D8-48AB-414F-ADC5-3582B5C00DC3} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1190623827\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [21551a7a] rundll32.exe "C:\WINDOWS\system32\snaegqwb.dll",b
O4 - HKLM\..\RunOnce: [SpybotDeletingA6697] command /c del "C:\WINDOWS\system32\noxqnobr.dllbox"
O4 - HKLM\..\RunOnce: [SpybotDeletingC970] cmd /c del "C:\WINDOWS\system32\noxqnobr.dllbox"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VR\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0025B105-D86F-4DD3-8514-40AC82D15FEA}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{00842C39-07B5-4B8A-8A97-6553530C20BB}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{08B65D70-FF0B-40CA-9472-7BC71AA49620}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F7639E0-8FEA-4B98-B804-24E9687EFFF8}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F95AA4E-968E-46C3-BD3C-E4EE273AE51E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E97F286-7974-4E41-9AEA-3649BD95E53F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{A07392D1-8423-4AFE-ABB8-D8C87C820981}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0025B105-D86F-4DD3-8514-40AC82D15FEA}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{0025B105-D86F-4DD3-8514-40AC82D15FEA}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - Winlogon Notify: fccyyxw - C:\WINDOWS\
O20 - Winlogon Notify: pmnmnnl - C:\WINDOWS\
O20 - Winlogon Notify: vtusrrq - C:\WINDOWS\
O20 - Winlogon Notify: wvutrqn - C:\WINDOWS\
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
0
Réponse 109 / 183
chrifleur Messages postés 1099 Statut Contributeur 18
 
C:\Program Files\Fichiers communs\Symantec Shared
tu peux supprimer ce dossier en gras
tu as bien supprimé Norton?
poste un rapport hijack this
0
Réponse 110 / 183
raffiné Messages postés 217 Statut Membre 1
 
je n'arrive pas a le supprimé le message suivant s'affiche :

Impossible de supprimer Symlcrst.dll.cette resouce est utilisé par une autre personne ou un autre programe fermez les programes suseptible d'utilisé le fichier et essayer a nouveau
0
Réponse 111 / 183
chrifleur Messages postés 1099 Statut Contributeur 18
 
j'examine tout cela
en attendant fais ceci
désactive le tea timer de spybot
lance spybot/outils/résident ==>décocher la case résident tea timer
tu le réactiveras en fin de désinfection...

supprime le live update de Norton (Symantec) par ajout suppression de programmes
Démarrer "Exécuter…" puis Tape "services.msc" et valide par OK
la fenêtre des Services s'ouvre => vérifier dans la partie inférieure que l'onglet "Etendu" est bien sélectionné, sinon faites le.
Planificateur LiveUpdate automatique
- Dans la colonne "Nom", DOUBLE CLIQUE sur le service noté en GRAS ci dessus, pour faire apparaître "Propriétés".
- Vérifie dans "Chemin d'accès des fichiers exécutables" qu'il s'agit bien de l'emplacement souligné.
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
- Puis clique sur Arrêter
- Dans le menu déroulant "Type de démarrage", sélectionne "Désactivé".
- valide la modification par OK
recommence avec celui ci
Symantec Core LC - Symantec Corporation
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
- Ferme la fenêtre des Services.

si encore présent supprime ce dossier en gras
C:\Program Files\Fichiers communs\Symantec Shared

lance hijack this pour un scan et coche les lignes suivante
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: (no name) - {088180AD-70EF-4C1D-AB23-E6EE9ACA18FE} - (no file)
O2 - BHO: (no name) - {0B209275-6EE0-407C-A9FF-AD7E0EC3AD98} - (no file)
O2 - BHO: (no name) - {0C160F34-BF48-4849-94BE-457A136DAD1B} - (no file)
O2 - BHO: (no name) - {1C1DD717-53B2-485E-A17B-C9977C205E10} - (no file)
O2 - BHO: (no name) - {25791D44-C0D3-4C39-937F-AF713D375660} - (no file)
O2 - BHO: (no name) - {28D460C4-1C74-4D0D-8BB5-875A071CB6F5} - (no file)
O2 - BHO: (no name) - {2CEF41EC-BFCF-4BEA-A01A-18DBC973274B} - (no file)
O2 - BHO: (no name) - {348F760A-FCAF-4703-94D8-0F9BBB2C2C98} - (no file)
O2 - BHO: (no name) - {3FCCF749-C5A0-4941-81F2-2305C249B898} - (no file)
O2 - BHO: (no name) - {41515D6E-7986-4643-88F6-9C62BF8A2CB3} - (no file)
O2 - BHO: (no name) - {465FADD0-61FC-467A-8D43-ABA86B056D20} - (no file)
O2 - BHO: (no name) - {480BC6CF-1A62-4220-8A7E-DB4C29F8F7FD} - (no file)
O2 - BHO: (no name) - {52945d56-b7f0-47b8-87dd-bf9dad386ad5} - (no file)
O2 - BHO: (no name) - {5BD69F69-1E68-45E0-8A15-CC95B4DB8487} - (no file)
O2 - BHO: (no name) - {5E27209A-37FF-45C6-9C38-7E88B9114DB6} - (no file)
O2 - BHO: (no name) - {6669F3AF-F6B8-4A18-9665-F3B0DF2496FD} - (no file)
O2 - BHO: (no name) - {6A850F86-3B8D-4B62-B222-601FB9971D11} - (no file)
O2 - BHO: (no name) - {6b6cd879-90ae-4172-be08-bcd015fdea0e} - (no file)
O2 - BHO: (no name) - {6BB415C4-DE26-4E1B-A3A2-7D155B24EF2B} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EAFDC3D-0E24-4ECE-80DB-BB5DBE63CCF9} - (no file)
O2 - BHO: (no name) - {85e25d19-08be-4a5a-afd1-7ab77c86475c} - (no file)
O2 - BHO: (no name) - {8780F9AA-1D46-410A-A4D5-436DD9A3958D} - (no file)
O2 - BHO: (no name) - {87A8E2C3-05E9-41F7-802B-2447F1DFECFD} - (no file)
O2 - BHO: (no name) - {87B8166D-5B9E-4AFB-B889-098CE589DBF9} - (no file)
O2 - BHO: (no name) - {9177ef4d-addb-4307-8091-5e53fe7b5299} - (no file)
O2 - BHO: {24b6e19a-477d-a29b-bf44-1323c791bb59} - {95bb197c-3231-44fb-b92a-d774a91e6b42} - C:\WINDOWS\system32\lhbbtoms.dll (file missing)
O2 - BHO: (no name) - {A5B8E8E7-F0AD-4706-8F32-FA445E14689E} - (no file)
O2 - BHO: (no name) - {A63D1678-5752-4707-9373-EED82A2141D9} - (no file)
O2 - BHO: (no name) - {A75C902D-25C1-4C6D-A621-8636605EC3BF} - (no file)
O2 - BHO: (no name) - {A995E20D-E25C-4180-BFCB-CD3D79BE3352} - (no file)
O2 - BHO: (no name) - {AF78DC4D-9983-4DCC-935B-40E45BACD126} - (no file)
O2 - BHO: (no name) - {B012230C-373E-410D-947B-9281B8361DE0} - (no file)
O2 - BHO: (no name) - {B8C7F479-A434-470D-9DF6-1A2A93E2F63A} - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: (no name) - {BFA0FE9F-E173-4E2E-967B-83E8B7A20C3F} - (no file)
O2 - BHO: (no name) - {dc91ffeb-db15-4a9f-b398-fd3332b497f8} - (no file)
O2 - BHO: (no name) - {E7E8CB79-BCE4-4EF0-9A05-D1775127D97E} - (no file)
O2 - BHO: (no name) - {ECB4E168-7421-4BCE-8475-263DCECA2C6F} - (no file)
O2 - BHO: (no name) - {EF08CB24-7B84-4E24-BAE1-2B5FBD12AA1A} - (no file)
O2 - BHO: (no name) - {F328F8D8-48AB-414F-ADC5-3582B5C00DC3} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [21551a7a] rundll32.exe "C:\WINDOWS\system32\snaegqwb.dll",b
O4 - HKLM\..\RunOnce: [SpybotDeletingA6697] command /c del "C:\WINDOWS\system32\noxqnobr.dllbox"
O4 - HKLM\..\RunOnce: [SpybotDeletingC970] cmd /c del "C:\WINDOWS\system32\noxqnobr.dllbox"
O20 - Winlogon Notify: fccyyxw - C:\WINDOWS\
O20 - Winlogon Notify: pmnmnnl - C:\WINDOWS\
O20 - Winlogon Notify: vtusrrq - C:\WINDOWS\
O20 - Winlogon Notify: wvutrqn - C:\WINDOWS\
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
ferme toutes tes applications y compris internet et clique sur fix checked

on va vérifier que Vundo est parti..
supprime si ce n'est fait la version de vundofix présente sur ton Pc, il faut toujours la toute dernière version
Télécharge VundoFix.exe (par Atribune) sur ton Bureau
http://www.atribune.org/ccount/click.php?id=4
clic double sur VundoFix.exe afin de le lancer
clic sur le bouton Scan for Vundo
Lorsque le scan est complété, clic sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clic YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer;
clic OK

repasse combofix et poste les rapports obtenus
on a bien avancé...

0
Réponse 112 / 183
raffiné Messages postés 217 Statut Membre 1
 
désoler j'ai mis un peu plus de temps que prévu mais j'ai eu un peu de mal a éxécuté les manoeuvres demander j'ai réussi a suprimer symantec shared par contre vundofix a fais son truc mais n'a pas éteint le poste de travail comme prévu
0
Réponse 113 / 183
chrifleur Messages postés 1099 Statut Contributeur 18
 
redémarre, poste le rapport obtenu et fais la suite
à demain, pour moi c'est l'heure de dormir....
0
Réponse 114 / 183
raffiné Messages postés 217 Statut Membre 1
 
ok bonne nuit et merci !!
0
Réponse 115 / 183
chrifleur Messages postés 1099 Statut Contributeur 18
 
de retour
0
Réponse 116 / 183
raffiné Messages postés 217 Statut Membre 1
 
bonjour bien dormi !!

j'ai relancer vundofix ce matin il ma afficher le message suivant done searching for files j'ai clicler sur ok et un deuxième message est apparru done searching for files no infected files were found j'ai de nouveau clicler sur ok ensuite sur remove vundo et rien ne se passe
0
Réponse 117 / 183
chrifleur Messages postés 1099 Statut Contributeur 18
 
as tu passé combofix comme demandé?
poste son rapport et un rapport hijack this
0
Réponse 118 / 183
raffiné Messages postés 217 Statut Membre 1
 
ok je fais tous et je post
0
Réponse 119 / 183
raffiné Messages postés 217 Statut Membre 1
 
rapport combofix

ComboFix 07-11-08.1 - NUNUR 2007-11-17 16:10:40.4 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.199 [GMT 1:00]
Running from: C:\Documents and Settings\NUNUR\Bureau\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2007-10-17 to 2007-11-17 ))))))))))))))))))))))))))))))))))))
.

2007-11-17 16:10 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-16 20:43 <REP> d-------- C:\VundoFix Backups
2007-11-16 10:38 <REP> d-------- C:\Documents and Settings\NUNUR\DoctorWeb
2007-11-15 15:03 <REP> d-------- C:\Program Files\Avira
2007-11-15 15:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-14 12:50 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-13 14:46 <REP> d-------- C:\Program Files\Navilog1
2007-11-13 12:53 3,764 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-13 11:29 <REP> d-------- C:\Documents and Settings\All Users\Modèles
2007-11-11 12:15 88,128 --a------ C:\WINDOWS\system32\gfntpoqj.dll
2007-11-10 23:42 <REP> d-------- C:\Documents and Settings\BRIAN\Application Data\vlc
2007-11-10 18:36 <REP> d-------- C:\HHeJay
2007-11-09 20:27 <REP> d-------- C:\Program Files\CCleaner
2007-11-09 16:06 <REP> d-------- C:\Program Files\Trend Micro
2007-11-08 22:08 4,608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys
2007-11-08 20:15 <REP> d-------- C:\Program Files\RegCleaner
2007-11-08 18:20 <REP> d-------- C:\Program Files\Alwil Software
2007-11-08 09:37 <REP> d-------- C:\WINDOWS\Sun
2007-11-08 09:24 172 --a------ C:\1444.bat
2007-11-07 15:32 <REP> d-------- C:\WINDOWS\system32\Mz18r
2007-11-07 10:31 35,328 --a------ C:\WINDOWS\system32\byxvtqr.dll
2007-11-07 09:11 35,328 --a------ C:\WINDOWS\system32\xxyywwv.dll
2007-11-06 12:24 35,328 --a------ C:\WINDOWS\system32\vtusrrq.dll
2007-11-06 10:11 <REP> d-------- C:\Documents and Settings\DYLAN\Application Data\AOL
2007-11-06 10:05 35,328 --a------ C:\WINDOWS\system32\nnnlllk.dll
2007-11-06 08:34 35,328 --a------ C:\WINDOWS\system32\ljjkhed.dll
2007-11-05 12:17 35,328 --a------ C:\WINDOWS\system32\wvutrqn.dll
2007-11-05 12:17 786 --a------ C:\6946.bat
2007-11-05 11:26 83,008 --a------ C:\WINDOWS\system32\ebkarbda.dll
2007-11-05 09:36 <REP> d-------- C:\Documents and Settings\BRIAN\Application Data\LimeWire
2007-11-05 09:32 35,328 --a------ C:\WINDOWS\system32\efcdebx.dll
2007-11-04 23:13 786 --a------ C:\3191.bat
2007-11-04 23:12 35,328 --a------ C:\WINDOWS\system32\pmnmnnl.dll
2007-11-04 23:12 786 --a------ C:\3295.bat
2007-11-04 16:39 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-11-04 16:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-04 01:14 <REP> d-------- C:\Documents and Settings\NUNUR\Application Data\LimeWire
2007-11-02 18:00 <REP> d-------- C:\Program Files\DofusArena2
2007-10-31 18:03 <REP> d-------- C:\Program Files\GrabIt
2007-10-30 12:36 <REP> d-------- C:\Hermes
2007-10-30 12:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Samsung
2007-10-30 12:33 137,884 -ra------ C:\WINDOWS\system32\drivers\sscdmdm.sys
2007-10-30 12:33 80,272 -ra------ C:\WINDOWS\system32\drivers\sscdbus.sys
2007-10-30 12:33 11,877 -ra------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
2007-10-30 12:33 11,877 -ra------ C:\WINDOWS\system32\drivers\sscdcm.sys
2007-10-30 12:33 11,188 -ra------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
2007-10-30 12:33 11,188 -ra------ C:\WINDOWS\system32\drivers\sscdwh.sys
2007-10-30 12:33 10,864 -ra------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
2007-10-30 12:31 <REP> d-------- C:\Program Files\Samsung
2007-10-28 00:31 <REP> d-------- C:\Documents and Settings\BRIAN\Application Data\Leadertech
2007-10-27 18:33 <REP> d-------- C:\Program Files\Messenger Plus! Live
2007-10-27 18:28 <REP> d-------- C:\Documents and Settings\NOLAN\Contacts
2007-10-27 18:27 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-10-27 18:26 <REP> d-------- C:\Documents and Settings\NOLAN\WINDOWS
2007-10-27 18:26 <REP> d--h----- C:\Documents and Settings\NOLAN\Voisinage réseau
2007-10-27 18:26 <REP> d---s---- C:\Documents and Settings\NOLAN\UserData
2007-10-27 18:26 <REP> d--h----- C:\Documents and Settings\NOLAN\Modèles
2007-10-27 18:26 <REP> dr------- C:\Documents and Settings\NOLAN\Mes documents
2007-10-27 18:26 <REP> dr------- C:\Documents and Settings\NOLAN\Menu Démarrer
2007-10-27 18:26 <REP> dr------- C:\Documents and Settings\NOLAN\Favoris
2007-10-27 18:26 <REP> d-------- C:\Documents and Settings\NOLAN\Bureau
2007-10-27 18:26 <REP> d-------- C:\Documents and Settings\NOLAN\Application Data\Roxio
2007-10-27 18:26 <REP> d-------- C:\Documents and Settings\NOLAN\Application Data\CyberLink
2007-10-27 14:57 <REP> d-------- C:\Documents and Settings\NUNUR\Application Data\SlySoft
2007-10-27 13:55 <REP> d-------- C:\Documents and Settings\NUNUR\Application Data\Leadertech
2007-10-22 22:15 <REP> d-------- C:\Documents and Settings\NUNUR\Shared
2007-10-22 22:14 <REP> d-------- C:\Program Files\Java
2007-10-22 22:13 <REP> d-------- C:\Program Files\Fichiers communs\Java
2007-10-22 22:07 <REP> d-------- C:\Program Files\BearShare Applications
2007-10-20 22:51 155 --a------ C:\WINDOWS\system32\netwbix32.dll
2007-10-20 14:21 <REP> d-------- C:\Program Files\Lemoncast
2007-10-18 21:01 <REP> d-------- C:\WINDOWS\system32\LogFiles
2007-10-18 21:01 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-16 15:31 --------- d-----w C:\Program Files\Fichiers communs\snpstd2
2007-10-16 15:09 --------- d-----w C:\Program Files\Fichiers communs\snct511
2007-10-16 14:59 --------- d-----w C:\Program Files\Windows Media Components
2007-10-16 14:59 --------- d-----w C:\Program Files\Mingjong
2007-10-10 08:34 --------- d-----w C:\Program Files\Micro Application
2007-10-09 22:14 --------- d-----w C:\Program Files\TryMedia
2007-10-09 22:14 --------- d-----w C:\Program Files\InterVideo
2007-10-09 15:40 --------- d-----w C:\Documents and Settings\BRIAN\Application Data\AOL
2007-10-06 16:49 --------- d-----w C:\Documents and Settings\DYLAN\Application Data\vlc
2007-10-05 22:37 --------- d-----w C:\Program Files\AC3Filter
2007-10-02 17:22 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\InfraRecorder
2007-10-02 13:49 --------- d-----w C:\Program Files\CDex
2007-09-30 12:56 --------- d-----w C:\Program Files\eMule
2007-09-28 09:37 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\MSN6
2007-09-28 09:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\MSN6
2007-09-27 21:28 --------- d-----w C:\Program Files\AviSynth 2.5
2007-09-27 21:26 --------- d-----w C:\Program Files\Ripp-it_AM
2007-09-27 16:40 --------- d-----w C:\Program Files\Simple PDF
2007-09-27 15:54 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-09-26 16:31 --------- d-----w C:\Documents and Settings\DYLAN\Application Data\Ecran de veille
2007-09-26 14:07 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-09-25 15:51 --------- d-----w C:\Program Files\Fichiers communs\Scanner
2007-09-25 08:21 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\Ahead
2007-09-24 20:43 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\AdobeUM
2007-09-24 20:38 --------- d-----w C:\Program Files\DVD Shrink
2007-09-24 20:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-09-24 17:30 --------- d-----w C:\Program Files\Google
2007-09-24 13:00 --------- d-----w C:\Program Files\Siber Systems
2007-09-24 13:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\RoboForm
2007-09-24 11:59 --------- d-----w C:\Program Files\PrintKey 2000 Fr
2007-09-24 11:47 --------- d-----w C:\Program Files\MSN Messenger
2007-09-24 11:43 --------- d-----w C:\Program Files\Winamp
2007-09-24 11:40 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\vlc
2007-09-24 11:39 --------- d-----w C:\Program Files\VideoLAN
2007-09-24 11:37 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\Smart Panel
2007-09-24 11:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
2007-09-24 11:30 --------- d-----w C:\Program Files\Smart Panel
2007-09-24 11:28 --------- d-----w C:\Program Files\epson
2007-09-24 10:41 --------- d-----w C:\Program Files\QuickTime
2007-09-24 10:41 --------- d-----w C:\Program Files\Learn2.com
2007-09-24 10:41 --------- d-----w C:\Program Files\AOL Compagnon
2007-09-24 10:41 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\You've Got Pictures Screensaver
2007-09-24 10:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
2007-09-24 10:40 8,552 ----a-w C:\WINDOWS\system32\drivers\asctrm.sys
2007-09-24 10:40 --------- d-----w C:\Program Files\Real
2007-09-24 10:40 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-09-24 10:40 --------- d-----w C:\Program Files\AOL 9.0
2007-09-24 10:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-09-24 10:05 --------- d-----w C:\Program Files\Fichiers communs\Nero
2007-09-24 10:03 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-09-24 10:03 --------- d-----w C:\Program Files\Ahead
2007-09-24 10:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2007-09-24 09:52 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\AOL
2007-09-24 09:51 --------- d-----w C:\Program Files\Viewpoint
2007-09-24 09:51 --------- d-----w C:\Program Files\Fichiers communs\Nullsoft
2007-09-24 09:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-09-24 09:50 --------- d-----w C:\Program Files\AOL 9.0 VR
2007-09-24 09:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-09-24 09:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-09-24 09:11 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Symantec
2007-09-24 08:53 --------- d-----w C:\Documents and Settings\NUNUR\Application Data\Symantec
2007-09-24 08:42 --------- d-----w C:\Program Files\Fichiers communs\aolshare
2007-09-24 08:42 --------- d-----w C:\Program Files\AOL 8.0
2007-09-24 08:41 --------- d-----w C:\Program Files\Fichiers communs\AOL
2007-09-24 08:30 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
2007-09-24 08:30 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
2007-09-24 08:13 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-09-24 08:13 --------- d-----w C:\Program Files\AOLbox
2007-09-21 20:56 24,192 ----a-w C:\Documents and Settings\NUNUR\usbsermptxp.sys
2007-09-21 20:56 22,768 ----a-w C:\WINDOWS\system32\drivers\usbsermpt.sys
2007-09-21 20:56 22,768 ----a-w C:\Documents and Settings\NUNUR\usbsermpt.sys
2007-09-21 20:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\BVRP Software
2007-08-22 12:57 96,768 ------w C:\WINDOWS\system32\dllcache\inseng.dll
2007-08-22 12:57 669,696 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-22 12:57 620,032 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-22 12:57 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-22 12:57 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-22 12:57 474,624 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-08-22 12:57 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-22 12:57 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-08-22 12:57 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-08-22 12:57 3,085,824 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-22 12:57 251,904 ------w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-08-22 12:57 205,824 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-22 12:57 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-22 12:57 152,064 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-08-22 12:57 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-22 12:57 1,498,624 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-08-22 12:57 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-08-22 12:57 1,023,488 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-08-21 10:19 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2007-08-21 07:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 07:17 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 10:59 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 10:59 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 10:59 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 10:59 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 10:59 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 10:59 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{088180AD-70EF-4C1D-AB23-E6EE9ACA18FE}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0B209275-6EE0-407C-A9FF-AD7E0EC3AD98}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C160F34-BF48-4849-94BE-457A136DAD1B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1C1DD717-53B2-485E-A17B-C9977C205E10}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25791D44-C0D3-4C39-937F-AF713D375660}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28D460C4-1C74-4D0D-8BB5-875A071CB6F5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2CEF41EC-BFCF-4BEA-A01A-18DBC973274B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{348F760A-FCAF-4703-94D8-0F9BBB2C2C98}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3FCCF749-C5A0-4941-81F2-2305C249B898}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41515D6E-7986-4643-88F6-9C62BF8A2CB3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{465FADD0-61FC-467A-8D43-ABA86B056D20}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{480BC6CF-1A62-4220-8A7E-DB4C29F8F7FD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{52945d56-b7f0-47b8-87dd-bf9dad386ad5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5BD69F69-1E68-45E0-8A15-CC95B4DB8487}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5E27209A-37FF-45C6-9C38-7E88B9114DB6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6669F3AF-F6B8-4A18-9665-F3B0DF2496FD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6A850F86-3B8D-4B62-B222-601FB9971D11}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6b6cd879-90ae-4172-be08-bcd015fdea0e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6BB415C4-DE26-4E1B-A3A2-7D155B24EF2B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7EAFDC3D-0E24-4ECE-80DB-BB5DBE63CCF9}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85e25d19-08be-4a5a-afd1-7ab77c86475c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8780F9AA-1D46-410A-A4D5-436DD9A3958D}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87A8E2C3-05E9-41F7-802B-2447F1DFECFD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87B8166D-5B9E-4AFB-B889-098CE589DBF9}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9177ef4d-addb-4307-8091-5e53fe7b5299}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95bb197c-3231-44fb-b92a-d774a91e6b42}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A5B8E8E7-F0AD-4706-8F32-FA445E14689E}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A63D1678-5752-4707-9373-EED82A2141D9}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A75C902D-25C1-4C6D-A621-8636605EC3BF}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A995E20D-E25C-4180-BFCB-CD3D79BE3352}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF78DC4D-9983-4DCC-935B-40E45BACD126}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B012230C-373E-410D-947B-9281B8361DE0}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B8C7F479-A434-470D-9DF6-1A2A93E2F63A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BFA0FE9F-E173-4E2E-967B-83E8B7A20C3F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dc91ffeb-db15-4a9f-b398-fd3332b497f8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7E8CB79-BCE4-4EF0-9A05-D1775127D97E}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ECB4E168-7421-4BCE-8475-263DCECA2C6F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EF08CB24-7B84-4E24-BAE1-2B5FBD12AA1A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F328F8D8-48AB-414F-ADC5-3582B5C00DC3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 08:34 C:\WINDOWS\SOUNDMAN.EXE]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-09-29 13:23]
"nwiz"="nwiz.exe" [2004-09-29 13:23 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2004-09-29 13:23]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1190623827\ee\AOLSoftware.exe" [2006-09-26 02:52]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-24 11:41]
"EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe" [2004-03-04 05:00]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-02-13 20:29]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [2004-01-05 18:34]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []
"21551a7a"="C:\WINDOWS\system32\snaegqwb.dll" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2007-09-24 14:45]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 18:24]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
"AOL Fast Start"="C:\Program Files\AOL 9.0 VR\AOL.exe" [2007-06-21 13:44]

C:\Documents and Settings\NUNUR\Menu D‚marrer\Programmes\D‚marrage\
PrintKey 2000 Fr.lnk - C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe [2001-06-25 21:14:14]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
AOL 9.0 Ic“ne AOL.lnk - C:\Program Files\AOL 9.0\aoltray.exe [2007-09-24 11:40:16]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccyyxw]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnmnnl]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtusrrq]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvutrqn]

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
R3 snpstd2;USB PC Camera (SN9C103);C:\WINDOWS\system32\DRIVERS\snpstd2.sys
S3 SetupNTGLM7X;SetupNTGLM7X;\??\H:\NTGLM7X.sys
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys
S3 sscdmdfl;SAMSUNG CDMA Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
S3 sscdmdm;SAMSUNG CDMA Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
S4 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-16 19:00:02 C:\WINDOWS\Tasks\Start AntiVir PersonalEdition Classic.job"
- C:\PROGRA~1\Avira\ANTIVI~1\avcenter.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-17 16:12:03
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-17 16:12:32
C:\ComboFix3.txt ... 2007-11-12 18:20
C:\ComboFix2.txt ... 2007-11-16 17:54
.
--- E O F ---
0
Réponse 120 / 183
raffiné Messages postés 217 Statut Membre 1
 
rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:27, on 17/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\AOL\1190623827\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\fichiers communs\aol\1190623827\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\Program Files\Fichiers communs\AOL\Topspeed\3.0\aoltpsd3.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {088180AD-70EF-4C1D-AB23-E6EE9ACA18FE} - (no file)
O2 - BHO: (no name) - {0B209275-6EE0-407C-A9FF-AD7E0EC3AD98} - (no file)
O2 - BHO: (no name) - {0C160F34-BF48-4849-94BE-457A136DAD1B} - (no file)
O2 - BHO: (no name) - {1C1DD717-53B2-485E-A17B-C9977C205E10} - (no file)
O2 - BHO: (no name) - {25791D44-C0D3-4C39-937F-AF713D375660} - (no file)
O2 - BHO: (no name) - {28D460C4-1C74-4D0D-8BB5-875A071CB6F5} - (no file)
O2 - BHO: (no name) - {2CEF41EC-BFCF-4BEA-A01A-18DBC973274B} - (no file)
O2 - BHO: (no name) - {348F760A-FCAF-4703-94D8-0F9BBB2C2C98} - (no file)
O2 - BHO: (no name) - {3FCCF749-C5A0-4941-81F2-2305C249B898} - (no file)
O2 - BHO: (no name) - {41515D6E-7986-4643-88F6-9C62BF8A2CB3} - (no file)
O2 - BHO: (no name) - {465FADD0-61FC-467A-8D43-ABA86B056D20} - (no file)
O2 - BHO: (no name) - {480BC6CF-1A62-4220-8A7E-DB4C29F8F7FD} - (no file)
O2 - BHO: (no name) - {52945d56-b7f0-47b8-87dd-bf9dad386ad5} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5BD69F69-1E68-45E0-8A15-CC95B4DB8487} - (no file)
O2 - BHO: (no name) - {5E27209A-37FF-45C6-9C38-7E88B9114DB6} - (no file)
O2 - BHO: (no name) - {6669F3AF-F6B8-4A18-9665-F3B0DF2496FD} - (no file)
O2 - BHO: (no name) - {6A850F86-3B8D-4B62-B222-601FB9971D11} - (no file)
O2 - BHO: (no name) - {6b6cd879-90ae-4172-be08-bcd015fdea0e} - (no file)
O2 - BHO: (no name) - {6BB415C4-DE26-4E1B-A3A2-7D155B24EF2B} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EAFDC3D-0E24-4ECE-80DB-BB5DBE63CCF9} - (no file)
O2 - BHO: (no name) - {85e25d19-08be-4a5a-afd1-7ab77c86475c} - (no file)
O2 - BHO: (no name) - {8780F9AA-1D46-410A-A4D5-436DD9A3958D} - (no file)
O2 - BHO: (no name) - {87A8E2C3-05E9-41F7-802B-2447F1DFECFD} - (no file)
O2 - BHO: (no name) - {87B8166D-5B9E-4AFB-B889-098CE589DBF9} - (no file)
O2 - BHO: (no name) - {9177ef4d-addb-4307-8091-5e53fe7b5299} - (no file)
O2 - BHO: (no name) - {95bb197c-3231-44fb-b92a-d774a91e6b42} - (no file)
O2 - BHO: (no name) - {A5B8E8E7-F0AD-4706-8F32-FA445E14689E} - (no file)
O2 - BHO: (no name) - {A63D1678-5752-4707-9373-EED82A2141D9} - (no file)
O2 - BHO: (no name) - {A75C902D-25C1-4C6D-A621-8636605EC3BF} - (no file)
O2 - BHO: (no name) - {A995E20D-E25C-4180-BFCB-CD3D79BE3352} - (no file)
O2 - BHO: (no name) - {AF78DC4D-9983-4DCC-935B-40E45BACD126} - (no file)
O2 - BHO: (no name) - {B012230C-373E-410D-947B-9281B8361DE0} - (no file)
O2 - BHO: (no name) - {B8C7F479-A434-470D-9DF6-1A2A93E2F63A} - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: (no name) - {BFA0FE9F-E173-4E2E-967B-83E8B7A20C3F} - (no file)
O2 - BHO: (no name) - {dc91ffeb-db15-4a9f-b398-fd3332b497f8} - (no file)
O2 - BHO: (no name) - {E7E8CB79-BCE4-4EF0-9A05-D1775127D97E} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {ECB4E168-7421-4BCE-8475-263DCECA2C6F} - (no file)
O2 - BHO: (no name) - {EF08CB24-7B84-4E24-BAE1-2B5FBD12AA1A} - (no file)
O2 - BHO: (no name) - {F328F8D8-48AB-414F-ADC5-3582B5C00DC3} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1190623827\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [21551a7a] rundll32.exe "C:\WINDOWS\system32\snaegqwb.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VR\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0025B105-D86F-4DD3-8514-40AC82D15FEA}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{00842C39-07B5-4B8A-8A97-6553530C20BB}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{08B65D70-FF0B-40CA-9472-7BC71AA49620}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F7639E0-8FEA-4B98-B804-24E9687EFFF8}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F95AA4E-968E-46C3-BD3C-E4EE273AE51E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E97F286-7974-4E41-9AEA-3649BD95E53F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{A07392D1-8423-4AFE-ABB8-D8C87C820981}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0025B105-D86F-4DD3-8514-40AC82D15FEA}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{0025B105-D86F-4DD3-8514-40AC82D15FEA}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - Winlogon Notify: fccyyxw - C:\WINDOWS\
O20 - Winlogon Notify: pmnmnnl - C:\WINDOWS\
O20 - Winlogon Notify: vtusrrq - C:\WINDOWS\
O20 - Winlogon Notify: wvutrqn - C:\WINDOWS\
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
0
Précédent
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10

Discussions similaires

apparation intempestives de pub type site de rencontre et photo dans le même ton
Crokino -
Crokino -

6 réponses
Publicités : même son coupé, elles sont à fond
Leboss104 -
loisou17 -

5 réponses
M6 Replay désactiver le bloqueur de publicité
katydel88 -
Mathieu -

14 réponses
Message "Un bloqueur de publicité empêche la lecture..."
pistouri -
pistouri -

0 réponse
Bande de pub sur ma TV TCL
michal1940 -
MPMP10 -

2 réponses