Pub CiD => Rapport
frusciante64
Messages postés
315
Statut
Membre
-
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
Bonjour,
Depuis 2 jour j'ai sans cesse des publicités intempestives nommées "CiD", j'ai essayé d'enlever ce spyware avec Ccleaner, Avast, AVG, Soybot Search & Destroy mais je continues à en recevoir. J'ai pensé à faire un rapport avec Hijackthis. Le roblème c'est que je ne sais pa ce qu'il faut fixer... Si quelqu'un aurait une idée:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\Resources\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\Resources\UberIcon\UberIcon Manager.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\Resources\YzShadow\YzShadow.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Rar$EX00.688\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [platform bind axis time] C:\Documents and Settings\All Users\Application Data\soft ref platform bind\Title vga.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [joy five] C:\DOCUME~1\COMPAQ~1\APPLIC~1\BENDOB~1\rectpeak.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\Resources\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\Resources\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\Resources\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\Resources\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Traducción - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traducir - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Ajustar la traducción - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAACE3C8-161E-4F8D-B1A0-D1ED37A2006D}: NameServer = 80.10.246.2,80.10.246.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Depuis 2 jour j'ai sans cesse des publicités intempestives nommées "CiD", j'ai essayé d'enlever ce spyware avec Ccleaner, Avast, AVG, Soybot Search & Destroy mais je continues à en recevoir. J'ai pensé à faire un rapport avec Hijackthis. Le roblème c'est que je ne sais pa ce qu'il faut fixer... Si quelqu'un aurait une idée:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\Resources\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\Resources\UberIcon\UberIcon Manager.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\Resources\YzShadow\YzShadow.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Rar$EX00.688\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [platform bind axis time] C:\Documents and Settings\All Users\Application Data\soft ref platform bind\Title vga.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [joy five] C:\DOCUME~1\COMPAQ~1\APPLIC~1\BENDOB~1\rectpeak.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\Resources\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\Resources\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\Resources\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\Resources\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Traducción - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traducir - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Ajustar la traducción - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAACE3C8-161E-4F8D-B1A0-D1ED37A2006D}: NameServer = 80.10.246.2,80.10.246.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
A voir également:
- Pub CiD => Rapport
- Supprimer pub youtube - Accueil - Streaming
- Stop pub gratuit - Télécharger - Divers Utilitaires
- Plan rapport de stage - Guide
- Supprimer la pub - Guide
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant - Forum Bureautique
9 réponses
C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Rar$EX00.688\HijackThis.exe
Tu es dans les répertoires temporaires avec Hijackthis, les sauvegardes vont s' effacer et si tu effaces une dll par erreur tu ne pourras pas réparer
FIXES RIEN DESINSTALLES HIJACKTHIS REINSTALLES
- Hijackthis - Outil de diagnostic et réparation
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis <
Enregistre le bien dans C : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
http://www.tutoriaux-excalibur.com/hijackthis.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Tu es dans les répertoires temporaires avec Hijackthis, les sauvegardes vont s' effacer et si tu effaces une dll par erreur tu ne pourras pas réparer
FIXES RIEN DESINSTALLES HIJACKTHIS REINSTALLES
- Hijackthis - Outil de diagnostic et réparation
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis <
Enregistre le bien dans C : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
http://www.tutoriaux-excalibur.com/hijackthis.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Désinstalles les sponsors
http://www.commentcamarche.net/faq/sujet 5996 comment bloquer les fenetres cid
Essaie avec navilog
http://www.commentcamarche.net/faq/sujet 2490 popups ouverture de fenetres internet publicitaires pop up
Surf avec FF
http://www.commentcamarche.net/faq/sujet 4541 web eliminer totalement les publicites dans les pages web
Avec msn, il vaut mieux utiliser Antivir au lieu de Avast
http://www.commentcamarche.net/faq/sujet 3045 tutoriels tutoriels de logiciels
http://www.commentcamarche.net/faq/sujet 5996 comment bloquer les fenetres cid
Essaie avec navilog
http://www.commentcamarche.net/faq/sujet 2490 popups ouverture de fenetres internet publicitaires pop up
Surf avec FF
http://www.commentcamarche.net/faq/sujet 4541 web eliminer totalement les publicites dans les pages web
Avec msn, il vaut mieux utiliser Antivir au lieu de Avast
http://www.commentcamarche.net/faq/sujet 3045 tutoriels tutoriels de logiciels
J' ai pas vu quel parefeu tu as, Avast et antivir demandent un parefeu supplémentaire à la place de celui de XP
Dans Tutoriels de logiciels, il y a des parefeu, Kério ou zonalarme.
Dans Tutoriels de logiciels, il y a des parefeu, Kério ou zonalarme.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ps, Tu as déjà lop qui te mets les fenêtres cid, avec un nouveau hijackthis après les nettoyages, tu ne devrais plus trouver dans les lignes 04 le fichier:
rectpeak.exe
rectpeak.exe
Salut
malheureusement, ça ne suffit pas à neutraliser lop !
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
++
malheureusement, ça ne suffit pas à neutraliser lop !
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
++
Salut, merci de ta réponse. Voici le rapport:
Rapport Lopxp fait le 19/01/2008 à 13:23:24
Exécuté dans : C:\Program Files\Lopxp
- Fin du rapport -
Rapport Lopxp fait le 19/01/2008 à 13:23:24
Exécuté dans : C:\Program Files\Lopxp
Killing 'iexplore.exe' "C:\Program Files\Internet Explorer\IEXPLORE.EXE" (836) "C:\Program Files\Internet Explorer\IEXPLORE.EXE" (248) "C:\Program Files\Internet Explorer\iexplore.exe" (2944) "C:\Program Files\Internet Explorer\IEXPLORE.EXE" https://ad.zanox.com/ppc/html/ppc_error_1.html (3920) "C:\Program Files\Internet Explorer\iexplore.exe" (3924) ___________________________________________________________________________ => Tâches planifiées C:\WINDOWS\tasks\AD94CA9C90B376BC.job Crée le : 16/01/2008 à 18:52 Fichier exécuté => c:\docume~1\compaq~1\applic~1\bendob~1\hidewipeinside.exe C:\WINDOWS\tasks\AppleSoftwareUpdate.job Crée le : 11/09/2007 à 17:07 Fichier exécuté => C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task C:\WINDOWS\tasks\Gerald Depalmas - Au paradis.job Crée le : 12/12/2006 à 21:36 Fichier exécuté => C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Ma musique\Gerald Depalmas - Au paradis.mp3 C:\WINDOWS\tasks\Maintenance en 1 clic.job Crée le : 15/09/2007 à 14:46 Fichier exécuté => C:\Program Files\TuneUp Utilities 2008\OneClick.exe /schedulestart C:\WINDOWS\tasks\Muse - Starlight.job Crée le : 29/11/2006 à 22:37 Fichier exécuté => C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Ma musique\Muse - Starlight.mp3 ___________________________________________________________________________ => Listing des dossiers Application Data +- C:\Documents and Settings\All Users\Application Data 01/01/2005 19:57:22 ... Adobe -----= Adobe 01/03/2007 11:17:46 ... ADOBES~1 --= Adobe Systems 03/07/2007 14:46:24 ... Apple -----= Apple 01/01/2005 19:59:07 ... APPLEC~1 --= Apple Computer 20/02/2007 01:33:53 ... Babylon ---= Babylon 26/02/2007 01:12:35 ... BLUEFO~1 --= Blue fork 16 deaf 14/07/2006 19:14:18 ... BOONTY ----= BOONTY 15/08/2006 10:28:47 ... CopyPod ---= CopyPod 12/09/2007 16:28:10 ... CYBERL~1 --= CyberLink 12/09/2007 12:56:41 ... DVDSHR~1 --= DVD Shrink 13/06/2006 14:07:36 ... Google ----= Google 03/02/2007 13:38:45 ... GOOGLE~1 --= Google Updater 18/07/2007 17:33:53 ... Grisoft ---= Grisoft 01/01/2005 20:25:51 ... INSTAL~1 --= InstallShield 03/07/2007 02:27:36 ... Lavasoft --= Lavasoft 24/08/2007 11:54:36 ... LEGACY~1 --= Legacy Interactive 08/04/2007 21:30:52 ... LIONHE~1 --= Lionhead Studios 31/03/2007 23:35:10 ... Logishrd --= Logishrd 31/03/2007 23:35:00 ... Logitech --= Logitech 13/06/2006 13:49:12 ... MESSEN~1 --= Messenger Plus! 25/11/2004 04:25:08 ... MICROS~1 --= Microsoft 27/02/2007 00:42:29 ... MICROS~2 --= Microsoft Corporation 01/01/2005 20:04:12 ... Motive ----= Motive 19/04/2007 16:17:09 ... MUVEET~1 --= muvee Technologies 02/07/2007 23:02:07 ... NANNYM~1 --= NannyMania 01/01/2005 19:59:11 ... QUICKT~1 --= QuickTime 01/01/2005 19:42:48 ... SBSI ------= SBSI 18/02/2007 22:26:24 ... Skype -----= Skype 16/01/2008 18:51:50 ... SOFTRE~1 --= soft ref platform bind 30/06/2006 19:53:17 ... SPYBOT~1 --= Spybot - Search & Destroy 02/07/2007 21:34:17 ... SUPERA~1.COM --= SUPERAntiSpyware.com 01/01/2005 20:15:40 ... Symantec --= Symantec 24/03/2007 13:39:35 ... TEMP ------= TEMP 06/01/2007 22:55:38 ... TUNEUP~1 --= TuneUp Software 22/08/2006 17:07:18 ... WINDOW~1 --= Windows Genuine Advantage +- C:\Documents and Settings\Default User\Application Data 13/06/2006 12:18:09 ... APPLEC~1 --= Apple Computer 25/11/2004 04:25:34 ... IDENTI~1 --= Identities 13/10/2007 10:01:50 ... MACROM~1 --= Macromedia 25/11/2004 04:25:34 ... MICROS~1 --= Microsoft 13/06/2006 12:18:09 ... SAMPLE~1 --= SampleView 13/06/2006 12:18:09 ... Sun -------= Sun 13/06/2006 12:18:09 ... Symantec --= Symantec +- C:\Documents and Settings\Default User\Local Settings\Application Data 13/06/2006 12:18:09 ... APPLEC~1 --= Apple Computer 13/06/2006 12:18:09 ... APPLIC~1 --= ApplicationHistory 25/11/2004 04:25:38 ... MICROS~1 --= Microsoft 13/06/2006 12:18:09 ... {7148F~1 --= {7148F0A6-6813-11D6-A77B-00B0D0142030} ___________________________________________________________________________ => Listing du dossier ProgramFiles +- C:\Program Files 25/08/2006 17:57:23 ... 1964 ------= 1964 04/03/2007 14:13:15 ... 3BSOFT~1 --= 3B Software 03/09/2007 18:43:59 ... ACTIVI~1 --= Activision 01/01/2005 19:57:20 ... Adobe -----= Adobe 02/09/2007 23:00:08 ... Adverts ---= Adverts 28/10/2006 16:52:54 ... AGOGOA~1 --= Agogo AVI MPEG WMV RM MOV Converter 16/08/2006 00:32:13 ... Ahead -----= Ahead 04/11/2006 01:14:30 ... ALCOHO~2 --= Alcohol Soft 13/06/2006 17:34:10 ... ALWILS~1 --= Alwil Software 12/03/2007 21:09:50 ... APPLES~1 --= Apple Software Update 26/06/2006 19:10:58 ... ArcSoft ---= ArcSoft 22/08/2006 15:03:26 ... Atari -----= Atari 01/01/2005 20:23:57 ... ATITEC~1 --= ATI Technologies 14/06/2006 17:14:07 ... Audacity --= Audacity 03/07/2007 23:18:20 ... AVVCS3~1.0 --= AV VCS 3.0 29/06/2006 11:22:24 ... AVICOD~1 --= AVI Codec Pack 28/10/2006 17:34:23 ... AVISYN~1.5 --= AviSynth 2.5 03/09/2006 17:10:06 ... AVSMedia --= AVSMedia 16/01/2008 18:50:41 ... BENDOB~1 --= Bend obj mix 04/07/2006 20:32:59 ... BITZIP~1 --= BitZipper 14/08/2006 16:25:40 ... BLAZEA~1 --= Blaze Audio 01/04/2007 18:02:05 ... bobyte ----= bobyte 05/01/2008 11:59:48 ... CAPCOM ----= CAPCOM 05/11/2007 23:51:38 ... CATDAD~1 --= Cat Daddy Games 02/07/2007 14:17:37 ... CCleaner --= CCleaner 16/01/2008 18:49:57 ... CIRCLE~1 --= Circle Developement 19/01/2008 07:43:18 ... COMMEN~1 --= CommentCaMarche 05/07/2007 13:47:02 ... COMMON~1 --= Common Files 16/07/2007 13:44:25 ... COMPAQ ----= COMPAQ 24/11/2004 02:37:34 ... COMPLU~1 --= ComPlus Applications 13/06/2006 13:12:48 ... Creative --= Creative 12/09/2007 16:02:18 ... CYBERL~1 --= CyberLink 23/08/2006 20:21:15 ... D-Tools ---= D-Tools 05/07/2006 23:46:14 ... DAEMON~1 --= DAEMON Tools 05/07/2006 10:43:03 ... directx ---= directx 19/04/2007 16:22:52 ... DivX ------= DivX 19/07/2006 20:11:46 ... DJSHOW~1 --= DJ show 24/11/2007 16:22:04 ... DK --------= DK 02/07/2007 17:34:29 ... EAGAME~1 --= EA GAMES 01/01/2005 20:06:29 ... EASYIN~1 --= Easy Internet signup 05/07/2006 22:53:30 ... EIDOSI~1 --= Eidos Interactive 30/08/2007 09:08:14 ... ELCOMS~1 --= ElcomSoft 13/06/2006 18:08:11 ... eMule -----= eMule 09/03/2007 22:49:12 ... EOVIDE~1 --= EO Video 14/07/2007 12:18:50 ... eoRezo ----= eoRezo 08/02/2007 18:55:37 ... epson -----= epson 13/06/2006 19:03:58 ... EVILLY~1 --= EvilLyrics 25/11/2004 04:26:44 ... FICHIE~1 --= Fichiers communs 14/08/2006 15:20:20 ... FREEAU~1 --= Free Audio Pack 03/09/2007 19:03:11 ... GAMESP~1 --= GameSpy Arcade 13/06/2006 14:07:34 ... Google ----= Google 29/12/2007 02:04:46 ... GOOGLE~1 --= Google Video 18/01/2008 22:12:30 ... Grisoft ---= Grisoft 14/05/2007 17:20:36 ... GUITAR~2 --= Guitar Pro 5 03/02/2007 21:13:05 ... HARDWA~1 --= HardwareDetection 01/01/2005 20:01:47 ... HELPAN~1 --= Help and Support Additions 23/02/2007 19:33:22 ... ImTOO -----= ImTOO 01/01/2005 19:59:21 ... INSTAL~1 --= InstallShield Installation Information 25/11/2004 04:27:06 ... INTERN~1 --= Internet Explorer 01/01/2005 20:24:11 ... INTERV~1 --= InterVideo 17/01/2008 07:42:11 ... iPod ------= iPod 21/02/2007 15:49:59 ... ISOpen ----= ISOpen 14/07/2007 12:18:27 ... ITSLAB~1 --= Its Label 08/08/2007 12:03:11 ... iTunes ----= iTunes 04/07/2006 21:54:25 ... IZArc -----= IZArc 19/07/2007 16:48:24 ... Java ------= Java 02/07/2006 11:41:19 ... K-LITE~1 --= K-Lite Codec Pack 01/12/2006 16:02:44 ... LAROUS~1 --= Larousse Multimédia 01/03/2007 01:10:01 ... Lavasoft --= Lavasoft 08/04/2007 21:30:52 ... LIONHE~1 --= Lionhead Studios Ltd 06/07/2006 22:16:45 ... LITEXM~1 --= LitexMedia 26/08/2006 15:41:24 ... Logitech --= Logitech 19/01/2008 13:21:30 ... Lopxp -----= Lopxp 28/01/2007 01:49:33 ... LUCASA~1 --= LucasArts 01/01/2005 20:25:28 ... MACROV~1 --= Macrovision Corp 20/08/2006 23:37:52 ... Maxis -----= Maxis 14/07/2006 18:07:11 ... MESJEU~1 --= Mes Jeux Téléchargés 25/11/2004 04:27:08 ... MESSEN~1 --= Messenger 13/07/2006 13:12:48 ... MESSEN~3 --= Messenger Plus! Live 13/06/2006 13:44:41 ... MESSEN~2 --= MessengerPlus! 3 01/03/2007 11:12:47 ... MI3AA1~1 --= Microsoft ActiveSync 25/11/2004 04:27:08 ... MICROS~1 --= microsoft frontpage 18/08/2006 17:18:57 ... MICROS~2 --= Microsoft Office 05/11/2006 13:14:29 ... MICROS~3 --= Microsoft Visual Studio 06/01/2008 00:30:58 ... MINDSC~1 --= Mindscape 04/11/2006 15:24:54 ... MONTEC~1 --= Monte Cristo 25/11/2004 04:27:16 ... MOVIEM~1 --= Movie Maker 25/11/2004 04:27:16 ... MSN -------= MSN 25/11/2004 04:27:30 ... MSNGAM~1 --= MSN Gaming Zone 13/06/2006 13:41:34 ... MSNMES~1 --= MSN Messenger 09/02/2007 16:32:23 ... MSNPIC~1 --= MSN Pictures Displayer 16/08/2007 18:02:30 ... MSXML4~1.0 --= MSXML 4.0 16/08/2007 18:04:41 ... MSXML6~1.0 --= MSXML 6.0 17/07/2006 19:50:09 ... MUSKCO~1 --= MUSK Codec Pack v3 19/04/2007 16:20:31 ... MUVEET~1 --= muvee Technologies 17/07/2007 21:08:22 ... Navilog1 --= Navilog1 25/11/2004 04:27:40 ... NETMEE~1 --= NetMeeting 28/02/2007 17:00:06 ... Noopod ----= Noopod 14/10/2007 15:23:02 ... NORTON~1.0 ----= Norton Ghost 6.0 25/11/2004 04:27:42 ... ONLINE~1 --= Online Services 30/06/2006 13:25:04 ... OOSOFT~1 --= OO Software 25/11/2004 04:27:44 ... OUTLOO~1 --= Outlook Express 01/01/2005 20:04:58 ... PC-DOC~1 --= PC-Doctor for Windows 25/06/2006 12:48:28 ... PHOTOF~1 --= PhotoFiltre 03/09/2006 16:07:12 ... PHOTOF~2 --= PhotoFiltre Studio 25/11/2006 00:30:36 ... PROMT5 ----= PROMT5 28/10/2006 17:34:17 ... PSPVID~1 --= pspvideo9 14/06/2006 06:18:37 ... PYMCOR~1 --= Pym Corporation 01/01/2005 19:59:11 ... QUICKT~1 --= QuickTime 18/08/2006 18:08:41 ... Real ------= Real 24/08/2007 11:50:45 ... REFLEX~1 --= ReflexiveArcade 23/08/2006 20:06:47 ... REGCLE~1 --= RegCleaner 04/07/2007 01:11:29 ... REGIST~1 --= Registry Mechanic 29/07/2007 20:44:16 ... RIPP-I~1 --= Ripp-it_AM 17/10/2007 20:55:12 ... SAGEM -----= SAGEM 17/10/2007 20:55:29 ... SAGEMW~1.11G -----= SAGEM Wi-Fi USB 802.11g 07/06/2007 22:33:38 ... Sega ------= Sega 25/11/2004 04:27:44 ... SERVIC~1 --= Services en ligne 25/09/2007 18:16:48 ... Shareaza --= Shareaza 18/02/2007 22:25:10 ... Skype -----= Skype 24/03/2007 13:39:13 ... SMARTP~1 --= SmartPCTools 01/01/2005 19:56:08 ... Sonic -----= Sonic 01/01/2005 19:56:08 ... SONICR~1 --= Sonic RecordNow! 27/01/2007 22:28:00 ... Sony ------= Sony 24/08/2006 23:05:04 ... SOUNDS~1 --= SoundSpectrum 30/06/2006 19:53:10 ... SPYBOT~1 --= Spybot - Search & Destroy 18/07/2007 21:49:29 ... SPYWAR~1 --= SpywareBlaster 28/10/2006 21:34:27 ... SSI -------= SSI 29/10/2007 10:28:18 ... Stardock --= Stardock 02/07/2007 21:34:06 ... SUPERA~1 --= SUPERAntiSpyware 01/01/2005 20:15:42 ... Symantec --= Symantec 03/01/2008 20:59:29 ... THEADV~1 --= The Adventure Company 03/02/2007 20:53:35 ... TRADUC~1 --= Traduction-online 29/10/2006 16:19:40 ... TRIBAL~1.NET --= TribalWeb.net 06/11/2007 15:05:19 ... Tropico ---= Tropico 31/12/2007 17:33:39 ... TUNEUP~3 --= TuneUp Utilities 2008 24/11/2004 02:37:46 ... UNINST~1 --= Uninstall Information 17/06/2006 21:32:39 ... VDJ3 ------= VDJ3 13/06/2006 21:00:13 ... VideoLAN --= VideoLAN 14/06/2006 17:11:54 ... VIRTUA~1 --= VirtualDJ 01/04/2007 17:41:18 ... VIRTUA~2 --= VirtualDub 22/06/2007 16:00:38 ... VIRTUA~3 --= VirtualDub-MPEG2 24/06/2006 10:36:44 ... vso -------= vso 13/06/2006 12:37:09 ... Wanadoo ---= Wanadoo 17/10/2007 18:48:40 ... WANADO~1 --= Wanadoo Messager 03/02/2007 18:19:51 ... WEBMED~1 --= Web Media Player 14/01/2008 21:46:03 ... WEBMED~2 --= WebMediaPlayer 23/02/2007 19:07:14 ... WINAVI~1 --= WinAVI Video Converter 27/06/2007 19:47:28 ... WI1F86~1 --= Windows Live 15/12/2006 21:39:19 ... WIE5D0~1 --= Windows Live Safety Center 09/07/2006 12:12:21 ... WINDOW~4 --= Windows Media Components 06/01/2007 00:27:38 ... WI4DF6~1 --= Windows Media Connect 2 25/11/2004 04:27:48 ... WINDOW~1 --= Windows Media Player 25/11/2004 04:27:52 ... WINDOW~2 --= Windows NT 24/11/2004 02:37:48 ... WINDOW~3 --= WindowsUpdate 14/06/2006 06:39:55 ... WinRAR ----= WinRAR 14/06/2006 06:20:16 ... WinZip ----= WinZip 25/11/2004 04:28:02 ... xerox -----= xerox ___________________________________________________________________________ => Clés registre [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "platform bind axis time"="C:\Documents and Settings\All Users\Application Data\soft ref platform bind\Title vga.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "joy five"="C:\DOCUME~1\COMPAQ~1\APPLIC~1\BENDOB~1\rectpeak.exe" ___________________________________________________________________________ => Bloqueur popups Internet Explorer +- Liste des popups autorisés : www.pagesjaunes.fr host-domain-lookup.com www.host-domain-lookup.com mysearchnow.com www.mysearchnow.com ___________________________________________________________________________ /!\ Suggestion (Nécessite une interprétation.) +- Dossiers suspects : C:\Documents and Settings\Compaq_Propriétaire\Application Data\Bend obj mix C:\Program Files\Bend obj mix C:\Program Files\Adverts C:\Documents and Settings\Compaq_Propri‚taire\Application Data\BitDownload C:\Documents and Settings\Compaq_Propri‚taire\Application Data\BitDownload\Data C:\Documents and Settings\Compaq_Propri‚taire\Application Data\BitDownload\Data\BackUp C:\Documents and Settings\Compaq_Propri‚taire\Application Data\BitDownload\Data\DataDir C:\Documents and Settings\Compaq_Propri‚taire\Application Data\BitDownload\Data\LgDir C:\Documents and Settings\Compaq_Propri‚taire\Application Data\BitDownload\Data\TmpDir C:\Documents and Settings\Compaq_Propri‚taire\Application Data\BitDownload\Data\BackUp\DataDir C:\Documents and Settings\Compaq_Propri‚taire\Application Data\BitDownload\Data\BackUp\LgDir C:\Program Files\Circle Developement +- Tâches planifiées suspectes : C:\WINDOWS\tasks\AD94CA9C90B376BC.job +- Registre: REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "platform bind axis time"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "joy five"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow] "host-domain-lookup.com"=- "www.host-domain-lookup.com"=- "mysearchnow.com"=- "www.mysearchnow.com"=-
- Fin du rapport -
