Pub intenpestives qui recommencent!
Résolu
princessroze
Messages postés
6
Statut
Membre
-
buginformatik Messages postés 2210 Statut Contributeur -
buginformatik Messages postés 2210 Statut Contributeur -
Bonjour,
Il y a quelque temps j'ai demandé votre aide car des pubs intenpenstive venaient.Tout c'est bien passé et voila qu'elles recommencent.Je vous joint le rapport si quelqu'un pouvait me dire comment faire, car c'est pas très pratique.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34:21, on 24/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\AVG\AVG8\avgcmgr.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Second bat creative peak] C:\Documents and Settings\All Users\Application Data\Axis Readme Second Bat\hold debug.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Upload Build] C:\DOCUME~1\PROPRI~1\APPLIC~1\FORKWM~1\Stupid Draw.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.camusinformatique.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSEasyInstallX.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
Il y a quelque temps j'ai demandé votre aide car des pubs intenpenstive venaient.Tout c'est bien passé et voila qu'elles recommencent.Je vous joint le rapport si quelqu'un pouvait me dire comment faire, car c'est pas très pratique.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34:21, on 24/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\AVG\AVG8\avgcmgr.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Second bat creative peak] C:\Documents and Settings\All Users\Application Data\Axis Readme Second Bat\hold debug.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Upload Build] C:\DOCUME~1\PROPRI~1\APPLIC~1\FORKWM~1\Stupid Draw.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.camusinformatique.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSEasyInstallX.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
A voir également:
- Pub intenpestives qui recommencent!
- Supprimer pub youtube - Accueil - Streaming
- Stop pub gratuit - Télécharger - Divers Utilitaires
- Supprimer la pub - Guide
- Musique pub italienne lalala - Forum Musique / Radio / Clip
- Pub par sms - Guide
11 réponses
Hé bah c'est repartit
Télécharges Navilog1 : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Et son tuto : http://www.malekal.com/Adware.Magic_Control.php
Postes ensuite le rapport de l'Option 1 sur le forum, je te dirait ensuite la marche à suivre !
Télécharges Navilog1 : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Et son tuto : http://www.malekal.com/Adware.Magic_Control.php
Postes ensuite le rapport de l'Option 1 sur le forum, je te dirait ensuite la marche à suivre !
merci de votre aide, donc voila ce que j'obtiens:
Search Navipromo version 3.6.1 commencé le 25/07/2008 à 11:58:38,92
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "royo"
Mise à jour le 19.07.2008 à 20h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier Navipromo trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" :
* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 25/07/2008 à 12:00:39,45 ***
Search Navipromo version 3.6.1 commencé le 25/07/2008 à 11:58:38,92
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "royo"
Mise à jour le 19.07.2008 à 20h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier Navipromo trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" :
* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 25/07/2008 à 12:00:39,45 ***
http://www.assistepc.com/forum/lop-s-d-nettoyer-les-infections-de-l-adware-lop-vt686.html
Suis les consignes et arrêtes toi à l'option 1, en postant le log comme pour navilog1
Suis les consignes et arrêtes toi à l'option 1, en postant le log comme pour navilog1
voila la suite...en tout cas merci beaucoup!
--------------------\\ Lop S&D 4.2.2-3 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]
[ USER : royo ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 25/07/2008 | 13:09:03,53 ] [ PC : ORDI554856 ]
[ MAJ : 22-07-2008 | 17:35 ]
--------------------\\ Listing des dossiers dans Application Data
[01/07/2008|11:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/07/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[23/07/2008|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat
[19/06/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/07/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[20/07/2008|00:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[04/07/2008|22:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/06/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[19/06/2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[18/07/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[18/07/2008|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[18/07/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[18/07/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/07/2008|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/06/2008|17:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/06/2008|16:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/07/2008|18:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[04/07/2008|00:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[07/07/2008|12:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Mozilla
[13/07/2008|00:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[01/07/2008|11:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[19/06/2008|17:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[19/06/2008|17:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[23/07/2008|13:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe
[19/06/2008|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[19/06/2008|17:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[02/07/2008|21:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[04/07/2008|00:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic
[04/07/2008|21:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[19/06/2008|11:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[24/07/2008|21:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[19/06/2008|17:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[04/07/2008|21:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[02/07/2008|22:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\teamspeak2
[18/07/2008|23:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Teleca
[09/07/2008|16:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[09/07/2008|16:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\XnView
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/07/2008 13:00][--ah-----] C:\WINDOWS\tasks\A2B656A29185CB36.job
[25/07/2008 11:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A2B656A29185CB36.job )=( c:\docume~1\propri~1\applic~1\forkwm~1\ForJunkSect.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[01/07/2008|11:34] C:\Program Files\Adobe
[04/07/2008|00:28] C:\Program Files\AVG
[07/07/2008|14:05] C:\Program Files\ComPlus Applications
[18/07/2008|23:47] C:\Program Files\Disc2Phone
[20/07/2008|00:23] C:\Program Files\DivX
[18/07/2008|23:34] C:\Program Files\Fichiers communs
[23/07/2008|13:08] C:\Program Files\fork wma dupe
[19/06/2008|17:02] C:\Program Files\GIGABYTE
[04/07/2008|20:39] C:\Program Files\GRISOFT
[13/07/2008|19:11] C:\Program Files\GUILD WARS
[07/07/2008|12:44] C:\Program Files\InstallShield Installation Information
[01/07/2008|12:52] C:\Program Files\Intel
[18/07/2008|23:42] C:\Program Files\Internet Explorer
[19/06/2008|17:37] C:\Program Files\IZArc
[16/07/2008|10:48] C:\Program Files\Java
[19/06/2008|17:38] C:\Program Files\K-Lite Codec Pack
[07/07/2008|14:05] C:\Program Files\Lavasoft
[19/06/2008|14:08] C:\Program Files\Messenger
[09/07/2008|14:19] C:\Program Files\Messenger Plus! Live
[19/06/2008|16:22] C:\Program Files\microsoft frontpage
[18/07/2008|23:23] C:\Program Files\Microsoft LifeCam
[19/06/2008|14:08] C:\Program Files\Movie Maker
[25/07/2008|12:59] C:\Program Files\Mozilla Firefox
[19/06/2008|17:39] C:\Program Files\MSECache
[19/06/2008|16:22] C:\Program Files\msn gaming zone
[19/07/2008|11:54] C:\Program Files\MSXML 4.0
[25/07/2008|12:01] C:\Program Files\Navilog1
[19/06/2008|17:40] C:\Program Files\Nero
[19/06/2008|14:07] C:\Program Files\NetMeeting
[16/07/2008|10:50] C:\Program Files\OpenOffice.org 2.4
[19/06/2008|14:07] C:\Program Files\Outlook Express
[12/07/2008|22:56] C:\Program Files\Pidgin
[02/07/2008|21:39] C:\Program Files\Razer
[19/06/2008|17:07] C:\Program Files\Realtek
[19/06/2008|16:21] C:\Program Files\Services en ligne
[18/07/2008|23:34] C:\Program Files\Sony Ericsson
[09/07/2008|14:08] C:\Program Files\Spybot - Search & Destroy
[21/07/2008|10:09] C:\Program Files\StuffPlug3
[19/06/2008|17:40] C:\Program Files\SuperCopier2
[05/07/2008|10:11] C:\Program Files\Sygate
[02/07/2008|22:57] C:\Program Files\Teamspeak2_RC2
[19/06/2008|16:30] C:\Program Files\Uninstall Information
[02/07/2008|21:49] C:\Program Files\Valve
[09/07/2008|16:11] C:\Program Files\VideoLAN
[09/07/2008|13:51] C:\Program Files\Windows Live
[18/07/2008|09:29] C:\Program Files\Windows Media Connect 2
[18/07/2008|09:29] C:\Program Files\Windows Media Player
[19/06/2008|14:07] C:\Program Files\Windows NT
[19/06/2008|16:21] C:\Program Files\WindowsUpdate
[19/06/2008|16:22] C:\Program Files\xerox
[19/06/2008|17:39] C:\Program Files\XnView
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/07/2008|11:33] C:\Program Files\Fichiers communs\Adobe
[19/06/2008|17:41] C:\Program Files\Fichiers communs\Ahead
[12/07/2008|22:56] C:\Program Files\Fichiers communs\GTK
[18/07/2008|23:33] C:\Program Files\Fichiers communs\InstallShield
[04/07/2008|21:40] C:\Program Files\Fichiers communs\Java
[19/06/2008|11:56] C:\Program Files\Fichiers communs\LightScribe
[09/07/2008|14:03] C:\Program Files\Fichiers communs\Microsoft Shared
[19/06/2008|16:20] C:\Program Files\Fichiers communs\MSSoap
[19/06/2008|17:14] C:\Program Files\Fichiers communs\ODBC
[19/06/2008|16:20] C:\Program Files\Fichiers communs\Services
[19/06/2008|17:14] C:\Program Files\Fichiers communs\SpeechEngines
[19/06/2008|14:07] C:\Program Files\Fichiers communs\System
[18/07/2008|23:34] C:\Program Files\Fichiers communs\Teleca Shared
[02/07/2008|22:14] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/07/2008|14:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 53 Processus )
iexplore.exe ~ [1824]
iexplore.exe ~ [2316]
iexplore.exe ~ [2320]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat\hold debug.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\cwogvpzf.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\essqorem.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\ForJunkSect.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\Stupid Draw.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\wipe close delete soft.exe
C:\Program Files\fork wma dupe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\cwogvpzf.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\essqorem.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\ForJunkSect.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\Stupid Draw.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\wipe close delete soft.exe
C:\Program Files\forkwm~1
C:\DOCUME~1\PROPRI~1\Cookies\royo@banner.cotedazurpalace[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@cotedazurpalace[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@adopt.euroclick[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@pacificpoker[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@partypoker[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@32vegas[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@banner.32vegas[2].txt
C:\WINDOWS\Tasks\A2B656A29185CB36.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Upload Build"="C:\\DOCUME~1\\PROPRI~1\\APPLIC~1\\FORKWM~1\\Stupid Draw.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Second bat creative peak"="C:\\Documents and Settings\\All Users\\Application Data\\Axis Readme Second Bat\\hold debug.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-25 13:09:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 74
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:199][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:97][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:3350][D:6]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 13:10:04,31
--------------------\\ Lop S&D 4.2.2-3 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]
[ USER : royo ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 25/07/2008 | 13:09:03,53 ] [ PC : ORDI554856 ]
[ MAJ : 22-07-2008 | 17:35 ]
--------------------\\ Listing des dossiers dans Application Data
[01/07/2008|11:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/07/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[23/07/2008|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat
[19/06/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/07/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[20/07/2008|00:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[04/07/2008|22:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/06/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[19/06/2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[18/07/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[18/07/2008|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[18/07/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[18/07/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/07/2008|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/06/2008|17:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/06/2008|16:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/07/2008|18:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[04/07/2008|00:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[07/07/2008|12:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Mozilla
[13/07/2008|00:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[01/07/2008|11:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[19/06/2008|17:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[19/06/2008|17:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[23/07/2008|13:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe
[19/06/2008|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[19/06/2008|17:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[02/07/2008|21:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[04/07/2008|00:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic
[04/07/2008|21:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[19/06/2008|11:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[24/07/2008|21:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[19/06/2008|17:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[04/07/2008|21:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[02/07/2008|22:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\teamspeak2
[18/07/2008|23:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Teleca
[09/07/2008|16:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[09/07/2008|16:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\XnView
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/07/2008 13:00][--ah-----] C:\WINDOWS\tasks\A2B656A29185CB36.job
[25/07/2008 11:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A2B656A29185CB36.job )=( c:\docume~1\propri~1\applic~1\forkwm~1\ForJunkSect.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[01/07/2008|11:34] C:\Program Files\Adobe
[04/07/2008|00:28] C:\Program Files\AVG
[07/07/2008|14:05] C:\Program Files\ComPlus Applications
[18/07/2008|23:47] C:\Program Files\Disc2Phone
[20/07/2008|00:23] C:\Program Files\DivX
[18/07/2008|23:34] C:\Program Files\Fichiers communs
[23/07/2008|13:08] C:\Program Files\fork wma dupe
[19/06/2008|17:02] C:\Program Files\GIGABYTE
[04/07/2008|20:39] C:\Program Files\GRISOFT
[13/07/2008|19:11] C:\Program Files\GUILD WARS
[07/07/2008|12:44] C:\Program Files\InstallShield Installation Information
[01/07/2008|12:52] C:\Program Files\Intel
[18/07/2008|23:42] C:\Program Files\Internet Explorer
[19/06/2008|17:37] C:\Program Files\IZArc
[16/07/2008|10:48] C:\Program Files\Java
[19/06/2008|17:38] C:\Program Files\K-Lite Codec Pack
[07/07/2008|14:05] C:\Program Files\Lavasoft
[19/06/2008|14:08] C:\Program Files\Messenger
[09/07/2008|14:19] C:\Program Files\Messenger Plus! Live
[19/06/2008|16:22] C:\Program Files\microsoft frontpage
[18/07/2008|23:23] C:\Program Files\Microsoft LifeCam
[19/06/2008|14:08] C:\Program Files\Movie Maker
[25/07/2008|12:59] C:\Program Files\Mozilla Firefox
[19/06/2008|17:39] C:\Program Files\MSECache
[19/06/2008|16:22] C:\Program Files\msn gaming zone
[19/07/2008|11:54] C:\Program Files\MSXML 4.0
[25/07/2008|12:01] C:\Program Files\Navilog1
[19/06/2008|17:40] C:\Program Files\Nero
[19/06/2008|14:07] C:\Program Files\NetMeeting
[16/07/2008|10:50] C:\Program Files\OpenOffice.org 2.4
[19/06/2008|14:07] C:\Program Files\Outlook Express
[12/07/2008|22:56] C:\Program Files\Pidgin
[02/07/2008|21:39] C:\Program Files\Razer
[19/06/2008|17:07] C:\Program Files\Realtek
[19/06/2008|16:21] C:\Program Files\Services en ligne
[18/07/2008|23:34] C:\Program Files\Sony Ericsson
[09/07/2008|14:08] C:\Program Files\Spybot - Search & Destroy
[21/07/2008|10:09] C:\Program Files\StuffPlug3
[19/06/2008|17:40] C:\Program Files\SuperCopier2
[05/07/2008|10:11] C:\Program Files\Sygate
[02/07/2008|22:57] C:\Program Files\Teamspeak2_RC2
[19/06/2008|16:30] C:\Program Files\Uninstall Information
[02/07/2008|21:49] C:\Program Files\Valve
[09/07/2008|16:11] C:\Program Files\VideoLAN
[09/07/2008|13:51] C:\Program Files\Windows Live
[18/07/2008|09:29] C:\Program Files\Windows Media Connect 2
[18/07/2008|09:29] C:\Program Files\Windows Media Player
[19/06/2008|14:07] C:\Program Files\Windows NT
[19/06/2008|16:21] C:\Program Files\WindowsUpdate
[19/06/2008|16:22] C:\Program Files\xerox
[19/06/2008|17:39] C:\Program Files\XnView
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/07/2008|11:33] C:\Program Files\Fichiers communs\Adobe
[19/06/2008|17:41] C:\Program Files\Fichiers communs\Ahead
[12/07/2008|22:56] C:\Program Files\Fichiers communs\GTK
[18/07/2008|23:33] C:\Program Files\Fichiers communs\InstallShield
[04/07/2008|21:40] C:\Program Files\Fichiers communs\Java
[19/06/2008|11:56] C:\Program Files\Fichiers communs\LightScribe
[09/07/2008|14:03] C:\Program Files\Fichiers communs\Microsoft Shared
[19/06/2008|16:20] C:\Program Files\Fichiers communs\MSSoap
[19/06/2008|17:14] C:\Program Files\Fichiers communs\ODBC
[19/06/2008|16:20] C:\Program Files\Fichiers communs\Services
[19/06/2008|17:14] C:\Program Files\Fichiers communs\SpeechEngines
[19/06/2008|14:07] C:\Program Files\Fichiers communs\System
[18/07/2008|23:34] C:\Program Files\Fichiers communs\Teleca Shared
[02/07/2008|22:14] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/07/2008|14:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 53 Processus )
iexplore.exe ~ [1824]
iexplore.exe ~ [2316]
iexplore.exe ~ [2320]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat\hold debug.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\cwogvpzf.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\essqorem.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\ForJunkSect.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\Stupid Draw.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\wipe close delete soft.exe
C:\Program Files\fork wma dupe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\cwogvpzf.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\essqorem.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\ForJunkSect.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\Stupid Draw.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\forkwm~1\wipe close delete soft.exe
C:\Program Files\forkwm~1
C:\DOCUME~1\PROPRI~1\Cookies\royo@banner.cotedazurpalace[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@cotedazurpalace[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@adopt.euroclick[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@pacificpoker[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@partypoker[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@32vegas[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\royo@banner.32vegas[2].txt
C:\WINDOWS\Tasks\A2B656A29185CB36.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Upload Build"="C:\\DOCUME~1\\PROPRI~1\\APPLIC~1\\FORKWM~1\\Stupid Draw.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Second bat creative peak"="C:\\Documents and Settings\\All Users\\Application Data\\Axis Readme Second Bat\\hold debug.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-25 13:09:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 74
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:199][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:97][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:3350][D:6]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 13:10:04,31
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
# relancez le programme.
# Dans le menu principal, tapez 2 puis validez par entrée.
* Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.
* Le nettoyage va prendre quelques minutes...
* Une fois l'opération terminée, le rapport de nettoyage s'ouvre.
colle le
# Dans le menu principal, tapez 2 puis validez par entrée.
* Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.
* Le nettoyage va prendre quelques minutes...
* Une fois l'opération terminée, le rapport de nettoyage s'ouvre.
colle le
donc voila la suite....
--------------------\\ Lop S&D 4.2.2-3 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]
[ USER : royo ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 25/07/2008 | 14:15:25,01 ] [ PC : ORDI554856 ]
[ MAJ : 22-07-2008 | 17:35 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat\hold debug.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\cwogvpzf.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\essqorem.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\ForJunkSect.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\Stupid Draw.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\wipe close delete soft.exe
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@partypoker[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@32vegas[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@banner.32vegas[2].txt
Supprime! - C:\WINDOWS\Tasks\A2B656A29185CB36.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe
Supprime! - C:\Program Files\fork wma dupe
RestaurÚ! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[01/07/2008|11:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/07/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[19/06/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/07/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[20/07/2008|00:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[04/07/2008|22:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/06/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[19/06/2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[18/07/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[18/07/2008|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[18/07/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[18/07/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/07/2008|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/06/2008|17:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/06/2008|16:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/07/2008|18:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[04/07/2008|00:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[07/07/2008|12:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Mozilla
[13/07/2008|00:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[01/07/2008|11:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[19/06/2008|17:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[19/06/2008|17:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[19/06/2008|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[19/06/2008|17:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[02/07/2008|21:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[04/07/2008|00:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic
[04/07/2008|21:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[19/06/2008|11:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[24/07/2008|21:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[19/06/2008|17:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[04/07/2008|21:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[02/07/2008|22:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\teamspeak2
[18/07/2008|23:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Teleca
[09/07/2008|16:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[09/07/2008|16:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\XnView
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/07/2008 11:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/07/2008|11:34] C:\Program Files\Adobe
[04/07/2008|00:28] C:\Program Files\AVG
[07/07/2008|14:05] C:\Program Files\ComPlus Applications
[18/07/2008|23:47] C:\Program Files\Disc2Phone
[20/07/2008|00:23] C:\Program Files\DivX
[18/07/2008|23:34] C:\Program Files\Fichiers communs
[19/06/2008|17:02] C:\Program Files\GIGABYTE
[04/07/2008|20:39] C:\Program Files\GRISOFT
[13/07/2008|19:11] C:\Program Files\GUILD WARS
[07/07/2008|12:44] C:\Program Files\InstallShield Installation Information
[01/07/2008|12:52] C:\Program Files\Intel
[18/07/2008|23:42] C:\Program Files\Internet Explorer
[19/06/2008|17:37] C:\Program Files\IZArc
[16/07/2008|10:48] C:\Program Files\Java
[19/06/2008|17:38] C:\Program Files\K-Lite Codec Pack
[07/07/2008|14:05] C:\Program Files\Lavasoft
[19/06/2008|14:08] C:\Program Files\Messenger
[09/07/2008|14:19] C:\Program Files\Messenger Plus! Live
[19/06/2008|16:22] C:\Program Files\microsoft frontpage
[18/07/2008|23:23] C:\Program Files\Microsoft LifeCam
[19/06/2008|14:08] C:\Program Files\Movie Maker
[25/07/2008|12:59] C:\Program Files\Mozilla Firefox
[19/06/2008|17:39] C:\Program Files\MSECache
[19/06/2008|16:22] C:\Program Files\msn gaming zone
[19/07/2008|11:54] C:\Program Files\MSXML 4.0
[25/07/2008|12:01] C:\Program Files\Navilog1
[19/06/2008|17:40] C:\Program Files\Nero
[19/06/2008|14:07] C:\Program Files\NetMeeting
[16/07/2008|10:50] C:\Program Files\OpenOffice.org 2.4
[19/06/2008|14:07] C:\Program Files\Outlook Express
[12/07/2008|22:56] C:\Program Files\Pidgin
[02/07/2008|21:39] C:\Program Files\Razer
[19/06/2008|17:07] C:\Program Files\Realtek
[19/06/2008|16:21] C:\Program Files\Services en ligne
[18/07/2008|23:34] C:\Program Files\Sony Ericsson
[09/07/2008|14:08] C:\Program Files\Spybot - Search & Destroy
[21/07/2008|10:09] C:\Program Files\StuffPlug3
[19/06/2008|17:40] C:\Program Files\SuperCopier2
[05/07/2008|10:11] C:\Program Files\Sygate
[02/07/2008|22:57] C:\Program Files\Teamspeak2_RC2
[19/06/2008|16:30] C:\Program Files\Uninstall Information
[02/07/2008|21:49] C:\Program Files\Valve
[09/07/2008|16:11] C:\Program Files\VideoLAN
[09/07/2008|13:51] C:\Program Files\Windows Live
[18/07/2008|09:29] C:\Program Files\Windows Media Connect 2
[18/07/2008|09:29] C:\Program Files\Windows Media Player
[19/06/2008|14:07] C:\Program Files\Windows NT
[19/06/2008|16:21] C:\Program Files\WindowsUpdate
[19/06/2008|16:22] C:\Program Files\xerox
[19/06/2008|17:39] C:\Program Files\XnView
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/07/2008|11:33] C:\Program Files\Fichiers communs\Adobe
[19/06/2008|17:41] C:\Program Files\Fichiers communs\Ahead
[12/07/2008|22:56] C:\Program Files\Fichiers communs\GTK
[18/07/2008|23:33] C:\Program Files\Fichiers communs\InstallShield
[04/07/2008|21:40] C:\Program Files\Fichiers communs\Java
[19/06/2008|11:56] C:\Program Files\Fichiers communs\LightScribe
[09/07/2008|14:03] C:\Program Files\Fichiers communs\Microsoft Shared
[19/06/2008|16:20] C:\Program Files\Fichiers communs\MSSoap
[19/06/2008|17:14] C:\Program Files\Fichiers communs\ODBC
[19/06/2008|16:20] C:\Program Files\Fichiers communs\Services
[19/06/2008|17:14] C:\Program Files\Fichiers communs\SpeechEngines
[19/06/2008|14:07] C:\Program Files\Fichiers communs\System
[18/07/2008|23:34] C:\Program Files\Fichiers communs\Teleca Shared
[02/07/2008|22:14] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/07/2008|14:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 50 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-25 14:16:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 79
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:200][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:90][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:3350][D:6]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 14:16:27,40
--------------------\\ Lop S&D 4.2.2-3 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]
[ USER : royo ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 25/07/2008 | 14:15:25,01 ] [ PC : ORDI554856 ]
[ MAJ : 22-07-2008 | 17:35 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat\hold debug.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\cwogvpzf.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\essqorem.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\ForJunkSect.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\Stupid Draw.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe\wipe close delete soft.exe
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@partypoker[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@32vegas[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\royo@banner.32vegas[2].txt
Supprime! - C:\WINDOWS\Tasks\A2B656A29185CB36.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\fork wma dupe
Supprime! - C:\Program Files\fork wma dupe
RestaurÚ! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[01/07/2008|11:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/07/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[19/06/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/07/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[20/07/2008|00:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[04/07/2008|22:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/06/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[19/06/2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[18/07/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[18/07/2008|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[18/07/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[18/07/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/07/2008|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/06/2008|17:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/06/2008|16:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/07/2008|18:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[04/07/2008|00:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[07/07/2008|12:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Mozilla
[13/07/2008|00:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[01/07/2008|11:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[19/06/2008|17:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[19/06/2008|17:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[19/06/2008|16:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[19/06/2008|17:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[02/07/2008|21:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[04/07/2008|00:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic
[04/07/2008|21:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[19/06/2008|11:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[24/07/2008|21:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[19/06/2008|17:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[04/07/2008|21:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[02/07/2008|22:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\teamspeak2
[18/07/2008|23:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Teleca
[09/07/2008|16:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[09/07/2008|16:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\XnView
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/07/2008 11:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/07/2008|11:34] C:\Program Files\Adobe
[04/07/2008|00:28] C:\Program Files\AVG
[07/07/2008|14:05] C:\Program Files\ComPlus Applications
[18/07/2008|23:47] C:\Program Files\Disc2Phone
[20/07/2008|00:23] C:\Program Files\DivX
[18/07/2008|23:34] C:\Program Files\Fichiers communs
[19/06/2008|17:02] C:\Program Files\GIGABYTE
[04/07/2008|20:39] C:\Program Files\GRISOFT
[13/07/2008|19:11] C:\Program Files\GUILD WARS
[07/07/2008|12:44] C:\Program Files\InstallShield Installation Information
[01/07/2008|12:52] C:\Program Files\Intel
[18/07/2008|23:42] C:\Program Files\Internet Explorer
[19/06/2008|17:37] C:\Program Files\IZArc
[16/07/2008|10:48] C:\Program Files\Java
[19/06/2008|17:38] C:\Program Files\K-Lite Codec Pack
[07/07/2008|14:05] C:\Program Files\Lavasoft
[19/06/2008|14:08] C:\Program Files\Messenger
[09/07/2008|14:19] C:\Program Files\Messenger Plus! Live
[19/06/2008|16:22] C:\Program Files\microsoft frontpage
[18/07/2008|23:23] C:\Program Files\Microsoft LifeCam
[19/06/2008|14:08] C:\Program Files\Movie Maker
[25/07/2008|12:59] C:\Program Files\Mozilla Firefox
[19/06/2008|17:39] C:\Program Files\MSECache
[19/06/2008|16:22] C:\Program Files\msn gaming zone
[19/07/2008|11:54] C:\Program Files\MSXML 4.0
[25/07/2008|12:01] C:\Program Files\Navilog1
[19/06/2008|17:40] C:\Program Files\Nero
[19/06/2008|14:07] C:\Program Files\NetMeeting
[16/07/2008|10:50] C:\Program Files\OpenOffice.org 2.4
[19/06/2008|14:07] C:\Program Files\Outlook Express
[12/07/2008|22:56] C:\Program Files\Pidgin
[02/07/2008|21:39] C:\Program Files\Razer
[19/06/2008|17:07] C:\Program Files\Realtek
[19/06/2008|16:21] C:\Program Files\Services en ligne
[18/07/2008|23:34] C:\Program Files\Sony Ericsson
[09/07/2008|14:08] C:\Program Files\Spybot - Search & Destroy
[21/07/2008|10:09] C:\Program Files\StuffPlug3
[19/06/2008|17:40] C:\Program Files\SuperCopier2
[05/07/2008|10:11] C:\Program Files\Sygate
[02/07/2008|22:57] C:\Program Files\Teamspeak2_RC2
[19/06/2008|16:30] C:\Program Files\Uninstall Information
[02/07/2008|21:49] C:\Program Files\Valve
[09/07/2008|16:11] C:\Program Files\VideoLAN
[09/07/2008|13:51] C:\Program Files\Windows Live
[18/07/2008|09:29] C:\Program Files\Windows Media Connect 2
[18/07/2008|09:29] C:\Program Files\Windows Media Player
[19/06/2008|14:07] C:\Program Files\Windows NT
[19/06/2008|16:21] C:\Program Files\WindowsUpdate
[19/06/2008|16:22] C:\Program Files\xerox
[19/06/2008|17:39] C:\Program Files\XnView
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/07/2008|11:33] C:\Program Files\Fichiers communs\Adobe
[19/06/2008|17:41] C:\Program Files\Fichiers communs\Ahead
[12/07/2008|22:56] C:\Program Files\Fichiers communs\GTK
[18/07/2008|23:33] C:\Program Files\Fichiers communs\InstallShield
[04/07/2008|21:40] C:\Program Files\Fichiers communs\Java
[19/06/2008|11:56] C:\Program Files\Fichiers communs\LightScribe
[09/07/2008|14:03] C:\Program Files\Fichiers communs\Microsoft Shared
[19/06/2008|16:20] C:\Program Files\Fichiers communs\MSSoap
[19/06/2008|17:14] C:\Program Files\Fichiers communs\ODBC
[19/06/2008|16:20] C:\Program Files\Fichiers communs\Services
[19/06/2008|17:14] C:\Program Files\Fichiers communs\SpeechEngines
[19/06/2008|14:07] C:\Program Files\Fichiers communs\System
[18/07/2008|23:34] C:\Program Files\Fichiers communs\Teleca Shared
[02/07/2008|22:14] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/07/2008|14:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 50 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-25 14:16:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 79
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:200][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:90][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:3350][D:6]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 14:16:27,40
voila ce que vous m'avez demandé:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:48:13, on 25/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\DOCUME~1\PROPRI~1\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.camusinformatique.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSEasyInstallX.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:48:13, on 25/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\DOCUME~1\PROPRI~1\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.camusinformatique.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSEasyInstallX.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
Ok c'est tout propre !
Ouvre Hijackthis et fais un scan only, puis tu coches cette ligne :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Puis fix checked !
tes problèmes persistent-ils ?
Ouvre Hijackthis et fais un scan only, puis tu coches cette ligne :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Puis fix checked !
tes problèmes persistent-ils ?
ah voila je n'ai plus rien, merci beaucoup pour votre aide.Vous m'avez vraiment bien guider, j'espère qu'elles ne vont plus revenir car bon c'est assez ennuyant.En tout cas un grand merci à vous et puis ben à bientot peut-être.Bonne fin de soirée.
Il existe un logiciel nommé Ccleaner, qui vous permet de supprimer tout les fichiers inutiles de votre ordinateur, parfois responsables de la lenteur :
https://filehippo.com/download_ccleaner/
Et son Tuto :
http://cofofides.heberg-forum.net/ftopic615_ccleaner-tutoriel-en-image.html
Voilà c'est fini ! Tu peux désinstaller Hijackthis sans souci.
Ciao et bonnes vacances
https://filehippo.com/download_ccleaner/
Et son Tuto :
http://cofofides.heberg-forum.net/ftopic615_ccleaner-tutoriel-en-image.html
Voilà c'est fini ! Tu peux désinstaller Hijackthis sans souci.
Ciao et bonnes vacances
