Sujet Précédent Sujet Suivant

Spyware rapport hijackthis

made72 Messages postés 12 Statut Membre -  
E..T Messages postés 6565 Statut Contributeur -
Bonjour,
J'ai des spywares qui s'ouvre toujours quand je navigue.J'ai essayé de nettoyer avec avg et malwarebyte sans succès. J'ai fait un scan avec hijack et je demande de l'aide pour la suite ou s'il faut tout refaire . Merci.

nb: mon ordinateur est en italien
Voici le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.38.20, on 05/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\documents and settings\alicetuttoincluso\impostazioni locali\dati applicazioni\mseqs.exe
C:\Programmi\VoipCheapCom\VoipCheapCom.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\AVG\AVG8\avgui.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\alicetuttoincluso\Documenti\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.alice.it/search/home/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crazybit.altervista.org/start.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.camfrog.com/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.crazybit.altervista.org/start.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Programmi\MSN Messenger\htc.8.1.0178.00.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programmi\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [mseqs] c:\documents and settings\alicetuttoincluso\impostazioni locali\dati applicazioni\mseqs.exe mseqs
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Programmi\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7B53E5A-C918-4176-A3C7-F0667887B141}: NameServer = 193.70.152.25 193.70.192.25
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: OneCard - C:\Programmi\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
A voir également:

22 réponses

  • 1
  • 2
Réponse 1 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
Bonsoir,

Télécharge Navilog1 depuis-ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog présent sur ton bureau et choisis "Exécuter en tant qu'administrateur".

Au menu principal, Fais le choix 1
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le bloc note va s'ouvrir.
Copie-colle l'intégralité du rapport ici.

@++
0
Réponse 2 / 22
made72 Messages postés 12 Statut Membre
 
bonjour E..T et un grand merci.
Voici le rapport:

Search Navipromo version 3.6.1 commencé le 06/08/2008 à 14.33.46,17

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Programmi\navilog1
Session actuelle : "alicetuttoincluso"

Mise à jour le 19.07.2008 à 20h00 par IL-MAFIOSO

Microsoft Windows XP [Versione 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

Favorit

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Programmi" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menuav~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menuav~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\datiap~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\alicetuttoincluso\datiap~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.YOU\datiap~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\alicetuttoincluso\impost~1\datiap~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.YOU\impost~1\datiap~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\alicetuttoincluso\menuav~1\progra~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.YOU\menuav~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier Navipromo trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\alicetuttoincluso\impost~1\datiap~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1.YOU\impost~1\datiap~1" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

* Dans "C:\Documents and Settings\alicetuttoincluso\impost~1\datiap~1" :

mseqs.dat trouvé !
mseqs_nav.dat trouvé !
mseqs_navps.dat trouvé !

* Dans "C:\DOCUME~1\ADMINI~1.YOU\impost~1\datiap~1" :

3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 06/08/2008 à 14.38.47,17 ***
0
Réponse 3 / 22
Utilisateur anonyme
 
bonjour

pour faire avancer

tu cliques sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valides.
(ne fais pas le choix ,3 ou 4 sans notre avis/accord)

Le fix va t'informer qu'il va alors redémarrer ton PC
Fermes toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuies sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le bloc-notes. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.

Poste le rapport
0
Réponse 4 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
made72 fait ce que shion-ares, t'as dit ;-)
+++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
made72 Messages postés 12 Statut Membre
 
Bonsoir shion-ares et merci ,bonsoir E..T et merci encore.

Voici le rapport:

mseqs.dat trouvé !
Copie mseqs.dat réalisée avec succès !
mseqs.dat supprimé !

mseqs_nav.dat trouvé !
Copie mseqs_nav.dat réalisée avec succès !
mseqs_nav.dat supprimé !

mseqs_navps.dat trouvé !
Copie mseqs_navps.dat réalisée avec succès !
mseqs_navps.dat supprimé !

* Dans "C:\DOCUME~1\ADMINI~1.YOU\impost~1\datiap~1" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 06/08/2008 à 21.56.00,89 ***
0
Réponse 6 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
Ok on continue

Fais ce qui suit :

* Télécharge MalwareByte's Anti-Malware (by RubbeR DuckY) :
*http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
* Installe le programme sur le bureau :

o S'il manque le fichier COMCTL32.OCX, télécharge le ici

* Fais les mises à jour (clic sur Mises à jour puis Recherche de mises à jour)

* Démarre en mode sans échec
Comment faire >> https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
Redémarres l’ordinateur
Dès le chargement du BIOS, commences à appuyer sur la touche F8 de ton clavier,i jusqu'au ou le menu des options avancées de Windows apparait.
Sélectionne "Mode sans échec" dans le menu puis appuyez sur Entrée.

* Lance MalwareByte's Anti-Malware, clique sur Exécuter un examen complet puis Rechercher et sélectionnez tous tes disques durs

* Une fois le scan terminé, clique sur supprimer (si un message te demande de redémarrer le PC, accepte.)

* Un rapport sera généré, enregistre le de manière à le retrouver sur ton bureau par exemple et poste le ici.

@++
0
made72 Messages postés 12 Statut Membre
 
Bonsoir E..T , bonsoir shion-ares merci infiniment à tous les deux et à tous ceux qui travaillent autour de ce fantastique forum et de ce site.

Tout semble aller bien les fenetres ne s'ouvrent plus.
Voici le rapport:


Malwarebytes' Anti-Malware 1.24
Database version: 1031
Windows 5.1.2600 Service Pack 2

22.18.53 07/08/2008
mbam-log-8-7-2008 (22-18-53).txt

Scan type: Full Scan (C:\|)
Objects scanned: 102922
Time elapsed: 24 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
0
Réponse 7 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
Ouep,

On continue ;-) et c'est vrai qu'il déglingue ce forum.

Alors télécharge >> Lop S&D.exe << puis enregistres-le sur ton Bureau .
double-clic sur le fichier LopSD.exe suffira à lancer l'installation
Accepte le contat de licence
Créer le répertoire de destination, accepte en cliquant sur oui
Un raccourci sera créé sur ton Bureau.
Double clic dessus.
Choisis la langue f pour Français puis valide par Entrée.
Choisis l'option Recherche en saisissant 1 valides par Entrée.
Patiente le temps du scan
A la fin du scan un rapport sera généré et s'ouvrira automatiquement dans le Bloc-Notes.
Copies-colles le contenu de ce rapport ici.
>>On le trouve aussi en %systemdrive%\LopR.txt
0
Réponse 8 / 22
made72 Messages postés 12 Statut Membre
 
Bonjour,

Voici le rapport:

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : alicetuttoincluso ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 08/08/2008 | 11.55.43,32 ] [ PC : YOUR-A47779BE2C ]
[ MAJ : 01-08-2008 | 01:40 ]

--------------------\\ Listing des dossiers dans DATIAP~1

[30/08/2004|14.56] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\desktop.ini
[27/09/2006|17.54] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Identities
[05/08/2008|13.36] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Malwarebytes
[07/08/2008|13.40] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Microsoft
[07/08/2008|14.38] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Mozilla
[21/09/2006|12.58] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\SampleView
[27/09/2006|17.54] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Symantec
[1|File] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\byte
[8|Directory] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\byte disponibili

[19/02/2008|20.38] C:\DOCUME~1\ALICET~1\DATIAP~1\Adobe
[03/03/2007|20.41] C:\DOCUME~1\ALICET~1\DATIAP~1\AdobeUM
[17/02/2008|14.22] C:\DOCUME~1\ALICET~1\DATIAP~1\Any Video Converter
[10/02/2007|16.39] C:\DOCUME~1\ALICET~1\DATIAP~1\ArcSoft
[25/05/2007|17.05] C:\DOCUME~1\ALICET~1\DATIAP~1\Camfrog
[10/06/2007|18.47] C:\DOCUME~1\ALICET~1\DATIAP~1\CamfrogBar
[28/01/2008|14.01] C:\DOCUME~1\ALICET~1\DATIAP~1\ConvertTemp
[14/01/2007|18.50] C:\DOCUME~1\ALICET~1\DATIAP~1\Creative
[30/08/2004|14.56] C:\DOCUME~1\ALICET~1\DATIAP~1\desktop.ini
[17/12/2007|21.45] C:\DOCUME~1\ALICET~1\DATIAP~1\FunWebProducts
[01/03/2007|15.03] C:\DOCUME~1\ALICET~1\DATIAP~1\Google
[15/01/2007|09.44] C:\DOCUME~1\ALICET~1\DATIAP~1\Help
[15/01/2007|09.58] C:\DOCUME~1\ALICET~1\DATIAP~1\ICQLite
[27/09/2006|17.53] C:\DOCUME~1\ALICET~1\DATIAP~1\Identities
[06/07/2007|12.40] C:\DOCUME~1\ALICET~1\DATIAP~1\InterVideo
[07/02/2007|18.14] C:\DOCUME~1\ALICET~1\DATIAP~1\Jasc Software Inc
[27/09/2006|17.53] C:\DOCUME~1\ALICET~1\DATIAP~1\Leadertech
[27/09/2006|17.53] C:\DOCUME~1\ALICET~1\DATIAP~1\Macromedia
[25/07/2008|21.29] C:\DOCUME~1\ALICET~1\DATIAP~1\Malwarebytes
[17/03/2008|21.28] C:\DOCUME~1\ALICET~1\DATIAP~1\Microsoft
[16/03/2008|13.08] C:\DOCUME~1\ALICET~1\DATIAP~1\Mozilla
[16/02/2008|11.08] C:\DOCUME~1\ALICET~1\DATIAP~1\NCH Swift Sound
[05/05/2008|12.03] C:\DOCUME~1\ALICET~1\DATIAP~1\Netscape
[14/07/2008|12.19] C:\DOCUME~1\ALICET~1\DATIAP~1\Nokia
[14/07/2008|12.19] C:\DOCUME~1\ALICET~1\DATIAP~1\PC Suite
[21/09/2006|12.57] C:\DOCUME~1\ALICET~1\DATIAP~1\SampleView
[28/01/2008|14.01] C:\DOCUME~1\ALICET~1\DATIAP~1\Samsung
[04/07/2007|22.58] C:\DOCUME~1\ALICET~1\DATIAP~1\Skype
[03/07/2007|20.03] C:\DOCUME~1\ALICET~1\DATIAP~1\SolSuite
[27/09/2006|17.53] C:\DOCUME~1\ALICET~1\DATIAP~1\Sonic
[25/01/2007|18.24] C:\DOCUME~1\ALICET~1\DATIAP~1\Sun
[28/01/2008|14.01] C:\DOCUME~1\ALICET~1\DATIAP~1\Temporary
[28/01/2008|14.01] C:\DOCUME~1\ALICET~1\DATIAP~1\TransRender
[04/08/2008|22.25] C:\DOCUME~1\ALICET~1\DATIAP~1\VoipCheapCom
[17/03/2008|21.44] C:\DOCUME~1\ALICET~1\DATIAP~1\XnView
[1|File] C:\DOCUME~1\ALICET~1\DATIAP~1\byte
[36|Directory] C:\DOCUME~1\ALICET~1\DATIAP~1\byte disponibili

[19/01/2008|10.15] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[03/08/2008|21.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\avg8
[25/09/2007|06.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\AVS4YOU
[13/03/2007|22.00] C:\DOCUME~1\ALLUSE~1\DATIAP~1\BVRP Software
[30/08/2004|14.56] C:\DOCUME~1\ALLUSE~1\DATIAP~1\desktop.ini
[01/09/2007|03.12] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Downloaded Installations
[14/01/2007|11.23] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Google
[26/07/2008|21.15] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Grisoft
[27/09/2006|17.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\hpqLog
[13/07/2008|12.58] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Installations
[27/09/2006|17.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\InstallShield
[28/01/2008|13.57] C:\DOCUME~1\ALLUSE~1\DATIAP~1\LauncherAccess.dt
[25/07/2008|21.29] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[10/02/2008|08.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\MGS
[28/01/2008|14.24] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[28/07/2008|02.34] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft Help
[27/11/2007|15.41] C:\DOCUME~1\ALLUSE~1\DATIAP~1\NCH Software
[27/11/2007|15.40] C:\DOCUME~1\ALLUSE~1\DATIAP~1\NCH Swift Sound
[29/07/2008|21.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Office Genuine Advantage
[14/07/2008|12.19] C:\DOCUME~1\ALLUSE~1\DATIAP~1\PC Suite
[27/09/2006|17.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SBSI
[14/01/2007|14.50] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Skype
[17/03/2008|09.54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Spybot - Search & Destroy
[27/09/2006|17.54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Telecom Italia
[14/01/2007|21.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[14/01/2007|18.20] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Yahoo!
[24/02/2008|16.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Yahoo! Companion
[11/03/2007|18.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Zylom
[2|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[28|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili

[30/08/2004|14.56] C:\DOCUME~1\DEFAUL~1\DATIAP~1\desktop.ini
[27/09/2006|17.54] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Identities
[27/09/2006|17.54] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[21/09/2006|12.58] C:\DOCUME~1\DEFAUL~1\DATIAP~1\SampleView
[27/09/2006|17.54] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Symantec
[1|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[6|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili

[03/08/2008|21.08] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili

[03/08/2008|21.08] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[08/08/2008 11.37][--ah-----] C:\WINDOWS\tasks\SA.DAT
[19/08/2004 10.00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Programmi

[19/01/2008|10.14] C:\Programmi\Adobe
[25/02/2007|14.15] C:\Programmi\Alice ti aiuta
[26/07/2008|21.25] C:\Programmi\Alwil Software
[27/09/2006|17.56] C:\Programmi\Analog Devices
[29/01/2007|18.37] C:\Programmi\ArcSoft
[03/08/2008|21.11] C:\Programmi\AVG
[15/02/2008|19.30] C:\Programmi\AviSynth 2.5
[27/01/2007|23.19] C:\Programmi\BitTorrent
[27/09/2006|17.56] C:\Programmi\Broadcom
[20/03/2007|21.08] C:\Programmi\C6 Messenger
[29/08/2007|21.51] C:\Programmi\Camfrog
[03/08/2008|21.39] C:\Programmi\CCleaner
[27/09/2006|17.56] C:\Programmi\Collegamenti programmi
[21/09/2006|12.59] C:\Programmi\ComPlus Applications
[13/07/2008|13.01] C:\Programmi\DIFX
[07/03/2007|14.44] C:\Programmi\EA GAMES
[17/03/2008|14.04] C:\Programmi\EMCO Malware Destroyer
[04/08/2008|04.17] C:\Programmi\File comuni
[27/09/2006|17.56] C:\Programmi\Fingerprint Sensor
[23/02/2008|20.56] C:\Programmi\FLV Player
[15/02/2008|19.37] C:\Programmi\Foto2Avi
[01/03/2007|15.02] C:\Programmi\Google
[27/09/2006|17.56] C:\Programmi\Hewlett-Packard
[27/09/2006|17.56] C:\Programmi\Hp
[27/09/2006|17.56] C:\Programmi\HPQ
[14/01/2007|14.58] C:\Programmi\ICQToolbar
[16/03/2008|15.30] C:\Programmi\ICTS-WinTrader
[17/03/2008|13.53] C:\Programmi\InstallShield Installation Information
[27/09/2006|17.57] C:\Programmi\Intel
[28/07/2008|02.34] C:\Programmi\Internet Explorer
[27/09/2006|17.57] C:\Programmi\InterVideo
[14/07/2007|21.29] C:\Programmi\Intuwave Ltd
[20/01/2008|12.51] C:\Programmi\IrfanView
[25/02/2008|16.49] C:\Programmi\IVCsoft
[07/02/2007|18.14] C:\Programmi\Jasc Software Inc
[15/05/2007|15.16] C:\Programmi\Java
[02/01/2008|15.23] C:\Programmi\Kate's Video Converter
[14/02/2008|22.22] C:\Programmi\KeepV Converter
[15/02/2006|18.31] C:\Programmi\LHSP
[13/03/2007|21.19] C:\Programmi\LiveUpdate
[07/08/2008|21.30] C:\Programmi\Malwarebytes' Anti-Malware
[02/04/2008|11.42] C:\Programmi\MessengerDiscovery
[15/01/2007|09.44] C:\Programmi\micla-multimedia
[14/05/2007|23.49] C:\Programmi\Microsoft CAPICOM 2.1.0.2
[27/09/2006|17.57] C:\Programmi\microsoft frontpage
[09/02/2007|22.05] C:\Programmi\Microsoft Office
[09/02/2007|22.05] C:\Programmi\Microsoft Visual Studio
[09/02/2007|22.00] C:\Programmi\Microsoft Visual Studio 8
[09/02/2007|22.06] C:\Programmi\Microsoft Works
[09/02/2007|22.04] C:\Programmi\Microsoft.NET
[13/03/2007|21.19] C:\Programmi\mobile PhoneTools
[14/07/2007|21.30] C:\Programmi\Motorola
[27/09/2006|17.57] C:\Programmi\Movie Maker
[08/08/2008|11.46] C:\Programmi\Mozilla Firefox
[17/03/2008|13.54] C:\Programmi\Mozilla Firefox 3 Beta 4
[09/02/2007|22.05] C:\Programmi\MSBuild
[27/09/2006|17.57] C:\Programmi\MSN Gaming Zone
[07/10/2007|21.44] C:\Programmi\MSN Messenger
[16/03/2007|18.43] C:\Programmi\MSXML 4.0
[06/08/2008|21.56] C:\Programmi\Navilog1
[16/02/2008|11.08] C:\Programmi\NCH Swift Sound
[14/01/2007|21.26] C:\Programmi\NetMeeting
[02/05/2008|13.10] C:\Programmi\Netscape
[04/08/2008|04.17] C:\Programmi\Nokia
[13/06/2007|16.23] C:\Programmi\Outlook Express
[13/07/2008|13.01] C:\Programmi\PC Connectivity Solution
[16/02/2008|11.06] C:\Programmi\Photo Toolkit
[14/02/2008|20.52] C:\Programmi\Riva
[27/09/2006|17.57] C:\Programmi\RSS Reader
[28/01/2008|13.52] C:\Programmi\Samsung
[27/09/2006|17.57] C:\Programmi\Servizi in linea
[05/07/2007|16.49] C:\Programmi\Skype
[14/02/2008|23.09] C:\Programmi\Smallvideosoft
[15/01/2007|09.32] C:\Programmi\SolSuite
[27/09/2006|17.57] C:\Programmi\Sonic
[17/03/2008|10.52] C:\Programmi\Spybot - Search & Destroy
[01/06/2008|13.31] C:\Programmi\Straighthold Trader
[19/02/2007|21.28] C:\Programmi\Symbian
[27/09/2006|17.58] C:\Programmi\Synaptics
[27/09/2006|17.58] C:\Programmi\Telecom Italia
[23/08/2007|02.37] C:\Programmi\Telsey W-Gate USB
[27/04/2007|17.32] C:\Programmi\Ubisoft
[24/02/2008|12.54] C:\Programmi\Uninstall Information
[04/08/2008|04.12] C:\Programmi\VoipCheapCom
[27/09/2006|17.59] C:\Programmi\WIDCOMM
[14/01/2007|23.47] C:\Programmi\Windows Media Connect
[14/01/2007|23.50] C:\Programmi\Windows Media Connect 2
[14/01/2007|23.50] C:\Programmi\Windows Media Player
[27/09/2006|17.59] C:\Programmi\Windows NT
[21/09/2006|12.59] C:\Programmi\WindowsUpdate
[15/01/2007|09.24] C:\Programmi\WinZip
[27/09/2006|17.59] C:\Programmi\xerox
[20/01/2008|18.20] C:\Programmi\XnView
[23/02/2008|20.56] C:\Programmi\Yahoo!
[0|File] C:\Programmi\byte
[96|Directory] C:\Programmi\byte disponibili

--------------------\\ Listing des dossiers dans C:\Programmi\File comuni

[19/01/2008|10.14] C:\Programmi\File comuni\Adobe
[29/01/2007|18.39] C:\Programmi\File comuni\ArcSoft
[25/09/2007|06.52] C:\Programmi\File comuni\AVSMedia
[09/02/2007|22.05] C:\Programmi\File comuni\DESIGNER
[05/03/2007|22.53] C:\Programmi\File comuni\DirectX
[27/09/2006|17.56] C:\Programmi\File comuni\InstallShield
[07/02/2007|18.15] C:\Programmi\File comuni\Jasc Software Inc
[27/09/2006|17.56] C:\Programmi\File comuni\Java
[27/09/2006|17.56] C:\Programmi\File comuni\LightScribe
[03/08/2008|21.10] C:\Programmi\File comuni\Microsoft Shared
[15/03/2007|15.47] C:\Programmi\File comuni\Motorola Shared
[27/09/2006|17.56] C:\Programmi\File comuni\MSSoap
[27/09/2006|17.56] C:\Programmi\File comuni\ODBC
[15/01/2007|09.44] C:\Programmi\File comuni\OsrBkpRtd
[27/09/2006|17.56] C:\Programmi\File comuni\Services
[27/09/2006|17.56] C:\Programmi\File comuni\Sonic Shared
[27/09/2006|17.56] C:\Programmi\File comuni\SpeechEngines
[27/09/2006|17.56] C:\Programmi\File comuni\SureThing Shared
[14/02/2008|14.20] C:\Programmi\File comuni\SWF Studio
[25/07/2008|21.23] C:\Programmi\File comuni\Symantec Shared
[13/06/2007|16.30] C:\Programmi\File comuni\System
[27/09/2006|17.56] C:\Programmi\File comuni\TiVo Shared
[0|File] C:\Programmi\File comuni\byte
[24|Directory] C:\Programmi\File comuni\byte disponibili

--------------------\\ Process

( 37 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-08 11:56:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 5

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:23][D:6]-> C:\DOCUME~1\ALICET~1\IMPOST~1\Temp
[F:11][D:0]-> C:\DOCUME~1\ALICET~1\Cookies
[F:451][D:5]-> C:\DOCUME~1\ALICET~1\IMPOST~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 11.57.45,04
0
Réponse 9 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
Rien sur le rapport des lop sd .
Met un nouveau rapport hijackthis s'il te plait, merki ;-)
@++
0
made72 Messages postés 12 Statut Membre
 
Bonsoir , E..T

avec plaisir voici le nouveau rapport ;-)


Malwarebytes' Anti-Malware 1.24
Database version: 1034
Windows 5.1.2600 Service Pack 2

21.29.12 08/08/2008
mbam-log-8-8-2008 (21-29-12).txt

Scan type: Full Scan (C:\|)
Objects scanned: 104043
Time elapsed: 25 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
0
Réponse 10 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
Bonsoir made72,

Pas un rapport Malwarebytes' Anti-Malware, un rapport hijack comme dans ton premier message ;-)

++
0
Réponse 11 / 22
made72 Messages postés 12 Statut Membre
 
Bonjour E..T
Désolé le voici

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.34.58, on 09/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\Programmi\VoipCheapCom\VoipCheapCom.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\DOCUME~1\ALICET~1\IMPOST~1\Temp\Directory temporanea 1 per HiJackThis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.alice.it/search/home/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crazybit.altervista.org/start.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.camfrog.com/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.crazybit.altervista.org/start.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Programmi\MSN Messenger\htc.8.1.0178.00.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programmi\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Programmi\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: OneCard - C:\Programmi\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 12 / 22
made72 Messages postés 12 Statut Membre
 
Bonjour E..T

Pour l'instant plus de spyware ,je navigue sans probleme...

+++
0
Réponse 13 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
Ouep,

On y retourne

* Télécharge SDFix depuis ce lien : http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
* Enregistre SDFix sur ton bureau
* Double-clique sur l'icone SDFix
* Une fenêtre s'ouvre, laisse les options telles quelles puis clique sur le bouton InstallSDFix .

Pour la suite le nettoyage se fait en mode sans échec.

Pour redémarrer en mode sans échec :

* Redémarre ton PC, avant le logo Windows et après le changement du premier écran
* Tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuie sur la touche entrée du clavier.
* Pour plus d'informations, voir la page comment redémarrer en mode sans échec

* Une fois en mode sans échec, clique sur le menu Démarrer puis Exécuter et colle la commande suivant :
C:\SDFix\RunThis.bat
* Cliquez sur OK.
* Une fenêtre noire s'ouvre vous donnant la version du Fix.
* Appuyez sur la touche Y (pour yes) du clavier et appuyez sur Entrée

*A ce moment le bureau (Menu Démarrer etc.) va disparaître.

* Le Fix commence son travail, cela peut durer une trentaines de minutes
* Une fois les opérations de nettoyage effectuées... SDFix signale que l'ordinateur doit être redémarré :

>>>The PC Will now restart

* Appuie sur une touche du clavier

* L'ordinateur va redémarrer normalement.
* Avant d'arriver sur le bureau, une nouvelle fenêtre de SDFix va s'ouvrir. Ca peut durer cinq minutes...

>> Le rapport SDFix s'ouvre alors fais un copier coller et envoi le.

Si tu as peur d'oublier des trucs enregistre les sur ton bureau avec un fichier texte comme ça tu les auras même lors du mode sans échec.

@++
0
Réponse 14 / 22
made72 Messages postés 12 Statut Membre
 
Bonsoir E..T

Quelque difficulté pour la procedure mais je crois que j'ai réussi à le faire.
Voici le rapport:

Rebooting

[b]Checking Files [/b]:

No Trojan Files Found

Removing Temp Files

[b]ADS Check [/b]:

[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-10 22:07:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272c38152]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd5034a2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd506b32]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000272c38152]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd5034a2]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd506b32]

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services [/b]:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"="C:\\Programmi\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"
"C:\\Programmi\\MessengerDiscovery\\MessengerDiscovery Live.exe"="C:\\Programmi\\MessengerDiscovery\\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon"
"C:\\Programmi\\AVG\\AVG8\\avgupd.exe"="C:\\Programmi\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Programmi\\VoipCheapCom\\VoipCheapCom.exe"="C:\\Programmi\\VoipCheapCom\\VoipCheapCom.exe:*:Enabled:VoipCheapCom"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[b]Remaining Files [/b]:

[b]Files with Hidden Attributes [/b]:

Sun 19 Mar 2006 262,144 A.SH. --- "C:\Programmi\MessengerDiscovery\SpellCHK.exe"
Fri 20 Apr 2007 11,264 A..H. --- "C:\Programmi\MSN Messenger\VERSION.dll"
Fri 20 Apr 2007 10,752 A..H. --- "C:\Programmi\MSN Messenger\WINHTTP.dll"
Sun 14 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 25 Jun 2008 2,457,208 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\069dce5b3a6a576c9856befb57fca0a9\BIT2.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT8.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BITB.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT7.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2d9afc485ff57441ce14a08241df89e8\BITD.tmp"
Sun 20 Apr 2008 15,484,992 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4ba0ad982c16e63711f73f8cd883c8e3\BITE.tmp"
Mon 5 May 2008 24,758,792 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT6.tmp"
Fri 25 Jul 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5d4b73873fce556a32881df9d54cb4bc\BIT3.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7452b08c68a034a087747e2105b89e38\BIT9.tmp"
Tue 8 Jul 2008 3,370,905 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9d8d11b4843c08ba3b14540db008a873\BIT5.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c202581e4b290198e7f9b8b4ba19ddeb\BITA.tmp"
Sun 20 Apr 2008 1,247,784 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c8cd841684d41faf003c17f453a5ab5e\BIT2.tmp"
Wed 25 Jun 2008 8,723,064 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc60d8716d384e35a0e06fa6ac381a18\BITC.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BITC.tmp"

[b]Finished![/b]
0
Réponse 15 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
Ouep,
Réouvres lopsd 'message 8) et fais ce qui suit
Refais la même chose mais la tu choisis le choix 2
Laisse travailler le pc
Une fois le nettoyage fini ,une recherche sera relancée et un rapport
s'ouvrira automatiquement dans le Bloc-Notes.
Copies-colles le contenu de ce rapport sur le forum.
@++
0
Réponse 16 / 22
made72 Messages postés 12 Statut Membre
 
Bonsoir E..T

Voici le rapport:

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : alicetuttoincluso ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 12/08/2008 | 22.06.08,92 ] [ PC : YOUR-A47779BE2C ]
[ MAJ : 01-08-2008 | 01:40 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

RestaurÚ! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans DATIAP~1

[30/08/2004|14.56] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\desktop.ini
[27/09/2006|17.54] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Identities
[05/08/2008|13.36] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Malwarebytes
[10/08/2008|21.27] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Microsoft
[07/08/2008|14.38] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Mozilla
[21/09/2006|12.58] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\SampleView
[27/09/2006|17.54] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\Symantec
[1|File] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\byte
[8|Directory] C:\DOCUME~1\ADMINI~1.YOU\DATIAP~1\byte disponibili

[19/02/2008|20.38] C:\DOCUME~1\ALICET~1\DATIAP~1\Adobe
[03/03/2007|20.41] C:\DOCUME~1\ALICET~1\DATIAP~1\AdobeUM
[17/02/2008|14.22] C:\DOCUME~1\ALICET~1\DATIAP~1\Any Video Converter
[10/02/2007|16.39] C:\DOCUME~1\ALICET~1\DATIAP~1\ArcSoft
[25/05/2007|17.05] C:\DOCUME~1\ALICET~1\DATIAP~1\Camfrog
[10/06/2007|18.47] C:\DOCUME~1\ALICET~1\DATIAP~1\CamfrogBar
[28/01/2008|14.01] C:\DOCUME~1\ALICET~1\DATIAP~1\ConvertTemp
[14/01/2007|18.50] C:\DOCUME~1\ALICET~1\DATIAP~1\Creative
[30/08/2004|14.56] C:\DOCUME~1\ALICET~1\DATIAP~1\desktop.ini
[17/12/2007|21.45] C:\DOCUME~1\ALICET~1\DATIAP~1\FunWebProducts
[01/03/2007|15.03] C:\DOCUME~1\ALICET~1\DATIAP~1\Google
[15/01/2007|09.44] C:\DOCUME~1\ALICET~1\DATIAP~1\Help
[15/01/2007|09.58] C:\DOCUME~1\ALICET~1\DATIAP~1\ICQLite
[27/09/2006|17.53] C:\DOCUME~1\ALICET~1\DATIAP~1\Identities
[06/07/2007|12.40] C:\DOCUME~1\ALICET~1\DATIAP~1\InterVideo
[07/02/2007|18.14] C:\DOCUME~1\ALICET~1\DATIAP~1\Jasc Software Inc
[27/09/2006|17.53] C:\DOCUME~1\ALICET~1\DATIAP~1\Leadertech
[27/09/2006|17.53] C:\DOCUME~1\ALICET~1\DATIAP~1\Macromedia
[25/07/2008|21.29] C:\DOCUME~1\ALICET~1\DATIAP~1\Malwarebytes
[17/03/2008|21.28] C:\DOCUME~1\ALICET~1\DATIAP~1\Microsoft
[16/03/2008|13.08] C:\DOCUME~1\ALICET~1\DATIAP~1\Mozilla
[16/02/2008|11.08] C:\DOCUME~1\ALICET~1\DATIAP~1\NCH Swift Sound
[05/05/2008|12.03] C:\DOCUME~1\ALICET~1\DATIAP~1\Netscape
[14/07/2008|12.19] C:\DOCUME~1\ALICET~1\DATIAP~1\Nokia
[14/07/2008|12.19] C:\DOCUME~1\ALICET~1\DATIAP~1\PC Suite
[21/09/2006|12.57] C:\DOCUME~1\ALICET~1\DATIAP~1\SampleView
[28/01/2008|14.01] C:\DOCUME~1\ALICET~1\DATIAP~1\Samsung
[04/07/2007|22.58] C:\DOCUME~1\ALICET~1\DATIAP~1\Skype
[03/07/2007|20.03] C:\DOCUME~1\ALICET~1\DATIAP~1\SolSuite
[27/09/2006|17.53] C:\DOCUME~1\ALICET~1\DATIAP~1\Sonic
[25/01/2007|18.24] C:\DOCUME~1\ALICET~1\DATIAP~1\Sun
[28/01/2008|14.01] C:\DOCUME~1\ALICET~1\DATIAP~1\Temporary
[28/01/2008|14.01] C:\DOCUME~1\ALICET~1\DATIAP~1\TransRender
[09/08/2008|22.52] C:\DOCUME~1\ALICET~1\DATIAP~1\VoipCheapCom
[17/03/2008|21.44] C:\DOCUME~1\ALICET~1\DATIAP~1\XnView
[1|File] C:\DOCUME~1\ALICET~1\DATIAP~1\byte
[36|Directory] C:\DOCUME~1\ALICET~1\DATIAP~1\byte disponibili

[19/01/2008|10.15] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[03/08/2008|21.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\avg8
[25/09/2007|06.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\AVS4YOU
[13/03/2007|22.00] C:\DOCUME~1\ALLUSE~1\DATIAP~1\BVRP Software
[30/08/2004|14.56] C:\DOCUME~1\ALLUSE~1\DATIAP~1\desktop.ini
[01/09/2007|03.12] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Downloaded Installations
[14/01/2007|11.23] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Google
[26/07/2008|21.15] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Grisoft
[27/09/2006|17.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\hpqLog
[13/07/2008|12.58] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Installations
[27/09/2006|17.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\InstallShield
[28/01/2008|13.57] C:\DOCUME~1\ALLUSE~1\DATIAP~1\LauncherAccess.dt
[25/07/2008|21.29] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[10/02/2008|08.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\MGS
[28/01/2008|14.24] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[28/07/2008|02.34] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft Help
[27/11/2007|15.41] C:\DOCUME~1\ALLUSE~1\DATIAP~1\NCH Software
[27/11/2007|15.40] C:\DOCUME~1\ALLUSE~1\DATIAP~1\NCH Swift Sound
[29/07/2008|21.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Office Genuine Advantage
[14/07/2008|12.19] C:\DOCUME~1\ALLUSE~1\DATIAP~1\PC Suite
[27/09/2006|17.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SBSI
[14/01/2007|14.50] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Skype
[17/03/2008|09.54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Spybot - Search & Destroy
[27/09/2006|17.54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Telecom Italia
[14/01/2007|21.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[14/01/2007|18.20] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Yahoo!
[24/02/2008|16.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Yahoo! Companion
[11/03/2007|18.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Zylom
[2|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[28|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili

[30/08/2004|14.56] C:\DOCUME~1\DEFAUL~1\DATIAP~1\desktop.ini
[27/09/2006|17.54] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Identities
[27/09/2006|17.54] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[21/09/2006|12.58] C:\DOCUME~1\DEFAUL~1\DATIAP~1\SampleView
[27/09/2006|17.54] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Symantec
[1|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[6|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili

[03/08/2008|21.08] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili

[03/08/2008|21.08] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/08/2008 20.58][--ah-----] C:\WINDOWS\tasks\SA.DAT
[19/08/2004 10.00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Programmi

[19/01/2008|10.14] C:\Programmi\Adobe
[25/02/2007|14.15] C:\Programmi\Alice ti aiuta
[26/07/2008|21.25] C:\Programmi\Alwil Software
[27/09/2006|17.56] C:\Programmi\Analog Devices
[29/01/2007|18.37] C:\Programmi\ArcSoft
[03/08/2008|21.11] C:\Programmi\AVG
[15/02/2008|19.30] C:\Programmi\AviSynth 2.5
[27/01/2007|23.19] C:\Programmi\BitTorrent
[27/09/2006|17.56] C:\Programmi\Broadcom
[20/03/2007|21.08] C:\Programmi\C6 Messenger
[29/08/2007|21.51] C:\Programmi\Camfrog
[03/08/2008|21.39] C:\Programmi\CCleaner
[27/09/2006|17.56] C:\Programmi\Collegamenti programmi
[21/09/2006|12.59] C:\Programmi\ComPlus Applications
[13/07/2008|13.01] C:\Programmi\DIFX
[07/03/2007|14.44] C:\Programmi\EA GAMES
[17/03/2008|14.04] C:\Programmi\EMCO Malware Destroyer
[04/08/2008|04.17] C:\Programmi\File comuni
[27/09/2006|17.56] C:\Programmi\Fingerprint Sensor
[23/02/2008|20.56] C:\Programmi\FLV Player
[15/02/2008|19.37] C:\Programmi\Foto2Avi
[01/03/2007|15.02] C:\Programmi\Google
[27/09/2006|17.56] C:\Programmi\Hewlett-Packard
[27/09/2006|17.56] C:\Programmi\Hp
[27/09/2006|17.56] C:\Programmi\HPQ
[14/01/2007|14.58] C:\Programmi\ICQToolbar
[16/03/2008|15.30] C:\Programmi\ICTS-WinTrader
[17/03/2008|13.53] C:\Programmi\InstallShield Installation Information
[27/09/2006|17.57] C:\Programmi\Intel
[28/07/2008|02.34] C:\Programmi\Internet Explorer
[27/09/2006|17.57] C:\Programmi\InterVideo
[14/07/2007|21.29] C:\Programmi\Intuwave Ltd
[20/01/2008|12.51] C:\Programmi\IrfanView
[25/02/2008|16.49] C:\Programmi\IVCsoft
[07/02/2007|18.14] C:\Programmi\Jasc Software Inc
[15/05/2007|15.16] C:\Programmi\Java
[02/01/2008|15.23] C:\Programmi\Kate's Video Converter
[14/02/2008|22.22] C:\Programmi\KeepV Converter
[15/02/2006|18.31] C:\Programmi\LHSP
[13/03/2007|21.19] C:\Programmi\LiveUpdate
[07/08/2008|21.30] C:\Programmi\Malwarebytes' Anti-Malware
[02/04/2008|11.42] C:\Programmi\MessengerDiscovery
[15/01/2007|09.44] C:\Programmi\micla-multimedia
[14/05/2007|23.49] C:\Programmi\Microsoft CAPICOM 2.1.0.2
[27/09/2006|17.57] C:\Programmi\microsoft frontpage
[09/02/2007|22.05] C:\Programmi\Microsoft Office
[09/02/2007|22.05] C:\Programmi\Microsoft Visual Studio
[09/02/2007|22.00] C:\Programmi\Microsoft Visual Studio 8
[09/02/2007|22.06] C:\Programmi\Microsoft Works
[09/02/2007|22.04] C:\Programmi\Microsoft.NET
[13/03/2007|21.19] C:\Programmi\mobile PhoneTools
[14/07/2007|21.30] C:\Programmi\Motorola
[27/09/2006|17.57] C:\Programmi\Movie Maker
[12/08/2008|21.40] C:\Programmi\Mozilla Firefox
[17/03/2008|13.54] C:\Programmi\Mozilla Firefox 3 Beta 4
[09/02/2007|22.05] C:\Programmi\MSBuild
[27/09/2006|17.57] C:\Programmi\MSN Gaming Zone
[07/10/2007|21.44] C:\Programmi\MSN Messenger
[16/03/2007|18.43] C:\Programmi\MSXML 4.0
[06/08/2008|21.56] C:\Programmi\Navilog1
[16/02/2008|11.08] C:\Programmi\NCH Swift Sound
[14/01/2007|21.26] C:\Programmi\NetMeeting
[02/05/2008|13.10] C:\Programmi\Netscape
[04/08/2008|04.17] C:\Programmi\Nokia
[13/06/2007|16.23] C:\Programmi\Outlook Express
[13/07/2008|13.01] C:\Programmi\PC Connectivity Solution
[16/02/2008|11.06] C:\Programmi\Photo Toolkit
[14/02/2008|20.52] C:\Programmi\Riva
[27/09/2006|17.57] C:\Programmi\RSS Reader
[28/01/2008|13.52] C:\Programmi\Samsung
[27/09/2006|17.57] C:\Programmi\Servizi in linea
[05/07/2007|16.49] C:\Programmi\Skype
[14/02/2008|23.09] C:\Programmi\Smallvideosoft
[15/01/2007|09.32] C:\Programmi\SolSuite
[27/09/2006|17.57] C:\Programmi\Sonic
[17/03/2008|10.52] C:\Programmi\Spybot - Search & Destroy
[01/06/2008|13.31] C:\Programmi\Straighthold Trader
[19/02/2007|21.28] C:\Programmi\Symbian
[27/09/2006|17.58] C:\Programmi\Synaptics
[27/09/2006|17.58] C:\Programmi\Telecom Italia
[23/08/2007|02.37] C:\Programmi\Telsey W-Gate USB
[27/04/2007|17.32] C:\Programmi\Ubisoft
[24/02/2008|12.54] C:\Programmi\Uninstall Information
[10/08/2008|11.31] C:\Programmi\VoipCheapCom
[27/09/2006|17.59] C:\Programmi\WIDCOMM
[14/01/2007|23.47] C:\Programmi\Windows Media Connect
[14/01/2007|23.50] C:\Programmi\Windows Media Connect 2
[14/01/2007|23.50] C:\Programmi\Windows Media Player
[27/09/2006|17.59] C:\Programmi\Windows NT
[21/09/2006|12.59] C:\Programmi\WindowsUpdate
[15/01/2007|09.24] C:\Programmi\WinZip
[27/09/2006|17.59] C:\Programmi\xerox
[20/01/2008|18.20] C:\Programmi\XnView
[23/02/2008|20.56] C:\Programmi\Yahoo!
[0|File] C:\Programmi\byte
[96|Directory] C:\Programmi\byte disponibili

--------------------\\ Listing des dossiers dans C:\Programmi\File comuni

[19/01/2008|10.14] C:\Programmi\File comuni\Adobe
[29/01/2007|18.39] C:\Programmi\File comuni\ArcSoft
[25/09/2007|06.52] C:\Programmi\File comuni\AVSMedia
[09/02/2007|22.05] C:\Programmi\File comuni\DESIGNER
[05/03/2007|22.53] C:\Programmi\File comuni\DirectX
[27/09/2006|17.56] C:\Programmi\File comuni\InstallShield
[07/02/2007|18.15] C:\Programmi\File comuni\Jasc Software Inc
[27/09/2006|17.56] C:\Programmi\File comuni\Java
[27/09/2006|17.56] C:\Programmi\File comuni\LightScribe
[03/08/2008|21.10] C:\Programmi\File comuni\Microsoft Shared
[15/03/2007|15.47] C:\Programmi\File comuni\Motorola Shared
[27/09/2006|17.56] C:\Programmi\File comuni\MSSoap
[27/09/2006|17.56] C:\Programmi\File comuni\ODBC
[15/01/2007|09.44] C:\Programmi\File comuni\OsrBkpRtd
[27/09/2006|17.56] C:\Programmi\File comuni\Services
[27/09/2006|17.56] C:\Programmi\File comuni\Sonic Shared
[27/09/2006|17.56] C:\Programmi\File comuni\SpeechEngines
[27/09/2006|17.56] C:\Programmi\File comuni\SureThing Shared
[14/02/2008|14.20] C:\Programmi\File comuni\SWF Studio
[25/07/2008|21.23] C:\Programmi\File comuni\Symantec Shared
[13/06/2007|16.30] C:\Programmi\File comuni\System
[27/09/2006|17.56] C:\Programmi\File comuni\TiVo Shared
[0|File] C:\Programmi\File comuni\byte
[24|Directory] C:\Programmi\File comuni\byte disponibili

--------------------\\ Process

( 38 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-12 22:08:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 5

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:43][D:11]-> C:\DOCUME~1\ALICET~1\IMPOST~1\Temp
[F:23][D:0]-> C:\DOCUME~1\ALICET~1\Cookies
[F:585][D:5]-> C:\DOCUME~1\ALICET~1\IMPOST~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 22.09.15,29
0
Réponse 17 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
Salut,
Tu peux mettre un nouveau rapport hijackthis.
@+
0
Réponse 18 / 22
made72 Messages postés 12 Statut Membre
 
Salut E..T
Je vous remercie infiniment .Demain je doit voyager d'urgence. Je ne sais pas à quel niveau nous sommes mais pour l'instant tout marche bien.Je m'excuse sincerement du fond du coeur.

Voici le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12.02.54, on 13/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\Programmi\VoipCheapCom\VoipCheapCom.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Poker\Titan Poker\casino.exe
C:\PROGRA~1\AVG\AVG8\avgscanx.exe
C:\DOCUME~1\ALICET~1\IMPOST~1\Temp\Directory temporanea 2 per HiJackThis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.alice.it/search/home/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crazybit.altervista.org/start.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.camfrog.com/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.crazybit.altervista.org/start.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Programmi\MSN Messenger\htc.8.1.0178.00.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programmi\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Programmi\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7B53E5A-C918-4176-A3C7-F0667887B141}: NameServer = 193.70.152.25 193.70.192.25
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: OneCard - C:\Programmi\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 19 / 22
E..T Messages postés 6565 Statut Contributeur 428
 
Ouep,

Je m'excuse sincerement du fond du coeur.
Hey c'est rien on reprendra quand tu seras de retour ;-)

Il reste une petite salopperie c'est surement à cause des jeux de poker etc....

installe Ccleaner si tu ne l'as pas, c'est utilitaire de nettoyage gratuit permettant de garantir un respect de la vie privée en supprimant les fichiers d'historique et de cache du système.
>> Ici pour télécharger
>> Tuto complet
Pendant l'instalation de Ccleaner dans les options d'installation >> décoche l'option de la barre d'outils Yahoo!

- Démarre Ccleaner

- Dans Nettoyeur
* Onglet Windows ne coche pas la case Avancé
- Onglet Applications laisse toutes les cases cochées

* Dans Erreurs décoche la case devant Intégrité du registre et Intégrité des fichiers
* Retourne dans Nettoyeur Clique sur le bouton Analyse puis celle-ci finie sur Lancer le nettoyage

Un e foi que tu as fait tout ça post un nouveau rapport hijackthis.

@++
0
made72
 
Salut E..T

Le voici:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.09.46, on 13/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\Programmi\VoipCheapCom\VoipCheapCom.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\AVG\AVG8\avgscanx.exe
C:\DOCUME~1\ALICET~1\IMPOST~1\Temp\Directory temporanea 4 per HiJackThis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.alice.it/search/home/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crazybit.altervista.org/start.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.camfrog.com/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.crazybit.altervista.org/start.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Programmi\MSN Messenger\htc.8.1.0178.00.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programmi\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Programmi\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7B53E5A-C918-4176-A3C7-F0667887B141}: NameServer = 193.70.152.25 193.70.192.25
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: OneCard - C:\Programmi\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 20 / 22
made72 Messages postés 12 Statut Membre
 
Salut E..T

Le voici:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.09.46, on 13/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\Programmi\VoipCheapCom\VoipCheapCom.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\AVG\AVG8\avgscanx.exe
C:\DOCUME~1\ALICET~1\IMPOST~1\Temp\Directory temporanea 4 per HiJackThis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.alice.it/search/home/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crazybit.altervista.org/start.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.camfrog.com/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.crazybit.altervista.org/start.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Programmi\MSN Messenger\htc.8.1.0178.00.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programmi\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Programmi\Camfrog\CamfrogBar\CamfrogBar1.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Programmi\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alicetuttoincluso\Menu Avvio\Programmi\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7B53E5A-C918-4176-A3C7-F0667887B141}: NameServer = 193.70.152.25 193.70.192.25
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: OneCard - C:\Programmi\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses