Trojan
Résolu/Fermé
A voir également:
- Trojan
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Win32 trojan gen - Forum Virus / Sécurité
- Windows defender avertissement de sécurité trojan spyware - Forum Windows 10
- Trojan wacatac ✓ - Forum Virus / Sécurité
- Trojan agent ✓ - Forum Virus / Sécurité
48 réponses
alors, pour les cooking...t'as pas à t'en faire là dessus, tu en aura tout le temps, ils ne sont dangereux en rien du tout
pour la possibilité des chevaux de trois, essaie voir spyware doctor, il devrait les détecter (si jamais il trouve quelque chose, contacte moi par MP stp)
pour la possibilité des chevaux de trois, essaie voir spyware doctor, il devrait les détecter (si jamais il trouve quelque chose, contacte moi par MP stp)
phantomxlord
Messages postés
470
Date d'inscription
mercredi 16 juillet 2008
Statut
Membre
Dernière intervention
12 juillet 2009
35
23 août 2008 à 13:22
23 août 2008 à 13:22
Bonjour,
bitdefender sert à rien passe à antivir et arrêtes d'aller sur des site blindé de pub
bitdefender sert à rien passe à antivir et arrêtes d'aller sur des site blindé de pub
Bonjour
-Telecharge ceci--> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
-Suis ce tuto et poste moi le rapport stp--> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
-Telecharge ceci--> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
-Suis ce tuto et poste moi le rapport stp--> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voici le rapport :
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1078
Windows 5.1.2600 Service Pack 2
14:05:09 23/08/2008
mbam-log-08-23-2008 (14-05-09).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 32894
Temps écoulé: 36 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\admin\Application Data\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Je veux préciser que je ne suis jamais allé sur e-bay.
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1078
Windows 5.1.2600 Service Pack 2
14:05:09 23/08/2008
mbam-log-08-23-2008 (14-05-09).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 32894
Temps écoulé: 36 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\admin\Application Data\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Je veux préciser que je ne suis jamais allé sur e-bay.
Je reviens demain.
J'attends votre réponse et peut-être un logiciel qui peut fonctionner avec avec bitdefender et qui permet de stopper les trojans mieux que bitdefender.
J'attends votre réponse et peut-être un logiciel qui peut fonctionner avec avec bitdefender et qui permet de stopper les trojans mieux que bitdefender.
Re,
-Telecharge ceci--> http://www.zonavirus.com/datos/descargas/95/elibagla.asp <--si le telechargement ne se fait pas tout seul clique sur "Descargar elibagla" en bas de la page!
-Enregistre le fichier sur ton bureau
-Double-clique dessus pour l'ouvrir
-Assure-toi que dans le menu déroulant Unidad, tu as bien C:\
-Vérifie également que Eliminar Ficheros Automaticamente est cochée
-Clique sur le bouton Explorar pour lancer l'analyse
-Poste le rapport situé dans C:\infosat.txt
-Telecharge ceci--> http://www.zonavirus.com/datos/descargas/95/elibagla.asp <--si le telechargement ne se fait pas tout seul clique sur "Descargar elibagla" en bas de la page!
-Enregistre le fichier sur ton bureau
-Double-clique dessus pour l'ouvrir
-Assure-toi que dans le menu déroulant Unidad, tu as bien C:\
-Vérifie également que Eliminar Ficheros Automaticamente est cochée
-Clique sur le bouton Explorar pour lancer l'analyse
-Poste le rapport situé dans C:\infosat.txt
petite apparté, j'aurais besoin d'aide pour résoudre un problème
voilà le lien
http://www.commentcamarche.net/forum/affich 8043975 probleme windows update et acces site web
merci d'avance pour votre soutient
voilà le lien
http://www.commentcamarche.net/forum/affich 8043975 probleme windows update et acces site web
merci d'avance pour votre soutient
Voici le rapport :
Sun Aug 24 11:53:05 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sun Aug 24 11:53:16 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Sun Aug 24 11:53:05 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sun Aug 24 11:53:16 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
J'ai fais une autre analyse et voici le rapport :
Sun Aug 24 11:53:05 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sun Aug 24 11:53:16 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Sun Aug 24 12:30:47 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sun Aug 24 12:30:49 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Sun Aug 24 11:53:05 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sun Aug 24 11:53:16 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Sun Aug 24 12:30:47 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sun Aug 24 12:30:49 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Bon alors
-Telecharge combofix--> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-Suis ce tuto et poste moi le rapport--> https://www.androidworld.fr/
/!\ATTENTION/!\ L'antivirus doit etre desactivé ainsi que l'antispyware
-Telecharge combofix--> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-Suis ce tuto et poste moi le rapport--> https://www.androidworld.fr/
/!\ATTENTION/!\ L'antivirus doit etre desactivé ainsi que l'antispyware
Avant de faire ça je veux dire que j'ai téléchargé PC security test 2008 et que la protection antivirus et antispyware de mon ordinateur ont été jugées assez faible. ( une protection aux alentour de 50% )
Il est écrit " compte rendu en cour de préparation " depuis 10 minutes. Est-ce-que ça va prendre fin ?
D'après ce site https://forum.zebulon.fr/topic/148853-rapport-combo-fix le compte rendu n'est pas très long. Pourquoi ça met tant de temps ?
Voici enfin le rapport :
ComboFix 08-08-23.03 - admin 2008-08-24 13:01:03.2 - NTFSx86
Endroit: C:\Documents and Settings\admin\Bureau\ComboFix.exe
* Resident AV is active
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\InfoSat.txt
C:\WINDOWS\system32\MSINET.oca
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-24 to 2008-08-24 ))))))))))))))))))))))))))))))))))))
.
2008-08-24 12:37 . 2008-08-24 12:37 <REP> d-------- C:\Program Files\AxBx
2008-08-23 13:27 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-23 13:27 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-21 15:22 . 2008-08-21 15:22 <REP> d-------- C:\Documents and Settings\admin\Application Data\PCF-VLC
2008-08-18 12:01 . 2008-08-18 12:01 <REP> d-------- C:\Program Files\Lavalys
2008-08-18 11:28 . 2008-08-24 10:29 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-08-18 11:07 . 2008-08-18 11:07 <REP> d-------- C:\Documents and Settings\admin\Application Data\BlackBean
2008-08-18 10:59 . 2008-08-18 10:59 <REP> d-------- C:\Documents and Settings\admin\Application Data\Leadertech
2008-08-18 10:45 . 2008-03-05 15:56 3,786,760 --a------ C:\WINDOWS\system32\D3DX9_37.dll
2008-08-18 10:45 . 2008-03-05 15:56 1,420,824 --a------ C:\WINDOWS\system32\D3DCompiler_37.dll
2008-08-18 10:45 . 2008-03-05 16:03 479,752 --a------ C:\WINDOWS\system32\XAudio2_0.dll
2008-08-18 10:45 . 2008-02-05 23:07 462,864 --a------ C:\WINDOWS\system32\d3dx10_37.dll
2008-08-18 10:45 . 2008-03-05 16:03 238,088 --a------ C:\WINDOWS\system32\xactengine3_0.dll
2008-08-18 10:45 . 2008-03-05 16:00 25,608 --a------ C:\WINDOWS\system32\X3DAudio1_3.dll
2008-08-18 10:37 . 2008-08-18 10:37 <REP> d-------- C:\Program Files\BlackBeanGames
2008-08-18 10:29 . 2008-08-18 10:29 <REP> d-------- C:\Program Files\AFN
2008-08-14 09:22 . 2008-08-14 09:22 <REP> d-------- C:\Program Files\LeonTama
2008-08-14 08:13 . 2008-08-15 16:47 <REP> d-------- C:\Program Files\Trojan Remover
2008-08-14 08:13 . 2008-08-14 08:13 <REP> d-------- C:\Documents and Settings\admin\Application Data\Simply Super Software
2008-08-14 08:13 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-08-14 08:13 . 2002-03-06 00:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-08-12 13:53 . 2008-08-12 14:00 <REP> d-------- C:\Program Files\Kellogg's
2008-08-12 13:42 . 2008-08-12 16:10 184,352 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-12 13:42 . 2008-08-12 16:10 3,236 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-12 13:34 . 2008-08-12 13:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-08-12 13:34 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-08-12 13:34 . 2008-07-09 09:05 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2008-08-12 13:34 . 2008-07-09 09:05 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2008-08-12 13:34 . 2008-07-09 09:05 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2008-08-12 13:34 . 2008-07-09 09:05 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-08-12 13:34 . 2008-08-12 13:39 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-08-12 13:32 . 2008-08-12 19:25 <REP> d-------- C:\WINDOWS\system32\ZoneLabs
2008-08-12 13:32 . 2008-08-12 13:49 <REP> d-------- C:\WINDOWS\Internet Logs
2008-08-12 13:32 . 2008-08-12 13:32 <REP> d-------- C:\Program Files\Zone Labs
2008-08-12 13:32 . 2008-07-09 09:05 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2008-08-11 10:23 . 2008-08-11 10:23 <REP> d-------- C:\_OTMoveIt
2008-08-10 11:13 . 2008-08-10 11:13 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-08-08 10:40 . 2008-08-10 11:10 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-08-08 09:48 . 2008-08-12 12:18 <REP> d-------- C:\Program Files\Unlocker
2008-08-08 09:48 . 2008-08-23 14:05 <REP> d-------- C:\Documents and Settings\admin\Application Data\Desktopicon
2008-08-08 08:04 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-08-08 08:04 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-07 08:09 . 2008-08-07 08:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-08-07 08:09 . 2008-08-06 10:28 160,792 --a------ C:\WINDOWS\system32\drivers\pctfw2.sys
2008-08-06 10:10 . 2008-08-07 10:43 <REP> d-------- C:\Program Files\Desktop3D
2008-08-06 10:10 . 2008-08-07 10:41 <REP> d-------- C:\Documents and Settings\admin\Application Data\Desktop3D
2008-08-06 09:56 . 2008-08-23 13:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-06 09:56 . 2008-08-06 09:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-06 09:56 . 2008-08-06 09:56 <REP> d-------- C:\Documents and Settings\admin\Application Data\Malwarebytes
2008-08-06 09:50 . 2008-08-07 08:09 <REP> d-------- C:\Program Files\Fichiers communs\PC Tools
2008-08-06 09:50 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-08-06 09:50 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-08-06 09:50 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-08-06 09:50 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-08-06 09:49 . 2008-08-21 13:21 <REP> d-------- C:\Program Files\Spyware Doctor
2008-08-06 09:49 . 2008-08-06 09:49 <REP> d-------- C:\Documents and Settings\admin\Application Data\PC Tools
2008-08-03 15:29 . 2008-08-03 15:29 <REP> d-------- C:\Program Files\FileZilla FTP Client
2008-08-03 15:29 . 2008-08-03 15:47 <REP> d-------- C:\Documents and Settings\admin\Application Data\FileZilla
2008-08-03 15:09 . 2008-08-03 15:09 <REP> d-------- C:\Documents and Settings\admin\Application Data\FastStone
2008-08-03 15:08 . 2008-08-03 15:08 <REP> d-------- C:\Program Files\FastStone Capture
2008-08-01 13:12 . 2008-08-01 13:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-30 15:28 . 2008-07-30 15:28 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-07-30 14:30 . 2008-07-30 14:30 <REP> d-------- C:\Program Files\Securitoo
2008-07-30 14:30 . 2008-07-30 14:30 <REP> d-------- C:\Program Files\SAGEM
2008-07-30 14:13 . 2008-07-30 14:35 <REP> d-------- C:\Program Files\Orange HSS
2008-07-30 14:13 . 2008-07-30 14:13 <REP> d-------- C:\Program Files\Fichiers communs\France Telecom
2008-07-30 14:13 . 2006-03-01 19:53 94,208 --a------ C:\WINDOWS\system32\w32n50.dll
2008-07-30 14:13 . 2007-07-31 14:57 65,536 --a------ C:\WINDOWS\system32\Autodial2000.dll
2008-07-30 14:13 . 2003-09-23 11:38 34,688 --a------ C:\WINDOWS\system32\pcampr5.sys
2008-07-30 14:13 . 2006-03-01 19:53 32,128 --a------ C:\WINDOWS\system32\pcandis5.sys
2008-07-30 13:23 . 2008-07-30 13:23 <REP> d-------- C:\Program Files\Battlefront
2008-07-30 12:12 . 2008-07-30 12:12 <REP> d-------- C:\Program Files\PanVision
2008-07-30 11:41 . 2008-07-30 11:41 <REP> d-------- C:\Program Files\Fusion Games
2008-07-29 13:44 . 2008-07-29 13:44 <REP> d-------- C:\Program Files\Pointstone
2008-07-28 11:32 . 2008-07-28 11:32 <REP> d-------- C:\Nouveau dossier
2008-07-28 11:29 . 2008-08-08 07:34 <REP> d-------- C:\Program Files\IsoBuster
2008-07-27 14:49 . 2008-07-27 14:49 <REP> d-------- C:\Program Files\Frogster
2008-07-27 13:36 . 2008-07-27 13:36 <REP> d--h----- C:\WINDOWS\PIF
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-24 11:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-24 11:20 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-08-18 10:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-18 09:29 --------- d-----w C:\Documents and Settings\admin\Application Data\Atari
2008-08-18 08:48 --------- d-----w C:\Program Files\Atari
2008-08-16 14:22 27,868 ----a-w C:\Documents and Settings\admin\Application Data\wklnhst.dat
2008-08-15 14:56 --------- d-----w C:\Program Files\Active Share Monitor
2008-08-12 11:26 --------- d-----w C:\Program Files\BoontyGames
2008-08-07 11:37 --------- d-----w C:\Program Files\GV logiciel-casino
2008-08-06 09:06 --------- d-----w C:\Program Files\BattleTanks II
2008-08-01 10:28 --------- d-----w C:\Program Files\Yahoo!
2008-07-31 07:47 --------- d-----w C:\Program Files\GameSpy Arcade
2008-07-30 09:27 --------- d-----w C:\Program Files\Lingo
2008-07-27 12:39 --------- d-----w C:\Program Files\Google
2008-07-11 06:33 --------- d-----w C:\Program Files\Incomplete
2008-07-11 06:33 --------- d-----w C:\Program Files\Alien Sky
2008-07-11 06:33 --------- d-----w C:\Documents and Settings\admin\Application Data\LimeWire
2008-07-09 06:18 --------- d-----w C:\Program Files\Terminal Reality
2008-07-09 05:34 --------- d-----w C:\Program Files\MiST land - South
2008-07-08 11:38 --------- d-----w C:\Program Files\Pet Soccer
2008-07-07 07:25 --------- d-----w C:\Program Files\Arovax AntiSpyware
2008-07-07 06:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-07 06:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Arovax
2008-07-07 05:23 --------- d-----w C:\Program Files\Ascentive
2008-07-04 06:08 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-07-03 09:50 --------- d-----w C:\Program Files\Nuclear Coffee
2008-07-03 09:46 --------- d-----w C:\Program Files\FolderSecurityGuard
2008-07-01 06:56 --------- d-----w C:\Program Files\HotHotSoftwareFullVersion
2008-06-27 11:45 --------- d-----w C:\Program Files\Steganos Safe One
2008-06-24 16:02 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-06-24 16:02 23,352 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-24 16:02 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-23 15:42 280,039 ----a-w C:\WINDOWS\Frontsd.zip
2008-06-23 15:42 175,717 ----a-w C:\WINDOWS\jellyka_castles_queen.zip
2008-06-23 15:41 52,758 ----a-w C:\WINDOWS\Fronts.zip
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-05-27 15:44 64,824 ----a-w C:\Documents and Settings\admin\Application Data\GDIPFONTCACHEV1.DAT
2008-05-25 10:19 0 ----a-w C:\Program Files\temp01
2004-03-11 11:27 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
2008-03-04 13:44 1470488 --a------ C:\Program Files\MyPlayCity\tbMyP0.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "C:\Program Files\MyPlayCity\tbMyP0.dll" [2008-03-04 13:44 1470488]
[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"= "C:\Program Files\MyPlayCity\tbMyP0.dll" [2008-03-04 13:44 1470488]
[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 23:18 443968]
"ActiveShareMonitor"="C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe" [2008-06-28 07:58 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" [2004-09-30 08:44 7957504]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-03-28 15:48 622592]
"SetDefPrt"="C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2006-04-10 14:58 61440]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 16:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-06-24 15:22 368640]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 18:15 221184]
"ORAHSSSessionManager"="C:\Program Files\Orange HSS\SessionManager\SessionManager.exe" [2007-07-24 19:03 102400]
"SystrayORAHSS"="C:\Program Files\Orange HSS\Systray\SystrayApp.exe" [2007-07-24 19:55 94208]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 06:15 15872]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-07-16 09:16 1166216]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2005-07-11 10:44 482816]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2006-04-10 14:58 61440]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll
[HKLM\~\startupfolder\C:^Documents and Settings^admin^Menu Démarrer^Programmes^Démarrage^Scol.lnk]
path=C:\Documents and Settings\admin\Menu Démarrer\Programmes\Démarrage\Scol.lnk
backup=C:\WINDOWS\pss\Scol.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2004-03-23 17:15 335872 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--------- 2004-09-07 15:25 1400944 C:\Program Files\Ahead\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2005-02-16 18:15 221184 C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2005-02-16 18:15 81920 C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
--------- 2004-09-22 16:10 1871872 C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
--a------ 2005-03-17 19:17 57393 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-12-08 17:35 32768 C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
-ra------ 2003-10-14 10:22 155648 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ATI Smart"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Atari\\Terminator 3 - War of the Machines\\T3.exe"=
"C:\\GTL\\GTLConfig.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\patriots.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"C:\\Program Files\\Orange HSS\\Connectivity\\ConnectivityManager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-08-06 10:28]
R1 SLEE_16_DRIVER;Steganos Live Encryption Engine 16 [Driver];C:\WINDOWS\system32\drivers\Sleen16.sys [2007-10-11 12:24]
R2 Machnm32;Machnm32 Driver;C:\WINDOWS\System32\Machnm32.sys [2003-08-13 01:27]
S3 gkmixern;gkmixern;C:\DOCUME~1\admin\LOCALS~1\Temp\gkmixern.sys []
S3 GoogleDesktopManager-121807-210419;Google Desktop Manager 5.7.712.18632;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-12-26 10:45]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S4 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a374993-ef8b-11dc-bdaa-00110913fe43}]
\Shell\AutoRun\command - F:\EmDesk.exe
\Shell\EmDesk\command - F:\EmDesk.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Performance Center - C:\Program Files\Ascentive\Performance Center\ApcMain.exe
MSConfigStartUp-gxioolulu - c:\windows\system32\gxioolulu.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\mfbraiq9.default\
FF -: plugin - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\QuickTime\Plugins\npqtplugin8.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-24 13:22:33
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Unlocker\UnlockerHook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\[u]0[/u]\FTRTSVC.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\[u]0[/u]\AlertModule.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-24 13:42:20 - machine was rebooted [admin]
ComboFix-quarantined-files.txt 2008-08-24 11:41:52
Pre-Run: 59,363,799,040 octets libres
Post-Run: 59,359,162,368 octets libres
294 --- E O F --- 2008-08-10 09:17:12
ComboFix 08-08-23.03 - admin 2008-08-24 13:01:03.2 - NTFSx86
Endroit: C:\Documents and Settings\admin\Bureau\ComboFix.exe
* Resident AV is active
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\InfoSat.txt
C:\WINDOWS\system32\MSINET.oca
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-24 to 2008-08-24 ))))))))))))))))))))))))))))))))))))
.
2008-08-24 12:37 . 2008-08-24 12:37 <REP> d-------- C:\Program Files\AxBx
2008-08-23 13:27 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-23 13:27 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-21 15:22 . 2008-08-21 15:22 <REP> d-------- C:\Documents and Settings\admin\Application Data\PCF-VLC
2008-08-18 12:01 . 2008-08-18 12:01 <REP> d-------- C:\Program Files\Lavalys
2008-08-18 11:28 . 2008-08-24 10:29 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-08-18 11:07 . 2008-08-18 11:07 <REP> d-------- C:\Documents and Settings\admin\Application Data\BlackBean
2008-08-18 10:59 . 2008-08-18 10:59 <REP> d-------- C:\Documents and Settings\admin\Application Data\Leadertech
2008-08-18 10:45 . 2008-03-05 15:56 3,786,760 --a------ C:\WINDOWS\system32\D3DX9_37.dll
2008-08-18 10:45 . 2008-03-05 15:56 1,420,824 --a------ C:\WINDOWS\system32\D3DCompiler_37.dll
2008-08-18 10:45 . 2008-03-05 16:03 479,752 --a------ C:\WINDOWS\system32\XAudio2_0.dll
2008-08-18 10:45 . 2008-02-05 23:07 462,864 --a------ C:\WINDOWS\system32\d3dx10_37.dll
2008-08-18 10:45 . 2008-03-05 16:03 238,088 --a------ C:\WINDOWS\system32\xactengine3_0.dll
2008-08-18 10:45 . 2008-03-05 16:00 25,608 --a------ C:\WINDOWS\system32\X3DAudio1_3.dll
2008-08-18 10:37 . 2008-08-18 10:37 <REP> d-------- C:\Program Files\BlackBeanGames
2008-08-18 10:29 . 2008-08-18 10:29 <REP> d-------- C:\Program Files\AFN
2008-08-14 09:22 . 2008-08-14 09:22 <REP> d-------- C:\Program Files\LeonTama
2008-08-14 08:13 . 2008-08-15 16:47 <REP> d-------- C:\Program Files\Trojan Remover
2008-08-14 08:13 . 2008-08-14 08:13 <REP> d-------- C:\Documents and Settings\admin\Application Data\Simply Super Software
2008-08-14 08:13 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-08-14 08:13 . 2002-03-06 00:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-08-12 13:53 . 2008-08-12 14:00 <REP> d-------- C:\Program Files\Kellogg's
2008-08-12 13:42 . 2008-08-12 16:10 184,352 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-12 13:42 . 2008-08-12 16:10 3,236 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-12 13:34 . 2008-08-12 13:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-08-12 13:34 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-08-12 13:34 . 2008-07-09 09:05 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2008-08-12 13:34 . 2008-07-09 09:05 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2008-08-12 13:34 . 2008-07-09 09:05 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2008-08-12 13:34 . 2008-07-09 09:05 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-08-12 13:34 . 2008-08-12 13:39 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-08-12 13:32 . 2008-08-12 19:25 <REP> d-------- C:\WINDOWS\system32\ZoneLabs
2008-08-12 13:32 . 2008-08-12 13:49 <REP> d-------- C:\WINDOWS\Internet Logs
2008-08-12 13:32 . 2008-08-12 13:32 <REP> d-------- C:\Program Files\Zone Labs
2008-08-12 13:32 . 2008-07-09 09:05 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2008-08-11 10:23 . 2008-08-11 10:23 <REP> d-------- C:\_OTMoveIt
2008-08-10 11:13 . 2008-08-10 11:13 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-08-08 10:40 . 2008-08-10 11:10 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-08-08 09:48 . 2008-08-12 12:18 <REP> d-------- C:\Program Files\Unlocker
2008-08-08 09:48 . 2008-08-23 14:05 <REP> d-------- C:\Documents and Settings\admin\Application Data\Desktopicon
2008-08-08 08:04 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-08-08 08:04 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-07 08:09 . 2008-08-07 08:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-08-07 08:09 . 2008-08-06 10:28 160,792 --a------ C:\WINDOWS\system32\drivers\pctfw2.sys
2008-08-06 10:10 . 2008-08-07 10:43 <REP> d-------- C:\Program Files\Desktop3D
2008-08-06 10:10 . 2008-08-07 10:41 <REP> d-------- C:\Documents and Settings\admin\Application Data\Desktop3D
2008-08-06 09:56 . 2008-08-23 13:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-06 09:56 . 2008-08-06 09:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-06 09:56 . 2008-08-06 09:56 <REP> d-------- C:\Documents and Settings\admin\Application Data\Malwarebytes
2008-08-06 09:50 . 2008-08-07 08:09 <REP> d-------- C:\Program Files\Fichiers communs\PC Tools
2008-08-06 09:50 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-08-06 09:50 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-08-06 09:50 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-08-06 09:50 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-08-06 09:49 . 2008-08-21 13:21 <REP> d-------- C:\Program Files\Spyware Doctor
2008-08-06 09:49 . 2008-08-06 09:49 <REP> d-------- C:\Documents and Settings\admin\Application Data\PC Tools
2008-08-03 15:29 . 2008-08-03 15:29 <REP> d-------- C:\Program Files\FileZilla FTP Client
2008-08-03 15:29 . 2008-08-03 15:47 <REP> d-------- C:\Documents and Settings\admin\Application Data\FileZilla
2008-08-03 15:09 . 2008-08-03 15:09 <REP> d-------- C:\Documents and Settings\admin\Application Data\FastStone
2008-08-03 15:08 . 2008-08-03 15:08 <REP> d-------- C:\Program Files\FastStone Capture
2008-08-01 13:12 . 2008-08-01 13:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-30 15:28 . 2008-07-30 15:28 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-07-30 14:30 . 2008-07-30 14:30 <REP> d-------- C:\Program Files\Securitoo
2008-07-30 14:30 . 2008-07-30 14:30 <REP> d-------- C:\Program Files\SAGEM
2008-07-30 14:13 . 2008-07-30 14:35 <REP> d-------- C:\Program Files\Orange HSS
2008-07-30 14:13 . 2008-07-30 14:13 <REP> d-------- C:\Program Files\Fichiers communs\France Telecom
2008-07-30 14:13 . 2006-03-01 19:53 94,208 --a------ C:\WINDOWS\system32\w32n50.dll
2008-07-30 14:13 . 2007-07-31 14:57 65,536 --a------ C:\WINDOWS\system32\Autodial2000.dll
2008-07-30 14:13 . 2003-09-23 11:38 34,688 --a------ C:\WINDOWS\system32\pcampr5.sys
2008-07-30 14:13 . 2006-03-01 19:53 32,128 --a------ C:\WINDOWS\system32\pcandis5.sys
2008-07-30 13:23 . 2008-07-30 13:23 <REP> d-------- C:\Program Files\Battlefront
2008-07-30 12:12 . 2008-07-30 12:12 <REP> d-------- C:\Program Files\PanVision
2008-07-30 11:41 . 2008-07-30 11:41 <REP> d-------- C:\Program Files\Fusion Games
2008-07-29 13:44 . 2008-07-29 13:44 <REP> d-------- C:\Program Files\Pointstone
2008-07-28 11:32 . 2008-07-28 11:32 <REP> d-------- C:\Nouveau dossier
2008-07-28 11:29 . 2008-08-08 07:34 <REP> d-------- C:\Program Files\IsoBuster
2008-07-27 14:49 . 2008-07-27 14:49 <REP> d-------- C:\Program Files\Frogster
2008-07-27 13:36 . 2008-07-27 13:36 <REP> d--h----- C:\WINDOWS\PIF
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-24 11:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-24 11:20 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-08-18 10:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-18 09:29 --------- d-----w C:\Documents and Settings\admin\Application Data\Atari
2008-08-18 08:48 --------- d-----w C:\Program Files\Atari
2008-08-16 14:22 27,868 ----a-w C:\Documents and Settings\admin\Application Data\wklnhst.dat
2008-08-15 14:56 --------- d-----w C:\Program Files\Active Share Monitor
2008-08-12 11:26 --------- d-----w C:\Program Files\BoontyGames
2008-08-07 11:37 --------- d-----w C:\Program Files\GV logiciel-casino
2008-08-06 09:06 --------- d-----w C:\Program Files\BattleTanks II
2008-08-01 10:28 --------- d-----w C:\Program Files\Yahoo!
2008-07-31 07:47 --------- d-----w C:\Program Files\GameSpy Arcade
2008-07-30 09:27 --------- d-----w C:\Program Files\Lingo
2008-07-27 12:39 --------- d-----w C:\Program Files\Google
2008-07-11 06:33 --------- d-----w C:\Program Files\Incomplete
2008-07-11 06:33 --------- d-----w C:\Program Files\Alien Sky
2008-07-11 06:33 --------- d-----w C:\Documents and Settings\admin\Application Data\LimeWire
2008-07-09 06:18 --------- d-----w C:\Program Files\Terminal Reality
2008-07-09 05:34 --------- d-----w C:\Program Files\MiST land - South
2008-07-08 11:38 --------- d-----w C:\Program Files\Pet Soccer
2008-07-07 07:25 --------- d-----w C:\Program Files\Arovax AntiSpyware
2008-07-07 06:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-07 06:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Arovax
2008-07-07 05:23 --------- d-----w C:\Program Files\Ascentive
2008-07-04 06:08 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-07-03 09:50 --------- d-----w C:\Program Files\Nuclear Coffee
2008-07-03 09:46 --------- d-----w C:\Program Files\FolderSecurityGuard
2008-07-01 06:56 --------- d-----w C:\Program Files\HotHotSoftwareFullVersion
2008-06-27 11:45 --------- d-----w C:\Program Files\Steganos Safe One
2008-06-24 16:02 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-06-24 16:02 23,352 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-24 16:02 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-23 15:42 280,039 ----a-w C:\WINDOWS\Frontsd.zip
2008-06-23 15:42 175,717 ----a-w C:\WINDOWS\jellyka_castles_queen.zip
2008-06-23 15:41 52,758 ----a-w C:\WINDOWS\Fronts.zip
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-05-27 15:44 64,824 ----a-w C:\Documents and Settings\admin\Application Data\GDIPFONTCACHEV1.DAT
2008-05-25 10:19 0 ----a-w C:\Program Files\temp01
2004-03-11 11:27 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
2008-03-04 13:44 1470488 --a------ C:\Program Files\MyPlayCity\tbMyP0.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "C:\Program Files\MyPlayCity\tbMyP0.dll" [2008-03-04 13:44 1470488]
[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"= "C:\Program Files\MyPlayCity\tbMyP0.dll" [2008-03-04 13:44 1470488]
[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 23:18 443968]
"ActiveShareMonitor"="C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe" [2008-06-28 07:58 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" [2004-09-30 08:44 7957504]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-03-28 15:48 622592]
"SetDefPrt"="C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2006-04-10 14:58 61440]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 16:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-06-24 15:22 368640]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 18:15 221184]
"ORAHSSSessionManager"="C:\Program Files\Orange HSS\SessionManager\SessionManager.exe" [2007-07-24 19:03 102400]
"SystrayORAHSS"="C:\Program Files\Orange HSS\Systray\SystrayApp.exe" [2007-07-24 19:55 94208]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 06:15 15872]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-07-16 09:16 1166216]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2005-07-11 10:44 482816]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2006-04-10 14:58 61440]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll
[HKLM\~\startupfolder\C:^Documents and Settings^admin^Menu Démarrer^Programmes^Démarrage^Scol.lnk]
path=C:\Documents and Settings\admin\Menu Démarrer\Programmes\Démarrage\Scol.lnk
backup=C:\WINDOWS\pss\Scol.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2004-03-23 17:15 335872 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--------- 2004-09-07 15:25 1400944 C:\Program Files\Ahead\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2005-02-16 18:15 221184 C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2005-02-16 18:15 81920 C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
--------- 2004-09-22 16:10 1871872 C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
--a------ 2005-03-17 19:17 57393 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-12-08 17:35 32768 C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
-ra------ 2003-10-14 10:22 155648 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ATI Smart"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Atari\\Terminator 3 - War of the Machines\\T3.exe"=
"C:\\GTL\\GTLConfig.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\patriots.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"C:\\Program Files\\Orange HSS\\Connectivity\\ConnectivityManager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-08-06 10:28]
R1 SLEE_16_DRIVER;Steganos Live Encryption Engine 16 [Driver];C:\WINDOWS\system32\drivers\Sleen16.sys [2007-10-11 12:24]
R2 Machnm32;Machnm32 Driver;C:\WINDOWS\System32\Machnm32.sys [2003-08-13 01:27]
S3 gkmixern;gkmixern;C:\DOCUME~1\admin\LOCALS~1\Temp\gkmixern.sys []
S3 GoogleDesktopManager-121807-210419;Google Desktop Manager 5.7.712.18632;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-12-26 10:45]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S4 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a374993-ef8b-11dc-bdaa-00110913fe43}]
\Shell\AutoRun\command - F:\EmDesk.exe
\Shell\EmDesk\command - F:\EmDesk.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Performance Center - C:\Program Files\Ascentive\Performance Center\ApcMain.exe
MSConfigStartUp-gxioolulu - c:\windows\system32\gxioolulu.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\mfbraiq9.default\
FF -: plugin - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\QuickTime\Plugins\npqtplugin8.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-24 13:22:33
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Unlocker\UnlockerHook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\[u]0[/u]\FTRTSVC.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\[u]0[/u]\AlertModule.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-24 13:42:20 - machine was rebooted [admin]
ComboFix-quarantined-files.txt 2008-08-24 11:41:52
Pre-Run: 59,363,799,040 octets libres
Post-Run: 59,359,162,368 octets libres
294 --- E O F --- 2008-08-10 09:17:12
Desolé de repondre seulement maintenant !
Attends avant de faire quoi que ce soit, je previens quelqu'un !
Attends avant de faire quoi que ce soit, je previens quelqu'un !
Salut
fais ceci :
Démarrer > executer > tape : services.msc
- Clic droit sur le service cité - Boonty games
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »
Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html
2) Supprime le dossier :
Va dans "C:\program files\fichiers communs\" trouve & supprime le dossier " boonty shared "
ensuite :
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la ligne qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Program Files\InstallShield Installation Information\
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
ensuite :
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
http://download.piriform.com/ccsetup210.exe
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-> Tuto : https://www.malekal.com/tutoriel-ccleaner/
ensuite :
Télécharge HijackThis ici :
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> ftp://ftp.commentcamarche.com/download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
fais ceci :
Démarrer > executer > tape : services.msc
- Clic droit sur le service cité - Boonty games
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »
Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html
2) Supprime le dossier :
Va dans "C:\program files\fichiers communs\" trouve & supprime le dossier " boonty shared "
ensuite :
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la ligne qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Program Files\InstallShield Installation Information\
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
ensuite :
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
http://download.piriform.com/ccsetup210.exe
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-> Tuto : https://www.malekal.com/tutoriel-ccleaner/
ensuite :
Télécharge HijackThis ici :
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> ftp://ftp.commentcamarche.com/download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
"Va dans "C:\program files\fichiers communs\" trouve & supprime le dossier " boonty shared " "
Je ne trouve pas boonty shared.
Je ne trouve pas boonty shared.
Voici un rapport :
C:\Program Files\InstallShield Installation Information\{F76A0D31-7144-447C-9CC7-8F0C2FE932A7} moved successfully.
C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D} moved successfully.
C:\Program Files\InstallShield Installation Information\{EE51FA1C-3680-4CD2-8C01-D1BB60369370} moved successfully.
C:\Program Files\InstallShield Installation Information\{E66403EF-BEB0-496E-A74D-50BF8D5A26A8} moved successfully.
C:\Program Files\InstallShield Installation Information\{C4F1B9FE-F3AF-11D5-93D1-00C0CA18FDE6} moved successfully.
C:\Program Files\InstallShield Installation Information\{C4555760-A6AC-11D4-8DE4-00105AF17047} moved successfully.
C:\Program Files\InstallShield Installation Information\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604} moved successfully.
C:\Program Files\InstallShield Installation Information\{B97CF5C3-0487-11D8-A36E-0050BAE317E1} moved successfully.
C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD} moved successfully.
C:\Program Files\InstallShield Installation Information\{B864EBC6-9DB8-4A5E-9F08-B0CE286785EC} moved successfully.
C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861} moved successfully.
C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684} moved successfully.
C:\Program Files\InstallShield Installation Information\{A9375E67-BC52-45B3-A99B-0096C5F6378E} moved successfully.
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC} moved successfully.
C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1} moved successfully.
C:\Program Files\InstallShield Installation Information\{994351DD-1653-425A-AC0B-AB38CB6D686D} moved successfully.
C:\Program Files\InstallShield Installation Information\{990036E7-D647-45A4-8F7F-1CB277EF0ABD} moved successfully.
C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6} moved successfully.
C:\Program Files\InstallShield Installation Information\{80BF3273-80FD-4A24-8E60-E07356F2DB31} moved successfully.
C:\Program Files\InstallShield Installation Information\{75E3F38F-E9CA-493C-A007-D8F351E9DAA7} moved successfully.
C:\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249} moved successfully.
C:\Program Files\InstallShield Installation Information\{719B3B74-73EA-4071-BA9B-DBEC8A4CFB6E}(2) moved successfully.
C:\Program Files\InstallShield Installation Information\{719B3B74-73EA-4071-BA9B-DBEC8A4CFB6E} moved successfully.
C:\Program Files\InstallShield Installation Information\{6D51D6C0-531F-414C-95B2-791BF963F35F} moved successfully.
C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} moved successfully.
C:\Program Files\InstallShield Installation Information\{5F87EF36-A373-11D5-AA2E-0008C760B784} moved successfully.
C:\Program Files\InstallShield Installation Information\{5ED9E38C-9A96-49D8-89B3-92E278003FCF} moved successfully.
C:\Program Files\InstallShield Installation Information\{554C348A-0AB9-48E9-98F4-1CF4E15077E3} moved successfully.
C:\Program Files\InstallShield Installation Information\{545D8F61-EA1E-425F-8BC2-CE37B22320AE} moved successfully.
C:\Program Files\InstallShield Installation Information\{43801800-CFEE-11D2-A41B-006097B55AD3} moved successfully.
C:\Program Files\InstallShield Installation Information\{40A6C96D-808E-41DD-8716-617AB6B0F1F1} moved successfully.
C:\Program Files\InstallShield Installation Information\{40241730-F7BA-4699-9690-461E423B0AA5} moved successfully.
C:\Program Files\InstallShield Installation Information\{3EF79591-BF16-4CF8-8FF0-D8AD968228B1} moved successfully.
C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66} moved successfully.
C:\Program Files\InstallShield Installation Information\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F} moved successfully.
C:\Program Files\InstallShield Installation Information\{20D4A895-748C-4D88-871C-FDB1695B0169} moved successfully.
C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} moved successfully.
C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6} moved successfully.
C:\Program Files\InstallShield Installation Information\{15F52B39-04CB-4EDB-9A8C-496C4A5588E2} moved successfully.
C:\Program Files\InstallShield Installation Information\{11581B7A-E460-4078-894B-978249254D71} moved successfully.
C:\Program Files\InstallShield Installation Information\{103B6835-DCA0-413F-A99E-ECAD6622726E} moved successfully.
C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C} moved successfully.
C:\Program Files\InstallShield Installation Information\{09C8B025-F0C5-4EF2-BC4F-399269BDE0C8} moved successfully.
C:\Program Files\InstallShield Installation Information\{00D15456-F679-4AD4-8BD2-56450D4C3F72} moved successfully.
C:\Program Files\InstallShield Installation Information\UpdateService\Database moved successfully.
C:\Program Files\InstallShield Installation Information\UpdateService moved successfully.
C:\Program Files\InstallShield Installation Information moved successfully.
File/Folder not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08242008_141956
C:\Program Files\InstallShield Installation Information\{F76A0D31-7144-447C-9CC7-8F0C2FE932A7} moved successfully.
C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D} moved successfully.
C:\Program Files\InstallShield Installation Information\{EE51FA1C-3680-4CD2-8C01-D1BB60369370} moved successfully.
C:\Program Files\InstallShield Installation Information\{E66403EF-BEB0-496E-A74D-50BF8D5A26A8} moved successfully.
C:\Program Files\InstallShield Installation Information\{C4F1B9FE-F3AF-11D5-93D1-00C0CA18FDE6} moved successfully.
C:\Program Files\InstallShield Installation Information\{C4555760-A6AC-11D4-8DE4-00105AF17047} moved successfully.
C:\Program Files\InstallShield Installation Information\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604} moved successfully.
C:\Program Files\InstallShield Installation Information\{B97CF5C3-0487-11D8-A36E-0050BAE317E1} moved successfully.
C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD} moved successfully.
C:\Program Files\InstallShield Installation Information\{B864EBC6-9DB8-4A5E-9F08-B0CE286785EC} moved successfully.
C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861} moved successfully.
C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684} moved successfully.
C:\Program Files\InstallShield Installation Information\{A9375E67-BC52-45B3-A99B-0096C5F6378E} moved successfully.
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC} moved successfully.
C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1} moved successfully.
C:\Program Files\InstallShield Installation Information\{994351DD-1653-425A-AC0B-AB38CB6D686D} moved successfully.
C:\Program Files\InstallShield Installation Information\{990036E7-D647-45A4-8F7F-1CB277EF0ABD} moved successfully.
C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6} moved successfully.
C:\Program Files\InstallShield Installation Information\{80BF3273-80FD-4A24-8E60-E07356F2DB31} moved successfully.
C:\Program Files\InstallShield Installation Information\{75E3F38F-E9CA-493C-A007-D8F351E9DAA7} moved successfully.
C:\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249} moved successfully.
C:\Program Files\InstallShield Installation Information\{719B3B74-73EA-4071-BA9B-DBEC8A4CFB6E}(2) moved successfully.
C:\Program Files\InstallShield Installation Information\{719B3B74-73EA-4071-BA9B-DBEC8A4CFB6E} moved successfully.
C:\Program Files\InstallShield Installation Information\{6D51D6C0-531F-414C-95B2-791BF963F35F} moved successfully.
C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} moved successfully.
C:\Program Files\InstallShield Installation Information\{5F87EF36-A373-11D5-AA2E-0008C760B784} moved successfully.
C:\Program Files\InstallShield Installation Information\{5ED9E38C-9A96-49D8-89B3-92E278003FCF} moved successfully.
C:\Program Files\InstallShield Installation Information\{554C348A-0AB9-48E9-98F4-1CF4E15077E3} moved successfully.
C:\Program Files\InstallShield Installation Information\{545D8F61-EA1E-425F-8BC2-CE37B22320AE} moved successfully.
C:\Program Files\InstallShield Installation Information\{43801800-CFEE-11D2-A41B-006097B55AD3} moved successfully.
C:\Program Files\InstallShield Installation Information\{40A6C96D-808E-41DD-8716-617AB6B0F1F1} moved successfully.
C:\Program Files\InstallShield Installation Information\{40241730-F7BA-4699-9690-461E423B0AA5} moved successfully.
C:\Program Files\InstallShield Installation Information\{3EF79591-BF16-4CF8-8FF0-D8AD968228B1} moved successfully.
C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66} moved successfully.
C:\Program Files\InstallShield Installation Information\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F} moved successfully.
C:\Program Files\InstallShield Installation Information\{20D4A895-748C-4D88-871C-FDB1695B0169} moved successfully.
C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} moved successfully.
C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6} moved successfully.
C:\Program Files\InstallShield Installation Information\{15F52B39-04CB-4EDB-9A8C-496C4A5588E2} moved successfully.
C:\Program Files\InstallShield Installation Information\{11581B7A-E460-4078-894B-978249254D71} moved successfully.
C:\Program Files\InstallShield Installation Information\{103B6835-DCA0-413F-A99E-ECAD6622726E} moved successfully.
C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C} moved successfully.
C:\Program Files\InstallShield Installation Information\{09C8B025-F0C5-4EF2-BC4F-399269BDE0C8} moved successfully.
C:\Program Files\InstallShield Installation Information\{00D15456-F679-4AD4-8BD2-56450D4C3F72} moved successfully.
C:\Program Files\InstallShield Installation Information\UpdateService\Database moved successfully.
C:\Program Files\InstallShield Installation Information\UpdateService moved successfully.
C:\Program Files\InstallShield Installation Information moved successfully.
File/Folder not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08242008_141956
Rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:23:09, on 24/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Orange HSS\Launcher\Launcher.exe
C:\Program Files\Orange HSS\connectivity\connectivitymanager.exe
C:\Program Files\Orange HSS\Deskboard\deskboard.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\admin\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: NXIECatcher Class - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ActiveShareMonitor] C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: FreshDownload - {EDB83019-25D1-43B8-867D-9EA624EF67E2} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Desktop Manager 5.7.712.18632 (GoogleDesktopManager-121807-210419) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: Google Traduction - https://translate.google.com/?hl=fr
O24 - Desktop Component 2: PI to 4 Million (4194304) Decimals - http://zenwerx.com/pi.php
O24 - Desktop Component 3: (no name) - http://moi.xoo.it/
O24 - Desktop Component 4: Compte CommentCaMarche de admin 3 - http://www.commentcamarche.net/v885395 25f9e794323b453885f5181f1b624d0b
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:23:09, on 24/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Orange HSS\Launcher\Launcher.exe
C:\Program Files\Orange HSS\connectivity\connectivitymanager.exe
C:\Program Files\Orange HSS\Deskboard\deskboard.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\admin\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: NXIECatcher Class - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ActiveShareMonitor] C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: FreshDownload - {EDB83019-25D1-43B8-867D-9EA624EF67E2} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Desktop Manager 5.7.712.18632 (GoogleDesktopManager-121807-210419) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: Google Traduction - https://translate.google.com/?hl=fr
O24 - Desktop Component 2: PI to 4 Million (4194304) Decimals - http://zenwerx.com/pi.php
O24 - Desktop Component 3: (no name) - http://moi.xoo.it/
O24 - Desktop Component 4: Compte CommentCaMarche de admin 3 - http://www.commentcamarche.net/v885395 25f9e794323b453885f5181f1b624d0b
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la ligne qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Program Files\Fichiers communs\BOONTY Shared\
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la ligne qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Program Files\Fichiers communs\BOONTY Shared\
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
Voici le rapport :
Folder C:\Program Files\Fichiers communs\BOONTY Shared\ not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08252008_130138
"not found" est peu-être normal puisque je l'ai supprimé depuis longtemps.
Folder C:\Program Files\Fichiers communs\BOONTY Shared\ not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08252008_130138
"not found" est peu-être normal puisque je l'ai supprimé depuis longtemps.
salut,
je te conseil de désinstaller spyware doctor car inefficace
désinstal java car pas a jours et telecharge et instal cette version :
https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com&File=jre-6u7-windows-i586-p-s.exe&AuthParam=1580978146_46494a57fbc0e7c89e79cfb72e28cd3a&ext=.exe
idem pour adobe reader :
http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.0/fra/AdbeRdr90_fr_FR.exe
ensuite refais un scan hijackthis et post le rapport stp
je te conseil de désinstaller spyware doctor car inefficace
désinstal java car pas a jours et telecharge et instal cette version :
https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com&File=jre-6u7-windows-i586-p-s.exe&AuthParam=1580978146_46494a57fbc0e7c89e79cfb72e28cd3a&ext=.exe
idem pour adobe reader :
http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.0/fra/AdbeRdr90_fr_FR.exe
ensuite refais un scan hijackthis et post le rapport stp
Voici le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:03:41, on 26/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\admin\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: NXIECatcher Class - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ActiveShareMonitor] C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: FreshDownload - {EDB83019-25D1-43B8-867D-9EA624EF67E2} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Desktop Manager 5.7.712.18632 (GoogleDesktopManager-121807-210419) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: Google Traduction - https://translate.google.com/?hl=fr
O24 - Desktop Component 2: PI to 4 Million (4194304) Decimals - http://zenwerx.com/pi.php
O24 - Desktop Component 3: (no name) - http://moi.xoo.it/
O24 - Desktop Component 4: Compte CommentCaMarche de admin 3 - http://www.commentcamarche.net/v885395 25f9e794323b453885f5181f1b624d0b
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:03:41, on 26/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\admin\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: NXIECatcher Class - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ActiveShareMonitor] C:\Program Files\Active Share Monitor\ActiveShareMonitor.exe h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: FreshDownload - {EDB83019-25D1-43B8-867D-9EA624EF67E2} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Desktop Manager 5.7.712.18632 (GoogleDesktopManager-121807-210419) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: Google Traduction - https://translate.google.com/?hl=fr
O24 - Desktop Component 2: PI to 4 Million (4194304) Decimals - http://zenwerx.com/pi.php
O24 - Desktop Component 3: (no name) - http://moi.xoo.it/
O24 - Desktop Component 4: Compte CommentCaMarche de admin 3 - http://www.commentcamarche.net/v885395 25f9e794323b453885f5181f1b624d0b
Réouvre hiajckthis
fais scan only
coches ces lignes :
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O24 - Desktop Component 1: Google Traduction - https://translate.google.com/?hl=fr
O24 - Desktop Component 2: PI to 4 Million (4194304) Decimals - http://zenwerx.com/pi.php
O24 - Desktop Component 3: (no name) - http://moi.xoo.it/
O24 - Desktop Component 4: Compte CommentCaMarche de admin 3 - http://www.commentcamarche.net/v885395 25f9e794323b453885f5181f1b624d0b
tu les coches et tu clci sur fix checked
ensuite as tu lu ce message ,? car les MAJ n ont pas été faites :
http://www.commentcamarche.net/forum/affich 8038411 trojan?entiere#40
* pour supprimer les outils/fix utilisés :
Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
fais scan only
coches ces lignes :
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O24 - Desktop Component 1: Google Traduction - https://translate.google.com/?hl=fr
O24 - Desktop Component 2: PI to 4 Million (4194304) Decimals - http://zenwerx.com/pi.php
O24 - Desktop Component 3: (no name) - http://moi.xoo.it/
O24 - Desktop Component 4: Compte CommentCaMarche de admin 3 - http://www.commentcamarche.net/v885395 25f9e794323b453885f5181f1b624d0b
tu les coches et tu clci sur fix checked
ensuite as tu lu ce message ,? car les MAJ n ont pas été faites :
http://www.commentcamarche.net/forum/affich 8038411 trojan?entiere#40
* pour supprimer les outils/fix utilisés :
Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
J'ai fais les mises à jour mais je n'ai pas supprimé spyware doctor. Suis-je obligé ?
Est-ce normal que la recherche Toolscleaner2 prenne autant de temps ?
Est-ce normal que la recherche Toolscleaner2 prenne autant de temps ?
Il est terminé. Je ne trouve pas le rapport.
Peux-tu m'expliquer ce que veut dire " à la racine de ton disque dur " ?
Peux-tu m'expliquer ce que veut dire " à la racine de ton disque dur " ?
En cherchant un peu :
-->- Recherche:
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\admin\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\admin\Recent\HijackThis.lnk: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\admin\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\admin\Recent\HijackThis.lnk: supprimé !
C:\_OtMoveIt: supprimé !
-->- Recherche:
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\admin\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\admin\Recent\HijackThis.lnk: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\admin\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\admin\Recent\HijackThis.lnk: supprimé !
C:\_OtMoveIt: supprimé !
si tu n as pas d autres soucis change le statut du sujet en resolu stp
http://www.commentcamarche.net/faq/sujet 11365 marquer un fil de discussion comme etant resolu
http://www.commentcamarche.net/faq/sujet 11365 marquer un fil de discussion comme etant resolu