Probleme avec Win32:Swizzor [Trj]
TOTOF20
-
Destrio5 Messages postés 85985 Date d'inscription Statut Modérateur Dernière intervention -
Destrio5 Messages postés 85985 Date d'inscription Statut Modérateur Dernière intervention -
Bonjour,
Comme je l'ai soulignre sur la reponse que tu avais fait a une autre personne comme ui j'ai le meme probleme avec se maudit trojan swizzor. A qui a dit qu'il fallait laisser les femme sur les pc en tt les cas c pas moi donc come tu la ecrit sur l'ancien message j'ai telechargé LOP&sd et il ma donner un rapport que je vais te mettre dans se message apres tu me diras se qu'il en est voila merci de l'aide que tu pourrras m'apporté.
Rapport :
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Rev 1.00
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [1] ( 23/08/2008|17:15 )
--------------------\\ Listing des dossiers dans APPLIC~1
[12/04/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[12/04/2008|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[12/04/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[12/04/2008|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[20/08/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[20/05/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[27/07/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[21/08/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[31/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/04/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[23/08/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
[23/08/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[23/07/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
[12/04/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/07/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml850.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml851.tmp
[04/05/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml852.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml853.tmp
[12/04/2008|16:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[12/04/2008|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/04/2008|15:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[12/04/2008|14:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[12/04/2008|15:38] C:\DOCUME~1\tof\APPLIC~1\Adobe
[13/04/2008|20:31] C:\DOCUME~1\tof\APPLIC~1\Ahead
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\aignes
[16/05/2008|20:27] C:\DOCUME~1\tof\APPLIC~1\DeepBurner
[12/04/2008|16:14] C:\DOCUME~1\tof\APPLIC~1\desktop.ini
[27/05/2008|19:51] C:\DOCUME~1\tof\APPLIC~1\F-Secure
[18/05/2008|00:17] C:\DOCUME~1\tof\APPLIC~1\Google
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\gtopala
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\Identities
[29/04/2008|12:46] C:\DOCUME~1\tof\APPLIC~1\InstallShield
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Macromedia
[21/08/2008|19:26] C:\DOCUME~1\tof\APPLIC~1\Malwarebytes
[12/04/2008|17:38] C:\DOCUME~1\tof\APPLIC~1\Media Player Classic
[23/07/2008|20:06] C:\DOCUME~1\tof\APPLIC~1\Microsoft
[12/04/2008|15:21] C:\DOCUME~1\tof\APPLIC~1\Mozilla
[23/07/2008|20:10] C:\DOCUME~1\tof\APPLIC~1\Opera
[22/04/2008|20:35] C:\DOCUME~1\tof\APPLIC~1\Samsung
[23/08/2008|16:33] C:\DOCUME~1\tof\APPLIC~1\slow multi build
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Sun
[27/07/2008|21:30] C:\DOCUME~1\tof\APPLIC~1\teamspeak2
[22/08/2008|14:11] C:\DOCUME~1\tof\APPLIC~1\uTorrent
[12/04/2008|15:08] C:\DOCUME~1\tof\APPLIC~1\vlc
[30/04/2008|15:27] C:\DOCUME~1\tof\APPLIC~1\Winamp
[02/05/2008|00:40] C:\DOCUME~1\tof\APPLIC~1\Windows Live Writer
[12/04/2008|20:08] C:\DOCUME~1\tof\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/08/2008 16:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
[06/09/2002 22:59][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/08/2008|10:22] C:\Program Files\Alwil Software
[30/05/2008|13:50] C:\Program Files\America's Army
[12/04/2008|14:55] C:\Program Files\Analog Devices
[23/08/2008|16:20] C:\Program Files\a-squared Free
[12/04/2008|14:19] C:\Program Files\ComPlus Applications
[11/08/2008|15:50] C:\Program Files\DEXXON
[23/08/2008|13:54] C:\Program Files\eMule
[11/08/2008|16:21] C:\Program Files\Fichiers communs
[21/08/2008|22:27] C:\Program Files\GalaPlayer
[13/05/2008|20:25] C:\Program Files\Google
[11/08/2008|16:21] C:\Program Files\InstallShield Installation Information
[12/04/2008|14:54] C:\Program Files\Intel
[13/04/2008|06:14] C:\Program Files\Internet Explorer
[12/04/2008|14:39] C:\Program Files\Java
[12/04/2008|14:27] C:\Program Files\JEUX
[02/05/2008|14:49] C:\Program Files\Kit ADSL
[15/08/2008|19:05] C:\Program Files\LunaPlayer
[23/08/2008|14:55] C:\Program Files\Malwarebytes' Anti-Malware
[12/04/2008|15:00] C:\Program Files\Marvell
[06/07/2008|12:51] C:\Program Files\McDonaldsFairies
[23/07/2008|23:32] C:\Program Files\Messenger
[12/04/2008|14:22] C:\Program Files\microsoft frontpage
[12/04/2008|14:37] C:\Program Files\Microsoft Office
[12/04/2008|16:13] C:\Program Files\Microsoft SQL Server Compact Edition
[12/04/2008|14:20] C:\Program Files\Movie Maker
[23/08/2008|10:20] C:\Program Files\Mozilla Firefox
[12/04/2008|14:19] C:\Program Files\MSN Gaming Zone
[12/04/2008|14:28] C:\Program Files\MSXML 4.0
[13/04/2008|06:14] C:\Program Files\MSXML 6.0
[12/04/2008|14:20] C:\Program Files\NetMeeting
[21/08/2008|19:14] C:\Program Files\Opera
[13/04/2008|06:14] C:\Program Files\Outlook Express
[12/04/2008|16:55] C:\Program Files\Pack Securite
[02/08/2008|19:56] C:\Program Files\Samsung
[12/04/2008|17:15] C:\Program Files\SLD Codec Pack
[21/08/2008|22:27] C:\Program Files\slow multi build
[23/08/2008|15:37] C:\Program Files\Spybot - Search & Destroy
[02/08/2008|19:57] C:\Program Files\Uninstall Information
[12/04/2008|14:27] C:\Program Files\UTILS
[17/08/2008|10:59] C:\Program Files\uTorrent
[30/05/2008|21:11] C:\Program Files\VGA USB Camera
[17/05/2008|16:27] C:\Program Files\VistaCodecPack
[23/07/2008|22:54] C:\Program Files\Windows Live
[06/07/2008|12:54] C:\Program Files\Windows Live Toolbar
[12/04/2008|14:37] C:\Program Files\Windows Media Connect 2
[12/04/2008|14:38] C:\Program Files\Windows Media Player
[12/04/2008|14:19] C:\Program Files\Windows NT
[12/04/2008|14:21] C:\Program Files\WindowsUpdate
[12/04/2008|14:38] C:\Program Files\WMV9_VCM
[12/04/2008|14:27] C:\Program Files\WSTARTUP
[12/04/2008|14:22] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|20:27] C:\Program Files\Fichiers communs\Adobe
[12/04/2008|17:19] C:\Program Files\Fichiers communs\Ahead
[19/07/2008|15:35] C:\Program Files\Fichiers communs\Blizzard Entertainment
[02/08/2008|19:56] C:\Program Files\Fichiers communs\InstallShield
[12/04/2008|14:39] C:\Program Files\Fichiers communs\Java
[15/08/2008|15:40] C:\Program Files\Fichiers communs\Macromedia
[02/08/2008|19:57] C:\Program Files\Fichiers communs\Microsoft Shared
[12/04/2008|14:20] C:\Program Files\Fichiers communs\MSSoap
[11/08/2008|16:21] C:\Program Files\Fichiers communs\NewSoft
[12/04/2008|16:14] C:\Program Files\Fichiers communs\ODBC
[12/04/2008|14:20] C:\Program Files\Fichiers communs\Services
[12/04/2008|16:14] C:\Program Files\Fichiers communs\SpeechEngines
[13/04/2008|06:14] C:\Program Files\Fichiers communs\System
[12/04/2008|15:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 56 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\tof\APPLIC~1\SLOWMU~1
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\GalaPlayer.lnk
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\HomePage.lnk
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\Uninstall.lnk
C:\Program Files\GalaPlayer
C:\DOCUME~1\tof\Cookies\tof@advertstream[1].txt
C:\WINDOWS\Prefetch\GALAPLAYER-1.3.0.0-SETUP.EXE-2A082E3F.pf
C:\WINDOWS\Prefetch\GALAPLAYER.EXE-309BBCE7.pf
C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[1].txt
C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[2].txt
C:\DOCUME~1\tof\Cookies\tof@32vegas[1].txt
C:\DOCUME~1\tof\Cookies\tof@banner.32vegas[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BoltBoneAudio]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\tof\\APPLIC~1\\SLOWMU~1\\site itch extra.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Send Find"="C:\\DOCUME~1\\tof\\APPLIC~1\\SLOWMU~1\\site itch extra.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-23 17:18:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\tof\Local Settings\Application Data\Opera\Opera\profile\bt_metadata\keygen.exe.dat
[F:21][D:22]-> C:\DOCUME~1\tof\LOCALS~1\Temp
[F:132][D:0]-> C:\DOCUME~1\tof\Cookies
[F:1223][D:6]-> C:\DOCUME~1\tof\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 17:19:36
Comme je l'ai soulignre sur la reponse que tu avais fait a une autre personne comme ui j'ai le meme probleme avec se maudit trojan swizzor. A qui a dit qu'il fallait laisser les femme sur les pc en tt les cas c pas moi donc come tu la ecrit sur l'ancien message j'ai telechargé LOP&sd et il ma donner un rapport que je vais te mettre dans se message apres tu me diras se qu'il en est voila merci de l'aide que tu pourrras m'apporté.
Rapport :
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Rev 1.00
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [1] ( 23/08/2008|17:15 )
--------------------\\ Listing des dossiers dans APPLIC~1
[12/04/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[12/04/2008|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[12/04/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[12/04/2008|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[20/08/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[20/05/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[27/07/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[21/08/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[31/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/04/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[23/08/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
[23/08/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[23/07/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
[12/04/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/07/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml850.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml851.tmp
[04/05/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml852.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml853.tmp
[12/04/2008|16:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[12/04/2008|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/04/2008|15:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[12/04/2008|14:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[12/04/2008|15:38] C:\DOCUME~1\tof\APPLIC~1\Adobe
[13/04/2008|20:31] C:\DOCUME~1\tof\APPLIC~1\Ahead
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\aignes
[16/05/2008|20:27] C:\DOCUME~1\tof\APPLIC~1\DeepBurner
[12/04/2008|16:14] C:\DOCUME~1\tof\APPLIC~1\desktop.ini
[27/05/2008|19:51] C:\DOCUME~1\tof\APPLIC~1\F-Secure
[18/05/2008|00:17] C:\DOCUME~1\tof\APPLIC~1\Google
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\gtopala
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\Identities
[29/04/2008|12:46] C:\DOCUME~1\tof\APPLIC~1\InstallShield
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Macromedia
[21/08/2008|19:26] C:\DOCUME~1\tof\APPLIC~1\Malwarebytes
[12/04/2008|17:38] C:\DOCUME~1\tof\APPLIC~1\Media Player Classic
[23/07/2008|20:06] C:\DOCUME~1\tof\APPLIC~1\Microsoft
[12/04/2008|15:21] C:\DOCUME~1\tof\APPLIC~1\Mozilla
[23/07/2008|20:10] C:\DOCUME~1\tof\APPLIC~1\Opera
[22/04/2008|20:35] C:\DOCUME~1\tof\APPLIC~1\Samsung
[23/08/2008|16:33] C:\DOCUME~1\tof\APPLIC~1\slow multi build
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Sun
[27/07/2008|21:30] C:\DOCUME~1\tof\APPLIC~1\teamspeak2
[22/08/2008|14:11] C:\DOCUME~1\tof\APPLIC~1\uTorrent
[12/04/2008|15:08] C:\DOCUME~1\tof\APPLIC~1\vlc
[30/04/2008|15:27] C:\DOCUME~1\tof\APPLIC~1\Winamp
[02/05/2008|00:40] C:\DOCUME~1\tof\APPLIC~1\Windows Live Writer
[12/04/2008|20:08] C:\DOCUME~1\tof\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/08/2008 16:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
[06/09/2002 22:59][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/08/2008|10:22] C:\Program Files\Alwil Software
[30/05/2008|13:50] C:\Program Files\America's Army
[12/04/2008|14:55] C:\Program Files\Analog Devices
[23/08/2008|16:20] C:\Program Files\a-squared Free
[12/04/2008|14:19] C:\Program Files\ComPlus Applications
[11/08/2008|15:50] C:\Program Files\DEXXON
[23/08/2008|13:54] C:\Program Files\eMule
[11/08/2008|16:21] C:\Program Files\Fichiers communs
[21/08/2008|22:27] C:\Program Files\GalaPlayer
[13/05/2008|20:25] C:\Program Files\Google
[11/08/2008|16:21] C:\Program Files\InstallShield Installation Information
[12/04/2008|14:54] C:\Program Files\Intel
[13/04/2008|06:14] C:\Program Files\Internet Explorer
[12/04/2008|14:39] C:\Program Files\Java
[12/04/2008|14:27] C:\Program Files\JEUX
[02/05/2008|14:49] C:\Program Files\Kit ADSL
[15/08/2008|19:05] C:\Program Files\LunaPlayer
[23/08/2008|14:55] C:\Program Files\Malwarebytes' Anti-Malware
[12/04/2008|15:00] C:\Program Files\Marvell
[06/07/2008|12:51] C:\Program Files\McDonaldsFairies
[23/07/2008|23:32] C:\Program Files\Messenger
[12/04/2008|14:22] C:\Program Files\microsoft frontpage
[12/04/2008|14:37] C:\Program Files\Microsoft Office
[12/04/2008|16:13] C:\Program Files\Microsoft SQL Server Compact Edition
[12/04/2008|14:20] C:\Program Files\Movie Maker
[23/08/2008|10:20] C:\Program Files\Mozilla Firefox
[12/04/2008|14:19] C:\Program Files\MSN Gaming Zone
[12/04/2008|14:28] C:\Program Files\MSXML 4.0
[13/04/2008|06:14] C:\Program Files\MSXML 6.0
[12/04/2008|14:20] C:\Program Files\NetMeeting
[21/08/2008|19:14] C:\Program Files\Opera
[13/04/2008|06:14] C:\Program Files\Outlook Express
[12/04/2008|16:55] C:\Program Files\Pack Securite
[02/08/2008|19:56] C:\Program Files\Samsung
[12/04/2008|17:15] C:\Program Files\SLD Codec Pack
[21/08/2008|22:27] C:\Program Files\slow multi build
[23/08/2008|15:37] C:\Program Files\Spybot - Search & Destroy
[02/08/2008|19:57] C:\Program Files\Uninstall Information
[12/04/2008|14:27] C:\Program Files\UTILS
[17/08/2008|10:59] C:\Program Files\uTorrent
[30/05/2008|21:11] C:\Program Files\VGA USB Camera
[17/05/2008|16:27] C:\Program Files\VistaCodecPack
[23/07/2008|22:54] C:\Program Files\Windows Live
[06/07/2008|12:54] C:\Program Files\Windows Live Toolbar
[12/04/2008|14:37] C:\Program Files\Windows Media Connect 2
[12/04/2008|14:38] C:\Program Files\Windows Media Player
[12/04/2008|14:19] C:\Program Files\Windows NT
[12/04/2008|14:21] C:\Program Files\WindowsUpdate
[12/04/2008|14:38] C:\Program Files\WMV9_VCM
[12/04/2008|14:27] C:\Program Files\WSTARTUP
[12/04/2008|14:22] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|20:27] C:\Program Files\Fichiers communs\Adobe
[12/04/2008|17:19] C:\Program Files\Fichiers communs\Ahead
[19/07/2008|15:35] C:\Program Files\Fichiers communs\Blizzard Entertainment
[02/08/2008|19:56] C:\Program Files\Fichiers communs\InstallShield
[12/04/2008|14:39] C:\Program Files\Fichiers communs\Java
[15/08/2008|15:40] C:\Program Files\Fichiers communs\Macromedia
[02/08/2008|19:57] C:\Program Files\Fichiers communs\Microsoft Shared
[12/04/2008|14:20] C:\Program Files\Fichiers communs\MSSoap
[11/08/2008|16:21] C:\Program Files\Fichiers communs\NewSoft
[12/04/2008|16:14] C:\Program Files\Fichiers communs\ODBC
[12/04/2008|14:20] C:\Program Files\Fichiers communs\Services
[12/04/2008|16:14] C:\Program Files\Fichiers communs\SpeechEngines
[13/04/2008|06:14] C:\Program Files\Fichiers communs\System
[12/04/2008|15:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 56 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\tof\APPLIC~1\SLOWMU~1
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\GalaPlayer.lnk
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\HomePage.lnk
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\Uninstall.lnk
C:\Program Files\GalaPlayer
C:\DOCUME~1\tof\Cookies\tof@advertstream[1].txt
C:\WINDOWS\Prefetch\GALAPLAYER-1.3.0.0-SETUP.EXE-2A082E3F.pf
C:\WINDOWS\Prefetch\GALAPLAYER.EXE-309BBCE7.pf
C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[1].txt
C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[2].txt
C:\DOCUME~1\tof\Cookies\tof@32vegas[1].txt
C:\DOCUME~1\tof\Cookies\tof@banner.32vegas[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BoltBoneAudio]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\tof\\APPLIC~1\\SLOWMU~1\\site itch extra.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Send Find"="C:\\DOCUME~1\\tof\\APPLIC~1\\SLOWMU~1\\site itch extra.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-23 17:18:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\tof\Local Settings\Application Data\Opera\Opera\profile\bt_metadata\keygen.exe.dat
[F:21][D:22]-> C:\DOCUME~1\tof\LOCALS~1\Temp
[F:132][D:0]-> C:\DOCUME~1\tof\Cookies
[F:1223][D:6]-> C:\DOCUME~1\tof\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 17:19:36
A voir également:
- Probleme avec Win32:Swizzor [Trj]
- Puabundler win32 candyopen - Forum Virus
- Win32:miscx-gen ✓ - Forum Linux / Unix
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Puadimanager win32/offercore ✓ - Forum Virus
- Trojan win32 - Forum Virus
21 réponses
Salut,
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Me revoila Donc j'ai fait se que tu m'avais dit et voila donc le rapport :
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Rev 1.00
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [2] ( 23/08/2008|17:33 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\GalaPlayer.lnk
Supprime! - C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\HomePage.lnk
Supprime! - C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\Uninstall.lnk
Supprime! - C:\DOCUME~1\tof\Cookies\tof@advertstream[1].txt
Supprime! - C:\WINDOWS\Prefetch\GALAPLAYER-1.3.0.0-SETUP.EXE-2A082E3F.pf
Supprime! - C:\WINDOWS\Prefetch\GALAPLAYER.EXE-309BBCE7.pf
Supprime! - C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[1].txt
Supprime! - C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[2].txt
Supprime! - C:\DOCUME~1\tof\Cookies\tof@32vegas[1].txt
Supprime! - C:\DOCUME~1\tof\Cookies\tof@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
Supprime! - C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer
Supprime! - C:\Program Files\GalaPlayer
Supprime! - C:\DOCUME~1\tof\APPLIC~1\SLOWMU~1
Supprime! - C:\Program Files\SLOWMU~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[12/04/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[12/04/2008|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[12/04/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[12/04/2008|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[20/08/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[20/05/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[27/07/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[21/08/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[31/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/04/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[23/08/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[23/07/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
[12/04/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/07/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml850.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml851.tmp
[04/05/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml852.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml853.tmp
[12/04/2008|16:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[12/04/2008|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/04/2008|15:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[12/04/2008|14:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[12/04/2008|15:38] C:\DOCUME~1\tof\APPLIC~1\Adobe
[13/04/2008|20:31] C:\DOCUME~1\tof\APPLIC~1\Ahead
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\aignes
[16/05/2008|20:27] C:\DOCUME~1\tof\APPLIC~1\DeepBurner
[12/04/2008|16:14] C:\DOCUME~1\tof\APPLIC~1\desktop.ini
[27/05/2008|19:51] C:\DOCUME~1\tof\APPLIC~1\F-Secure
[18/05/2008|00:17] C:\DOCUME~1\tof\APPLIC~1\Google
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\gtopala
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\Identities
[29/04/2008|12:46] C:\DOCUME~1\tof\APPLIC~1\InstallShield
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Macromedia
[21/08/2008|19:26] C:\DOCUME~1\tof\APPLIC~1\Malwarebytes
[12/04/2008|17:38] C:\DOCUME~1\tof\APPLIC~1\Media Player Classic
[23/07/2008|20:06] C:\DOCUME~1\tof\APPLIC~1\Microsoft
[12/04/2008|15:21] C:\DOCUME~1\tof\APPLIC~1\Mozilla
[23/07/2008|20:10] C:\DOCUME~1\tof\APPLIC~1\Opera
[22/04/2008|20:35] C:\DOCUME~1\tof\APPLIC~1\Samsung
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Sun
[27/07/2008|21:30] C:\DOCUME~1\tof\APPLIC~1\teamspeak2
[22/08/2008|14:11] C:\DOCUME~1\tof\APPLIC~1\uTorrent
[12/04/2008|15:08] C:\DOCUME~1\tof\APPLIC~1\vlc
[30/04/2008|15:27] C:\DOCUME~1\tof\APPLIC~1\Winamp
[02/05/2008|00:40] C:\DOCUME~1\tof\APPLIC~1\Windows Live Writer
[12/04/2008|20:08] C:\DOCUME~1\tof\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/08/2008 16:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
[06/09/2002 22:59][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/08/2008|10:22] C:\Program Files\Alwil Software
[30/05/2008|13:50] C:\Program Files\America's Army
[12/04/2008|14:55] C:\Program Files\Analog Devices
[23/08/2008|16:20] C:\Program Files\a-squared Free
[12/04/2008|14:19] C:\Program Files\ComPlus Applications
[11/08/2008|15:50] C:\Program Files\DEXXON
[23/08/2008|13:54] C:\Program Files\eMule
[11/08/2008|16:21] C:\Program Files\Fichiers communs
[13/05/2008|20:25] C:\Program Files\Google
[11/08/2008|16:21] C:\Program Files\InstallShield Installation Information
[12/04/2008|14:54] C:\Program Files\Intel
[13/04/2008|06:14] C:\Program Files\Internet Explorer
[12/04/2008|14:39] C:\Program Files\Java
[12/04/2008|14:27] C:\Program Files\JEUX
[02/05/2008|14:49] C:\Program Files\Kit ADSL
[15/08/2008|19:05] C:\Program Files\LunaPlayer
[23/08/2008|14:55] C:\Program Files\Malwarebytes' Anti-Malware
[12/04/2008|15:00] C:\Program Files\Marvell
[06/07/2008|12:51] C:\Program Files\McDonaldsFairies
[23/07/2008|23:32] C:\Program Files\Messenger
[12/04/2008|14:22] C:\Program Files\microsoft frontpage
[12/04/2008|14:37] C:\Program Files\Microsoft Office
[12/04/2008|16:13] C:\Program Files\Microsoft SQL Server Compact Edition
[12/04/2008|14:20] C:\Program Files\Movie Maker
[23/08/2008|10:20] C:\Program Files\Mozilla Firefox
[12/04/2008|14:19] C:\Program Files\MSN Gaming Zone
[12/04/2008|14:28] C:\Program Files\MSXML 4.0
[13/04/2008|06:14] C:\Program Files\MSXML 6.0
[12/04/2008|14:20] C:\Program Files\NetMeeting
[21/08/2008|19:14] C:\Program Files\Opera
[13/04/2008|06:14] C:\Program Files\Outlook Express
[12/04/2008|16:55] C:\Program Files\Pack Securite
[02/08/2008|19:56] C:\Program Files\Samsung
[12/04/2008|17:15] C:\Program Files\SLD Codec Pack
[23/08/2008|15:37] C:\Program Files\Spybot - Search & Destroy
[02/08/2008|19:57] C:\Program Files\Uninstall Information
[12/04/2008|14:27] C:\Program Files\UTILS
[17/08/2008|10:59] C:\Program Files\uTorrent
[30/05/2008|21:11] C:\Program Files\VGA USB Camera
[17/05/2008|16:27] C:\Program Files\VistaCodecPack
[23/07/2008|22:54] C:\Program Files\Windows Live
[06/07/2008|12:54] C:\Program Files\Windows Live Toolbar
[12/04/2008|14:37] C:\Program Files\Windows Media Connect 2
[12/04/2008|14:38] C:\Program Files\Windows Media Player
[12/04/2008|14:19] C:\Program Files\Windows NT
[12/04/2008|14:21] C:\Program Files\WindowsUpdate
[12/04/2008|14:38] C:\Program Files\WMV9_VCM
[12/04/2008|14:27] C:\Program Files\WSTARTUP
[12/04/2008|14:22] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|20:27] C:\Program Files\Fichiers communs\Adobe
[12/04/2008|17:19] C:\Program Files\Fichiers communs\Ahead
[19/07/2008|15:35] C:\Program Files\Fichiers communs\Blizzard Entertainment
[02/08/2008|19:56] C:\Program Files\Fichiers communs\InstallShield
[12/04/2008|14:39] C:\Program Files\Fichiers communs\Java
[15/08/2008|15:40] C:\Program Files\Fichiers communs\Macromedia
[02/08/2008|19:57] C:\Program Files\Fichiers communs\Microsoft Shared
[12/04/2008|14:20] C:\Program Files\Fichiers communs\MSSoap
[11/08/2008|16:21] C:\Program Files\Fichiers communs\NewSoft
[12/04/2008|16:14] C:\Program Files\Fichiers communs\ODBC
[12/04/2008|14:20] C:\Program Files\Fichiers communs\Services
[12/04/2008|16:14] C:\Program Files\Fichiers communs\SpeechEngines
[13/04/2008|06:14] C:\Program Files\Fichiers communs\System
[12/04/2008|15:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 56 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-23 17:35:53
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\tof\Local Settings\Application Data\Opera\Opera\profile\bt_metadata\keygen.exe.dat
[F:16][D:21]-> C:\DOCUME~1\tof\LOCALS~1\Temp
[F:127][D:0]-> C:\DOCUME~1\tof\Cookies
[F:1221][D:6]-> C:\DOCUME~1\tof\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 17:37:26
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Rev 1.00
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [2] ( 23/08/2008|17:33 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\GalaPlayer.lnk
Supprime! - C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\HomePage.lnk
Supprime! - C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\Uninstall.lnk
Supprime! - C:\DOCUME~1\tof\Cookies\tof@advertstream[1].txt
Supprime! - C:\WINDOWS\Prefetch\GALAPLAYER-1.3.0.0-SETUP.EXE-2A082E3F.pf
Supprime! - C:\WINDOWS\Prefetch\GALAPLAYER.EXE-309BBCE7.pf
Supprime! - C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[1].txt
Supprime! - C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[2].txt
Supprime! - C:\DOCUME~1\tof\Cookies\tof@32vegas[1].txt
Supprime! - C:\DOCUME~1\tof\Cookies\tof@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
Supprime! - C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer
Supprime! - C:\Program Files\GalaPlayer
Supprime! - C:\DOCUME~1\tof\APPLIC~1\SLOWMU~1
Supprime! - C:\Program Files\SLOWMU~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[12/04/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[12/04/2008|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[12/04/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[12/04/2008|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[20/08/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[20/05/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[27/07/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[21/08/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[31/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/04/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[23/08/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[23/07/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
[12/04/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/07/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml850.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml851.tmp
[04/05/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml852.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml853.tmp
[12/04/2008|16:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[12/04/2008|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/04/2008|15:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[12/04/2008|14:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[12/04/2008|15:38] C:\DOCUME~1\tof\APPLIC~1\Adobe
[13/04/2008|20:31] C:\DOCUME~1\tof\APPLIC~1\Ahead
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\aignes
[16/05/2008|20:27] C:\DOCUME~1\tof\APPLIC~1\DeepBurner
[12/04/2008|16:14] C:\DOCUME~1\tof\APPLIC~1\desktop.ini
[27/05/2008|19:51] C:\DOCUME~1\tof\APPLIC~1\F-Secure
[18/05/2008|00:17] C:\DOCUME~1\tof\APPLIC~1\Google
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\gtopala
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\Identities
[29/04/2008|12:46] C:\DOCUME~1\tof\APPLIC~1\InstallShield
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Macromedia
[21/08/2008|19:26] C:\DOCUME~1\tof\APPLIC~1\Malwarebytes
[12/04/2008|17:38] C:\DOCUME~1\tof\APPLIC~1\Media Player Classic
[23/07/2008|20:06] C:\DOCUME~1\tof\APPLIC~1\Microsoft
[12/04/2008|15:21] C:\DOCUME~1\tof\APPLIC~1\Mozilla
[23/07/2008|20:10] C:\DOCUME~1\tof\APPLIC~1\Opera
[22/04/2008|20:35] C:\DOCUME~1\tof\APPLIC~1\Samsung
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Sun
[27/07/2008|21:30] C:\DOCUME~1\tof\APPLIC~1\teamspeak2
[22/08/2008|14:11] C:\DOCUME~1\tof\APPLIC~1\uTorrent
[12/04/2008|15:08] C:\DOCUME~1\tof\APPLIC~1\vlc
[30/04/2008|15:27] C:\DOCUME~1\tof\APPLIC~1\Winamp
[02/05/2008|00:40] C:\DOCUME~1\tof\APPLIC~1\Windows Live Writer
[12/04/2008|20:08] C:\DOCUME~1\tof\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/08/2008 16:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
[06/09/2002 22:59][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/08/2008|10:22] C:\Program Files\Alwil Software
[30/05/2008|13:50] C:\Program Files\America's Army
[12/04/2008|14:55] C:\Program Files\Analog Devices
[23/08/2008|16:20] C:\Program Files\a-squared Free
[12/04/2008|14:19] C:\Program Files\ComPlus Applications
[11/08/2008|15:50] C:\Program Files\DEXXON
[23/08/2008|13:54] C:\Program Files\eMule
[11/08/2008|16:21] C:\Program Files\Fichiers communs
[13/05/2008|20:25] C:\Program Files\Google
[11/08/2008|16:21] C:\Program Files\InstallShield Installation Information
[12/04/2008|14:54] C:\Program Files\Intel
[13/04/2008|06:14] C:\Program Files\Internet Explorer
[12/04/2008|14:39] C:\Program Files\Java
[12/04/2008|14:27] C:\Program Files\JEUX
[02/05/2008|14:49] C:\Program Files\Kit ADSL
[15/08/2008|19:05] C:\Program Files\LunaPlayer
[23/08/2008|14:55] C:\Program Files\Malwarebytes' Anti-Malware
[12/04/2008|15:00] C:\Program Files\Marvell
[06/07/2008|12:51] C:\Program Files\McDonaldsFairies
[23/07/2008|23:32] C:\Program Files\Messenger
[12/04/2008|14:22] C:\Program Files\microsoft frontpage
[12/04/2008|14:37] C:\Program Files\Microsoft Office
[12/04/2008|16:13] C:\Program Files\Microsoft SQL Server Compact Edition
[12/04/2008|14:20] C:\Program Files\Movie Maker
[23/08/2008|10:20] C:\Program Files\Mozilla Firefox
[12/04/2008|14:19] C:\Program Files\MSN Gaming Zone
[12/04/2008|14:28] C:\Program Files\MSXML 4.0
[13/04/2008|06:14] C:\Program Files\MSXML 6.0
[12/04/2008|14:20] C:\Program Files\NetMeeting
[21/08/2008|19:14] C:\Program Files\Opera
[13/04/2008|06:14] C:\Program Files\Outlook Express
[12/04/2008|16:55] C:\Program Files\Pack Securite
[02/08/2008|19:56] C:\Program Files\Samsung
[12/04/2008|17:15] C:\Program Files\SLD Codec Pack
[23/08/2008|15:37] C:\Program Files\Spybot - Search & Destroy
[02/08/2008|19:57] C:\Program Files\Uninstall Information
[12/04/2008|14:27] C:\Program Files\UTILS
[17/08/2008|10:59] C:\Program Files\uTorrent
[30/05/2008|21:11] C:\Program Files\VGA USB Camera
[17/05/2008|16:27] C:\Program Files\VistaCodecPack
[23/07/2008|22:54] C:\Program Files\Windows Live
[06/07/2008|12:54] C:\Program Files\Windows Live Toolbar
[12/04/2008|14:37] C:\Program Files\Windows Media Connect 2
[12/04/2008|14:38] C:\Program Files\Windows Media Player
[12/04/2008|14:19] C:\Program Files\Windows NT
[12/04/2008|14:21] C:\Program Files\WindowsUpdate
[12/04/2008|14:38] C:\Program Files\WMV9_VCM
[12/04/2008|14:27] C:\Program Files\WSTARTUP
[12/04/2008|14:22] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|20:27] C:\Program Files\Fichiers communs\Adobe
[12/04/2008|17:19] C:\Program Files\Fichiers communs\Ahead
[19/07/2008|15:35] C:\Program Files\Fichiers communs\Blizzard Entertainment
[02/08/2008|19:56] C:\Program Files\Fichiers communs\InstallShield
[12/04/2008|14:39] C:\Program Files\Fichiers communs\Java
[15/08/2008|15:40] C:\Program Files\Fichiers communs\Macromedia
[02/08/2008|19:57] C:\Program Files\Fichiers communs\Microsoft Shared
[12/04/2008|14:20] C:\Program Files\Fichiers communs\MSSoap
[11/08/2008|16:21] C:\Program Files\Fichiers communs\NewSoft
[12/04/2008|16:14] C:\Program Files\Fichiers communs\ODBC
[12/04/2008|14:20] C:\Program Files\Fichiers communs\Services
[12/04/2008|16:14] C:\Program Files\Fichiers communs\SpeechEngines
[13/04/2008|06:14] C:\Program Files\Fichiers communs\System
[12/04/2008|15:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 56 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-23 17:35:53
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\tof\Local Settings\Application Data\Opera\Opera\profile\bt_metadata\keygen.exe.dat
[F:16][D:21]-> C:\DOCUME~1\tof\LOCALS~1\Temp
[F:127][D:0]-> C:\DOCUME~1\tof\Cookies
[F:1221][D:6]-> C:\DOCUME~1\tof\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 17:37:26
- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
- Clique sur Install ensuite sur I Accept
- Clique sur Do a scan system and save log file
- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
- Clique sur Install ensuite sur I Accept
- Clique sur Do a scan system and save log file
- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
Et me revoila donc voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:44:16, on 23/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Pack Securite\Common\FSM32.EXE
C:\WINDOWS\vsnpstd3.exe
D:\Tv\Monitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IcoSauve.exe
D:\no ip\No-IP\DUC20.exe
C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Securite\FSAUA\program\fsus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Opera\opera.exe
H:\Teamspeak2_RC2\Teamspeak2_RC2\TeamSpeak.exe
C:\PROGRAM FILES\A-SQUARED FREE\A2FREE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\film bis\MegaIEMn.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ChangeFilterMerit] D:\Tv\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] D:\Tv\Monitor.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Startup: No-IP DUC.lnk = D:\no ip\No-IP\DUC20.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E59F51B4-4EB2-4A42-AD55-04A4BE1F3257}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - E:\AA\maconfservice.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:44:16, on 23/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Pack Securite\Common\FSM32.EXE
C:\WINDOWS\vsnpstd3.exe
D:\Tv\Monitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IcoSauve.exe
D:\no ip\No-IP\DUC20.exe
C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Securite\FSAUA\program\fsus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Opera\opera.exe
H:\Teamspeak2_RC2\Teamspeak2_RC2\TeamSpeak.exe
C:\PROGRAM FILES\A-SQUARED FREE\A2FREE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\film bis\MegaIEMn.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ChangeFilterMerit] D:\Tv\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] D:\Tv\Monitor.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Startup: No-IP DUC.lnk = D:\no ip\No-IP\DUC20.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E59F51B4-4EB2-4A42-AD55-04A4BE1F3257}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - E:\AA\maconfservice.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Lequel faut enveler ? j'ai avast qui est gratuit (met d'apres mes pote qui est pas top) et aussi F-secure qui a un probleme car il me met les définition des virus sont ancienne et j'arrive pas a faire une mise a jour (antivirus du neuf payant)
Et je tiens a te remercié pour l'aide que tu ma fournis :)
Et je tiens a te remercié pour l'aide que tu ma fournis :)
si je pense donc je garderai avast ? meme si mes pote me dise que qu'il est pas top ? ou voir si tu peux m'en proposer un meilleur et gratuit ^^ On sais jamais
Me revoila
donc voici le rapport apres c déshintallation :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:18:53, on 23/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\vsnpstd3.exe
D:\Tv\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\WINDOWS\system32\IcoSauve.exe
D:\no ip\No-IP\DUC20.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\film bis\MegaIEMn.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ChangeFilterMerit] D:\Tv\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] D:\Tv\Monitor.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Startup: No-IP DUC.lnk = D:\no ip\No-IP\DUC20.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E59F51B4-4EB2-4A42-AD55-04A4BE1F3257}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - E:\AA\maconfservice.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
donc voici le rapport apres c déshintallation :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:18:53, on 23/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\vsnpstd3.exe
D:\Tv\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\WINDOWS\system32\IcoSauve.exe
D:\no ip\No-IP\DUC20.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\film bis\MegaIEMn.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ChangeFilterMerit] D:\Tv\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] D:\Tv\Monitor.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Startup: No-IP DUC.lnk = D:\no ip\No-IP\DUC20.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E59F51B4-4EB2-4A42-AD55-04A4BE1F3257}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - E:\AA\maconfservice.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Installe Antivir :
http://dl1.avgate.net/down/windows/antivir_workstation_winu_en_h.exe
Mets-le à jour et fais un scan complet de ton disque dur :
https://www.malekal.com/avira-free-security-antivirus-gratuit/
http://dl1.avgate.net/down/windows/antivir_workstation_winu_en_h.exe
Mets-le à jour et fais un scan complet de ton disque dur :
https://www.malekal.com/avira-free-security-antivirus-gratuit/
ok je viens de faire se que tu ma dis.
Question c bien un anti virus ?*
Est-il efficace ?
Et mercie encore pour ton aide qui ma ete tres utile
Question c bien un anti virus ?*
Est-il efficace ?
Et mercie encore pour ton aide qui ma ete tres utile
Mercie bien pour ton aide actuellement je fait un scan avec donc je verai bien par contre j'ai aussi spybot, Malwarebytes' Anti-Malware, a-squared es-ce bien ?