Virus Obfuscared
link
-
Zangetsu Messages postés 1031 Statut Membre -
Zangetsu Messages postés 1031 Statut Membre -
Bonjour,
décidément je n'ai pas de chance, alors qu'en 2ans je n'ai eu aucun problème avec mon PC, en l'espace d'une semaine je me tape mon deuxième virus plutot chiant.
En effet, Antivir Guard vient de me détecter Obfuscared !
Que dois je faire pour le supprimer?
Merci d'avance pour votre aide
décidément je n'ai pas de chance, alors qu'en 2ans je n'ai eu aucun problème avec mon PC, en l'espace d'une semaine je me tape mon deuxième virus plutot chiant.
En effet, Antivir Guard vient de me détecter Obfuscared !
Que dois je faire pour le supprimer?
Merci d'avance pour votre aide
A voir également:
- Virus Obfuscared
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
19 réponses
Fais un log Hijackthis, s'il te plait, ça nous aidera. Si tu ne sais pas comment t'en servir, ci-dessous tu trouveras un tutoriel.
https://forums.cnetfrance.fr
https://forums.cnetfrance.fr
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:53, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Christophe\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [uhexzVfzg9] C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: taedrd.dll
O21 - SSODL: AppAdm - {49BD36A7-F680-A785-B01E-005FC47E944E} - C:\Program Files\ikvcgg\AppAdm.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Scan saved at 12:55:53, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Christophe\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [uhexzVfzg9] C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: taedrd.dll
O21 - SSODL: AppAdm - {49BD36A7-F680-A785-B01E-005FC47E944E} - C:\Program Files\ikvcgg\AppAdm.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Fixes les lignes (lance hijacthis, coches les lignes, fais "fix checked", en bas à gauche) :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
Renomme Hijackthis.exe en HJT.exe et refais un log.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
Renomme Hijackthis.exe en HJT.exe et refais un log.
Hop et revoila le nouveau log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:32, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Christophe\Bureau\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [uhexzVfzg9] C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: taedrd.dll
O21 - SSODL: AppAdm - {49BD36A7-F680-A785-B01E-005FC47E944E} - C:\Program Files\ikvcgg\AppAdm.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:32, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Christophe\Bureau\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [uhexzVfzg9] C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: taedrd.dll
O21 - SSODL: AppAdm - {49BD36A7-F680-A785-B01E-005FC47E944E} - C:\Program Files\ikvcgg\AppAdm.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Télécharges LopS&D à cette adresse :
http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/eliminez-pubs-cid-sujet_198443_1.htm
1) Lances-le.
2) Choisis l'option f (français).
3) Choisis l'option 2
3) Copies le contenu du rapport quand il a fini.
http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/eliminez-pubs-cid-sujet_198443_1.htm
1) Lances-le.
2) Choisis l'option f (français).
3) Choisis l'option 2
3) Copies le contenu du rapport quand il a fini.
le rapport
--------------------\\ Lop S&D 4.2.4-2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Christophe ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [2] ( 09/09/2008|13:32 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\CHRIST~1\Cookies\christophe@advertising[1].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[15/11/2006|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[03/09/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[03/09/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/09/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[09/09/2006|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[06/09/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hgdmlyho
[06/09/2008|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[07/11/2006|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/09/2008|17:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[18/11/2006|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[07/11/2006|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[06/09/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\services
[06/09/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\slwxenqj
[01/09/2006|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[06/09/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vyrapqfo
[01/09/2006|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/09/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[03/09/2008|14:47] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[15/11/2006|00:05] C:\DOCUME~1\CHRIST~1\APPLIC~1\AOL
[03/09/2008|16:10] C:\DOCUME~1\CHRIST~1\APPLIC~1\Apple Computer
[06/09/2008|19:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\Comodo
[01/09/2006|21:23] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[01/09/2006|16:11] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[09/09/2006|14:13] C:\DOCUME~1\CHRIST~1\APPLIC~1\La Bataille pour la Terre du Milieu
[01/09/2006|19:07] C:\DOCUME~1\CHRIST~1\APPLIC~1\Leadertech
[01/09/2006|22:47] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[06/09/2008|16:02] C:\DOCUME~1\CHRIST~1\APPLIC~1\Malwarebytes
[01/12/2006|21:37] C:\DOCUME~1\CHRIST~1\APPLIC~1\Micro Application
[06/09/2008|13:59] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[07/09/2008|19:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\Mozilla
[03/09/2008|20:01] C:\DOCUME~1\CHRIST~1\APPLIC~1\SecuROM
[03/09/2008|20:01] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sports Interactive
[02/09/2006|22:36] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[02/09/2006|16:36] C:\DOCUME~1\CHRIST~1\APPLIC~1\Talkback
[28/11/2006|19:32] C:\DOCUME~1\CHRIST~1\APPLIC~1\teamspeak2
[01/09/2006|19:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\TuneUp Software
[20/11/2006|18:40] C:\DOCUME~1\CHRIST~1\APPLIC~1\U3
[01/09/2006|22:29] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc
[01/12/2006|21:33] C:\DOCUME~1\CHRIST~1\APPLIC~1\Xfire
[07/11/2006|12:33] C:\DOCUME~1\CHRIST~1\APPLIC~1\You've Got Pictures Screensaver
[01/09/2006|16:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[11/11/2006|01:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/09/2006|16:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/09/2006|21:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[03/09/2008 15:54][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[05/09/2008 19:20][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[09/09/2008 11:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/09/2006|21:27] C:\Program Files\ADSL Autoconnect
[04/09/2006|19:42] C:\Program Files\Ahead
[01/09/2006|21:16] C:\Program Files\Alcatel
[09/09/2006|14:58] C:\Program Files\Alcohol Soft
[06/09/2008|17:42] C:\Program Files\Alwil Software
[01/09/2006|22:54] C:\Program Files\Analog Devices
[16/11/2006|21:41] C:\Program Files\AOL 9.0
[15/11/2006|22:01] C:\Program Files\AOL Compagnon
[23/11/2006|02:23] C:\Program Files\AOL Toolbar
[15/11/2006|21:29] C:\Program Files\AOLbox
[03/09/2008|15:54] C:\Program Files\Apple Software Update
[03/09/2008|18:14] C:\Program Files\Ares
[06/09/2008|18:28] C:\Program Files\AskSBar
[06/09/2008|17:50] C:\Program Files\Avira
[03/09/2008|15:55] C:\Program Files\Bonjour
[06/09/2008|18:00] C:\Program Files\CCleaner
[06/09/2008|19:23] C:\Program Files\COMODO
[01/09/2006|16:06] C:\Program Files\ComPlus Applications
[09/09/2006|21:54] C:\Program Files\CyberLink
[03/09/2008|18:13] C:\Program Files\eMule
[01/09/2006|19:07] C:\Program Files\Executive Software
[06/09/2008|17:09] C:\Program Files\Fichiers communs
[06/09/2008|13:37] C:\Program Files\ikvcgg
[03/09/2008|17:12] C:\Program Files\InstallShield Installation Information
[06/09/2008|13:58] C:\Program Files\Internet Explorer
[03/09/2008|15:56] C:\Program Files\iPod
[03/09/2008|15:56] C:\Program Files\iTunes
[03/09/2008|15:44] C:\Program Files\Java
[07/11/2006|12:33] C:\Program Files\Learn2.com
[06/09/2008|16:02] C:\Program Files\Malwarebytes' Anti-Malware
[14/11/2006|22:29] C:\Program Files\Marvell
[01/09/2006|21:16] C:\Program Files\Messager Wanadoo
[04/09/2008|18:04] C:\Program Files\Messenger
[01/12/2006|21:29] C:\Program Files\Micro Application
[01/09/2006|16:08] C:\Program Files\microsoft frontpage
[01/09/2006|18:16] C:\Program Files\Microsoft Office
[01/09/2006|18:16] C:\Program Files\Microsoft.NET
[02/09/2006|10:58] C:\Program Files\Movie Maker
[03/09/2008|17:12] C:\Program Files\Movies2iPhone
[09/09/2008|13:24] C:\Program Files\Mozilla Firefox
[01/09/2006|16:06] C:\Program Files\MSN
[01/09/2006|16:06] C:\Program Files\MSN Gaming Zone
[01/09/2006|17:55] C:\Program Files\NetMeeting
[01/09/2006|22:18] C:\Program Files\Outlook Express
[03/09/2008|15:55] C:\Program Files\QuickTime
[14/11/2006|20:38] C:\Program Files\Radmin
[07/11/2006|12:32] C:\Program Files\Real
[14/11/2006|22:23] C:\Program Files\RegCleaner
[01/09/2006|16:06] C:\Program Files\Services en ligne
[01/09/2006|23:13] C:\Program Files\Sunbelt Software
[28/11/2006|19:30] C:\Program Files\Teamspeak2_RC2
[08/10/2006|22:33] C:\Program Files\THQ
[06/09/2008|18:22] C:\Program Files\TuneUp Utilities 2006
[01/09/2006|16:11] C:\Program Files\Uninstall Information
[01/09/2006|22:27] C:\Program Files\VideoLAN
[01/09/2006|21:38] C:\Program Files\Wanadoo
[27/11/2006|21:02] C:\Program Files\Winamp
[03/09/2008|15:59] C:\Program Files\Windows Live
[28/11/2006|21:36] C:\Program Files\Windows Live Safety Center
[17/09/2006|13:44] C:\Program Files\Windows Media Player
[01/09/2006|17:55] C:\Program Files\Windows NT
[01/09/2006|16:06] C:\Program Files\WindowsUpdate
[07/11/2006|13:53] C:\Program Files\WinRAR
[01/09/2006|16:08] C:\Program Files\xerox
[01/12/2006|21:34] C:\Program Files\Xfire
[14/11/2006|22:05] C:\Program Files\xp-AntiSpy
[03/09/2008|20:00] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/12/2006|21:29] C:\Program Files\Fichiers communs\Acronis
[04/09/2006|19:42] C:\Program Files\Fichiers communs\Ahead
[15/11/2006|22:42] C:\Program Files\Fichiers communs\AOL
[07/11/2006|12:33] C:\Program Files\Fichiers communs\aolback
[15/11/2006|21:43] C:\Program Files\Fichiers communs\AOLSHARE
[03/09/2008|15:54] C:\Program Files\Fichiers communs\Apple
[01/09/2006|18:16] C:\Program Files\Fichiers communs\DESIGNER
[02/09/2006|16:56] C:\Program Files\Fichiers communs\InstallShield
[02/09/2006|22:34] C:\Program Files\Fichiers communs\Java
[03/09/2008|15:59] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|16:07] C:\Program Files\Fichiers communs\MSSoap
[07/11/2006|20:06] C:\Program Files\Fichiers communs\NSV
[07/11/2006|12:33] C:\Program Files\Fichiers communs\Nullsoft
[01/09/2006|17:01] C:\Program Files\Fichiers communs\ODBC
[07/11/2006|12:32] C:\Program Files\Fichiers communs\Real
[01/09/2006|16:07] C:\Program Files\Fichiers communs\Services
[01/09/2006|17:01] C:\Program Files\Fichiers communs\SpeechEngines
[01/09/2006|22:18] C:\Program Files\Fichiers communs\System
[03/09/2008|15:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 42 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 13:33:26
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\CHRIST~1\Local Settings\Application Data\Ares\My Shared Folder\antispyware 2008 xp serial crack.pdf
[F:74][D:26]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
[F:45][D:0]-> C:\DOCUME~1\CHRIST~1\Cookies
[F:631][D:8]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|13:33 - Option : [2]
--------------------\\ Fin du rapport a 13:33:50
--------------------\\ Lop S&D 4.2.4-2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Christophe ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [2] ( 09/09/2008|13:32 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\CHRIST~1\Cookies\christophe@advertising[1].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[15/11/2006|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[03/09/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[03/09/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/09/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[09/09/2006|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[06/09/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hgdmlyho
[06/09/2008|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[07/11/2006|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/09/2008|17:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[18/11/2006|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[07/11/2006|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[06/09/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\services
[06/09/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\slwxenqj
[01/09/2006|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[06/09/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vyrapqfo
[01/09/2006|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/09/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[03/09/2008|14:47] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[15/11/2006|00:05] C:\DOCUME~1\CHRIST~1\APPLIC~1\AOL
[03/09/2008|16:10] C:\DOCUME~1\CHRIST~1\APPLIC~1\Apple Computer
[06/09/2008|19:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\Comodo
[01/09/2006|21:23] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[01/09/2006|16:11] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[09/09/2006|14:13] C:\DOCUME~1\CHRIST~1\APPLIC~1\La Bataille pour la Terre du Milieu
[01/09/2006|19:07] C:\DOCUME~1\CHRIST~1\APPLIC~1\Leadertech
[01/09/2006|22:47] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[06/09/2008|16:02] C:\DOCUME~1\CHRIST~1\APPLIC~1\Malwarebytes
[01/12/2006|21:37] C:\DOCUME~1\CHRIST~1\APPLIC~1\Micro Application
[06/09/2008|13:59] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[07/09/2008|19:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\Mozilla
[03/09/2008|20:01] C:\DOCUME~1\CHRIST~1\APPLIC~1\SecuROM
[03/09/2008|20:01] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sports Interactive
[02/09/2006|22:36] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[02/09/2006|16:36] C:\DOCUME~1\CHRIST~1\APPLIC~1\Talkback
[28/11/2006|19:32] C:\DOCUME~1\CHRIST~1\APPLIC~1\teamspeak2
[01/09/2006|19:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\TuneUp Software
[20/11/2006|18:40] C:\DOCUME~1\CHRIST~1\APPLIC~1\U3
[01/09/2006|22:29] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc
[01/12/2006|21:33] C:\DOCUME~1\CHRIST~1\APPLIC~1\Xfire
[07/11/2006|12:33] C:\DOCUME~1\CHRIST~1\APPLIC~1\You've Got Pictures Screensaver
[01/09/2006|16:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[11/11/2006|01:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/09/2006|16:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/09/2006|21:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[03/09/2008 15:54][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[05/09/2008 19:20][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[09/09/2008 11:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/09/2006|21:27] C:\Program Files\ADSL Autoconnect
[04/09/2006|19:42] C:\Program Files\Ahead
[01/09/2006|21:16] C:\Program Files\Alcatel
[09/09/2006|14:58] C:\Program Files\Alcohol Soft
[06/09/2008|17:42] C:\Program Files\Alwil Software
[01/09/2006|22:54] C:\Program Files\Analog Devices
[16/11/2006|21:41] C:\Program Files\AOL 9.0
[15/11/2006|22:01] C:\Program Files\AOL Compagnon
[23/11/2006|02:23] C:\Program Files\AOL Toolbar
[15/11/2006|21:29] C:\Program Files\AOLbox
[03/09/2008|15:54] C:\Program Files\Apple Software Update
[03/09/2008|18:14] C:\Program Files\Ares
[06/09/2008|18:28] C:\Program Files\AskSBar
[06/09/2008|17:50] C:\Program Files\Avira
[03/09/2008|15:55] C:\Program Files\Bonjour
[06/09/2008|18:00] C:\Program Files\CCleaner
[06/09/2008|19:23] C:\Program Files\COMODO
[01/09/2006|16:06] C:\Program Files\ComPlus Applications
[09/09/2006|21:54] C:\Program Files\CyberLink
[03/09/2008|18:13] C:\Program Files\eMule
[01/09/2006|19:07] C:\Program Files\Executive Software
[06/09/2008|17:09] C:\Program Files\Fichiers communs
[06/09/2008|13:37] C:\Program Files\ikvcgg
[03/09/2008|17:12] C:\Program Files\InstallShield Installation Information
[06/09/2008|13:58] C:\Program Files\Internet Explorer
[03/09/2008|15:56] C:\Program Files\iPod
[03/09/2008|15:56] C:\Program Files\iTunes
[03/09/2008|15:44] C:\Program Files\Java
[07/11/2006|12:33] C:\Program Files\Learn2.com
[06/09/2008|16:02] C:\Program Files\Malwarebytes' Anti-Malware
[14/11/2006|22:29] C:\Program Files\Marvell
[01/09/2006|21:16] C:\Program Files\Messager Wanadoo
[04/09/2008|18:04] C:\Program Files\Messenger
[01/12/2006|21:29] C:\Program Files\Micro Application
[01/09/2006|16:08] C:\Program Files\microsoft frontpage
[01/09/2006|18:16] C:\Program Files\Microsoft Office
[01/09/2006|18:16] C:\Program Files\Microsoft.NET
[02/09/2006|10:58] C:\Program Files\Movie Maker
[03/09/2008|17:12] C:\Program Files\Movies2iPhone
[09/09/2008|13:24] C:\Program Files\Mozilla Firefox
[01/09/2006|16:06] C:\Program Files\MSN
[01/09/2006|16:06] C:\Program Files\MSN Gaming Zone
[01/09/2006|17:55] C:\Program Files\NetMeeting
[01/09/2006|22:18] C:\Program Files\Outlook Express
[03/09/2008|15:55] C:\Program Files\QuickTime
[14/11/2006|20:38] C:\Program Files\Radmin
[07/11/2006|12:32] C:\Program Files\Real
[14/11/2006|22:23] C:\Program Files\RegCleaner
[01/09/2006|16:06] C:\Program Files\Services en ligne
[01/09/2006|23:13] C:\Program Files\Sunbelt Software
[28/11/2006|19:30] C:\Program Files\Teamspeak2_RC2
[08/10/2006|22:33] C:\Program Files\THQ
[06/09/2008|18:22] C:\Program Files\TuneUp Utilities 2006
[01/09/2006|16:11] C:\Program Files\Uninstall Information
[01/09/2006|22:27] C:\Program Files\VideoLAN
[01/09/2006|21:38] C:\Program Files\Wanadoo
[27/11/2006|21:02] C:\Program Files\Winamp
[03/09/2008|15:59] C:\Program Files\Windows Live
[28/11/2006|21:36] C:\Program Files\Windows Live Safety Center
[17/09/2006|13:44] C:\Program Files\Windows Media Player
[01/09/2006|17:55] C:\Program Files\Windows NT
[01/09/2006|16:06] C:\Program Files\WindowsUpdate
[07/11/2006|13:53] C:\Program Files\WinRAR
[01/09/2006|16:08] C:\Program Files\xerox
[01/12/2006|21:34] C:\Program Files\Xfire
[14/11/2006|22:05] C:\Program Files\xp-AntiSpy
[03/09/2008|20:00] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/12/2006|21:29] C:\Program Files\Fichiers communs\Acronis
[04/09/2006|19:42] C:\Program Files\Fichiers communs\Ahead
[15/11/2006|22:42] C:\Program Files\Fichiers communs\AOL
[07/11/2006|12:33] C:\Program Files\Fichiers communs\aolback
[15/11/2006|21:43] C:\Program Files\Fichiers communs\AOLSHARE
[03/09/2008|15:54] C:\Program Files\Fichiers communs\Apple
[01/09/2006|18:16] C:\Program Files\Fichiers communs\DESIGNER
[02/09/2006|16:56] C:\Program Files\Fichiers communs\InstallShield
[02/09/2006|22:34] C:\Program Files\Fichiers communs\Java
[03/09/2008|15:59] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|16:07] C:\Program Files\Fichiers communs\MSSoap
[07/11/2006|20:06] C:\Program Files\Fichiers communs\NSV
[07/11/2006|12:33] C:\Program Files\Fichiers communs\Nullsoft
[01/09/2006|17:01] C:\Program Files\Fichiers communs\ODBC
[07/11/2006|12:32] C:\Program Files\Fichiers communs\Real
[01/09/2006|16:07] C:\Program Files\Fichiers communs\Services
[01/09/2006|17:01] C:\Program Files\Fichiers communs\SpeechEngines
[01/09/2006|22:18] C:\Program Files\Fichiers communs\System
[03/09/2008|15:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 42 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 13:33:26
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\CHRIST~1\Local Settings\Application Data\Ares\My Shared Folder\antispyware 2008 xp serial crack.pdf
[F:74][D:26]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
[F:45][D:0]-> C:\DOCUME~1\CHRIST~1\Cookies
[F:631][D:8]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|13:33 - Option : [2]
--------------------\\ Fin du rapport a 13:33:50
Refais un log hijackthis.
info: ton pc n'est pas encore clean. On ne règle pas un virus en un seul programme.
info: ton pc n'est pas encore clean. On ne règle pas un virus en un seul programme.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48:20, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Christophe\Bureau\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [uhexzVfzg9] C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: taedrd.dll
O21 - SSODL: AppAdm - {49BD36A7-F680-A785-B01E-005FC47E944E} - C:\Program Files\ikvcgg\AppAdm.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Scan saved at 14:48:20, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Christophe\Bureau\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [uhexzVfzg9] C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: taedrd.dll
O21 - SSODL: AppAdm - {49BD36A7-F680-A785-B01E-005FC47E944E} - C:\Program Files\ikvcgg\AppAdm.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Télécharges LopXP à cette adresse :
http://www.commentcamarche.net/telecharger/telecharger 34055210 lopxp
1) Lances Lopxp.bat et choisis l'option 1 pour générer un rapport.
2) Tu fermes lopxp et le rapport quand c'est fini.
2) Vas dans Démarrer > Exécuter puis copies/colles TOUT ce qu'il y a entre crochet : ["%programfiles%\Lopxp\Lopxp.bat" /Fixme] puis valide.
3) Le mode fixe reprendra tous les fichiers mentionnés dans la partie suggestion du 1er rapport généré.
4) Pour chaque fichier, tu devras choisir entre accepter (appuyer sur la touche y) ou refuser (appuyer sur la touche n) la suppression.
5) Les sauvegardes de chaque suppression seront stockées dans le dossier C:\Programfiles\Lopxp\Sauvegardes.
6) Refais un log Hijackthis que tu posteras après le rapport n°2 de lopxp.
http://www.commentcamarche.net/telecharger/telecharger 34055210 lopxp
1) Lances Lopxp.bat et choisis l'option 1 pour générer un rapport.
2) Tu fermes lopxp et le rapport quand c'est fini.
2) Vas dans Démarrer > Exécuter puis copies/colles TOUT ce qu'il y a entre crochet : ["%programfiles%\Lopxp\Lopxp.bat" /Fixme] puis valide.
3) Le mode fixe reprendra tous les fichiers mentionnés dans la partie suggestion du 1er rapport généré.
4) Pour chaque fichier, tu devras choisir entre accepter (appuyer sur la touche y) ou refuser (appuyer sur la touche n) la suppression.
5) Les sauvegardes de chaque suppression seront stockées dans le dossier C:\Programfiles\Lopxp\Sauvegardes.
6) Refais un log Hijackthis que tu posteras après le rapport n°2 de lopxp.
j'ai fait ce que tu m'a dit mais j'ai eu aucune proposition de suppression fichier.
ci joint le rapport de lopxp
# Rapport Lopxp fait le 09/09/2008 à 15:47:41
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.06 - Maj du 05/02/2008
========== FixLog ==========
+- Fichiers temporaires :
Nettoyage effectué.
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2006-11-15 à 19:42:24 - AOL
2008-09-03 à 13:54:06 - Apple
2008-09-03 à 13:56:00 - Apple Computer
2008-09-06 à 15:50:29 - Avira
2006-09-09 à 19:54:10 - CyberLink
2008-09-06 à 11:37:21 - hgdmlyho
2008-09-06 à 14:02:04 - Malwarebytes
2006-11-07 à 12:04:19 - Microsoft
2008-09-06 à 15:08:37 - NortonInstaller
2006-11-18 à 11:53:39 - nView_Profiles
2006-11-07 à 10:33:22 - QuickTime
2008-09-06 à 14:30:25 - services
2008-09-09 à 13:45:55 - slwxenqj
2006-09-01 à 16:57:48 - TuneUp Software
2008-09-06 à 11:37:21 - vyrapqfo
2006-09-01 à 20:02:11 - Windows Genuine Advantage
2008-09-03 à 13:58:33 - WLInstaller
+- C:\Documents and Settings\Christophe\Application Data
2008-09-03 à 12:47:14 - Adobe
2006-11-14 à 22:05:16 - AOL
2008-09-03 à 14:10:36 - Apple Computer
2008-09-06 à 17:16:10 - Comodo
2006-09-01 à 19:23:08 - Help
2006-09-01 à 14:11:48 - Identities
2006-09-09 à 12:13:07 - La Bataille pour la Terre du Milieu
2006-09-01 à 17:07:23 - Leadertech
2006-09-01 à 20:47:06 - Macromedia
2008-09-06 à 14:02:10 - Malwarebytes
2006-12-01 à 19:37:24 - Micro Application
2008-09-06 à 11:59:51 - Microsoft
2008-09-07 à 17:03:39 - Mozilla
2008-09-03 à 18:01:14 - SecuROM
2008-09-03 à 18:01:26 - Sports Interactive
2006-09-02 à 20:36:49 - Sun
2006-09-02 à 14:36:48 - Talkback
2006-11-28 à 17:32:54 - teamspeak2
2006-09-01 à 17:04:41 - TuneUp Software
2006-11-20 à 16:40:14 - U3
2006-09-01 à 20:29:07 - vlc
2006-12-01 à 19:33:09 - Xfire
2006-11-07 à 10:33:48 - You've Got Pictures Screensaver
+- C:\Documents and Settings\Christophe\Local Settings\Application Data
2006-09-04 à 17:44:01 - Ahead
2008-09-03 à 13:54:31 - Apple
2008-09-03 à 14:59:02 - Apple Computer
2008-09-03 à 16:48:04 - Ares
2006-09-01 à 19:23:08 - Help
2006-09-01 à 19:36:20 - Identities
2008-09-06 à 15:28:18 - Microsoft
2006-09-02 à 14:36:18 - Mozilla
2006-09-07 à 16:01:36 - Oblivion
2006-11-11 à 18:19:21 - Ubisoft
2006-09-02 à 11:46:03 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2006-09-01 à 19:27:26 - ADSL Autoconnect
2006-09-04 à 17:42:23 - Ahead
2006-09-01 à 19:16:53 - Alcatel
2006-09-09 à 12:58:14 - Alcohol Soft
2008-09-06 à 15:42:07 - Alwil Software
2006-09-01 à 20:54:15 - Analog Devices
2006-11-16 à 19:41:19 - AOL 9.0
2006-11-15 à 20:01:21 - AOL Compagnon
2006-11-23 à 00:23:34 - AOL Toolbar
2006-11-15 à 19:29:11 - AOLbox
2008-09-03 à 13:54:30 - Apple Software Update
2008-09-03 à 16:14:24 - Ares
2008-09-06 à 16:28:18 - AskSBar
2008-09-06 à 15:50:29 - Avira
2008-09-03 à 13:55:50 - Bonjour
2008-09-06 à 16:00:34 - CCleaner
2008-09-06 à 17:23:32 - COMODO
2006-09-01 à 14:06:42 - ComPlus Applications
2006-09-09 à 19:54:09 - CyberLink
2008-09-03 à 16:13:01 - eMule
2006-09-01 à 17:07:11 - Executive Software
2008-09-06 à 15:09:56 - Fichiers communs
2008-09-06 à 11:37:03 - ikvcgg
2008-09-03 à 15:12:23 - InstallShield Installation Information
2008-09-06 à 11:58:11 - Internet Explorer
2008-09-03 à 13:56:03 - iPod
2008-09-03 à 13:56:12 - iTunes
2008-09-03 à 13:44:58 - Java
2006-11-07 à 10:33:48 - Learn2.com
2008-09-09 à 13:47:45 - Lopxp
2008-09-06 à 14:02:09 - Malwarebytes' Anti-Malware
2006-11-14 à 20:29:30 - Marvell
2006-09-01 à 19:16:25 - Messager Wanadoo
2008-09-04 à 16:04:12 - Messenger
2006-12-01 à 19:29:02 - Micro Application
2006-09-01 à 14:08:40 - microsoft frontpage
2006-09-01 à 16:16:26 - Microsoft Office
2006-09-01 à 16:16:38 - Microsoft.NET
2006-09-02 à 08:58:03 - Movie Maker
2008-09-03 à 15:12:10 - Movies2iPhone
2008-09-09 à 12:19:06 - Mozilla Firefox
2006-09-01 à 14:06:27 - MSN
2006-09-01 à 14:06:20 - MSN Gaming Zone
2006-09-01 à 15:55:09 - NetMeeting
2006-09-01 à 20:18:25 - Outlook Express
2008-09-03 à 13:55:38 - QuickTime
2006-11-14 à 18:38:57 - Radmin
2006-11-07 à 10:32:41 - Real
2006-11-14 à 20:23:11 - RegCleaner
2006-09-01 à 14:06:27 - Services en ligne
2006-09-01 à 21:13:35 - Sunbelt Software
2006-11-28 à 17:30:51 - Teamspeak2_RC2
2006-10-08 à 20:33:34 - THQ
2008-09-06 à 16:22:37 - TuneUp Utilities 2006
2006-09-01 à 14:11:42 - Uninstall Information
2006-09-01 à 20:27:50 - VideoLAN
2006-09-01 à 19:38:44 - Wanadoo
2006-11-27 à 19:02:48 - Winamp
2008-09-03 à 13:59:21 - Windows Live
2006-11-28 à 19:36:09 - Windows Live Safety Center
2006-09-17 à 11:44:33 - Windows Media Player
2006-09-01 à 15:55:07 - Windows NT
2006-09-01 à 14:06:27 - WindowsUpdate
2006-11-07 à 11:53:32 - WinRAR
2006-09-01 à 14:08:40 - xerox
2006-12-01 à 19:34:12 - Xfire
2006-11-14 à 20:05:54 - xp-AntiSpy
2008-09-03 à 18:00:56 - Zero G Registry
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Maintenance en 1 clic.job: C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe /schedulestart
========== Clés registre
========== Bloqueur popups Internet Explorer
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
+- Dossiers\Fichiers : Aucune suggestion.
+- Registre : Aucune suggestion.
- Fin du rapport -
ci joint le rapport de lopxp
# Rapport Lopxp fait le 09/09/2008 à 15:47:41
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.06 - Maj du 05/02/2008
========== FixLog ==========
+- Fichiers temporaires :
Nettoyage effectué.
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2006-11-15 à 19:42:24 - AOL
2008-09-03 à 13:54:06 - Apple
2008-09-03 à 13:56:00 - Apple Computer
2008-09-06 à 15:50:29 - Avira
2006-09-09 à 19:54:10 - CyberLink
2008-09-06 à 11:37:21 - hgdmlyho
2008-09-06 à 14:02:04 - Malwarebytes
2006-11-07 à 12:04:19 - Microsoft
2008-09-06 à 15:08:37 - NortonInstaller
2006-11-18 à 11:53:39 - nView_Profiles
2006-11-07 à 10:33:22 - QuickTime
2008-09-06 à 14:30:25 - services
2008-09-09 à 13:45:55 - slwxenqj
2006-09-01 à 16:57:48 - TuneUp Software
2008-09-06 à 11:37:21 - vyrapqfo
2006-09-01 à 20:02:11 - Windows Genuine Advantage
2008-09-03 à 13:58:33 - WLInstaller
+- C:\Documents and Settings\Christophe\Application Data
2008-09-03 à 12:47:14 - Adobe
2006-11-14 à 22:05:16 - AOL
2008-09-03 à 14:10:36 - Apple Computer
2008-09-06 à 17:16:10 - Comodo
2006-09-01 à 19:23:08 - Help
2006-09-01 à 14:11:48 - Identities
2006-09-09 à 12:13:07 - La Bataille pour la Terre du Milieu
2006-09-01 à 17:07:23 - Leadertech
2006-09-01 à 20:47:06 - Macromedia
2008-09-06 à 14:02:10 - Malwarebytes
2006-12-01 à 19:37:24 - Micro Application
2008-09-06 à 11:59:51 - Microsoft
2008-09-07 à 17:03:39 - Mozilla
2008-09-03 à 18:01:14 - SecuROM
2008-09-03 à 18:01:26 - Sports Interactive
2006-09-02 à 20:36:49 - Sun
2006-09-02 à 14:36:48 - Talkback
2006-11-28 à 17:32:54 - teamspeak2
2006-09-01 à 17:04:41 - TuneUp Software
2006-11-20 à 16:40:14 - U3
2006-09-01 à 20:29:07 - vlc
2006-12-01 à 19:33:09 - Xfire
2006-11-07 à 10:33:48 - You've Got Pictures Screensaver
+- C:\Documents and Settings\Christophe\Local Settings\Application Data
2006-09-04 à 17:44:01 - Ahead
2008-09-03 à 13:54:31 - Apple
2008-09-03 à 14:59:02 - Apple Computer
2008-09-03 à 16:48:04 - Ares
2006-09-01 à 19:23:08 - Help
2006-09-01 à 19:36:20 - Identities
2008-09-06 à 15:28:18 - Microsoft
2006-09-02 à 14:36:18 - Mozilla
2006-09-07 à 16:01:36 - Oblivion
2006-11-11 à 18:19:21 - Ubisoft
2006-09-02 à 11:46:03 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2006-09-01 à 19:27:26 - ADSL Autoconnect
2006-09-04 à 17:42:23 - Ahead
2006-09-01 à 19:16:53 - Alcatel
2006-09-09 à 12:58:14 - Alcohol Soft
2008-09-06 à 15:42:07 - Alwil Software
2006-09-01 à 20:54:15 - Analog Devices
2006-11-16 à 19:41:19 - AOL 9.0
2006-11-15 à 20:01:21 - AOL Compagnon
2006-11-23 à 00:23:34 - AOL Toolbar
2006-11-15 à 19:29:11 - AOLbox
2008-09-03 à 13:54:30 - Apple Software Update
2008-09-03 à 16:14:24 - Ares
2008-09-06 à 16:28:18 - AskSBar
2008-09-06 à 15:50:29 - Avira
2008-09-03 à 13:55:50 - Bonjour
2008-09-06 à 16:00:34 - CCleaner
2008-09-06 à 17:23:32 - COMODO
2006-09-01 à 14:06:42 - ComPlus Applications
2006-09-09 à 19:54:09 - CyberLink
2008-09-03 à 16:13:01 - eMule
2006-09-01 à 17:07:11 - Executive Software
2008-09-06 à 15:09:56 - Fichiers communs
2008-09-06 à 11:37:03 - ikvcgg
2008-09-03 à 15:12:23 - InstallShield Installation Information
2008-09-06 à 11:58:11 - Internet Explorer
2008-09-03 à 13:56:03 - iPod
2008-09-03 à 13:56:12 - iTunes
2008-09-03 à 13:44:58 - Java
2006-11-07 à 10:33:48 - Learn2.com
2008-09-09 à 13:47:45 - Lopxp
2008-09-06 à 14:02:09 - Malwarebytes' Anti-Malware
2006-11-14 à 20:29:30 - Marvell
2006-09-01 à 19:16:25 - Messager Wanadoo
2008-09-04 à 16:04:12 - Messenger
2006-12-01 à 19:29:02 - Micro Application
2006-09-01 à 14:08:40 - microsoft frontpage
2006-09-01 à 16:16:26 - Microsoft Office
2006-09-01 à 16:16:38 - Microsoft.NET
2006-09-02 à 08:58:03 - Movie Maker
2008-09-03 à 15:12:10 - Movies2iPhone
2008-09-09 à 12:19:06 - Mozilla Firefox
2006-09-01 à 14:06:27 - MSN
2006-09-01 à 14:06:20 - MSN Gaming Zone
2006-09-01 à 15:55:09 - NetMeeting
2006-09-01 à 20:18:25 - Outlook Express
2008-09-03 à 13:55:38 - QuickTime
2006-11-14 à 18:38:57 - Radmin
2006-11-07 à 10:32:41 - Real
2006-11-14 à 20:23:11 - RegCleaner
2006-09-01 à 14:06:27 - Services en ligne
2006-09-01 à 21:13:35 - Sunbelt Software
2006-11-28 à 17:30:51 - Teamspeak2_RC2
2006-10-08 à 20:33:34 - THQ
2008-09-06 à 16:22:37 - TuneUp Utilities 2006
2006-09-01 à 14:11:42 - Uninstall Information
2006-09-01 à 20:27:50 - VideoLAN
2006-09-01 à 19:38:44 - Wanadoo
2006-11-27 à 19:02:48 - Winamp
2008-09-03 à 13:59:21 - Windows Live
2006-11-28 à 19:36:09 - Windows Live Safety Center
2006-09-17 à 11:44:33 - Windows Media Player
2006-09-01 à 15:55:07 - Windows NT
2006-09-01 à 14:06:27 - WindowsUpdate
2006-11-07 à 11:53:32 - WinRAR
2006-09-01 à 14:08:40 - xerox
2006-12-01 à 19:34:12 - Xfire
2006-11-14 à 20:05:54 - xp-AntiSpy
2008-09-03 à 18:00:56 - Zero G Registry
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Maintenance en 1 clic.job: C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe /schedulestart
========== Clés registre
========== Bloqueur popups Internet Explorer
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
+- Dossiers\Fichiers : Aucune suggestion.
+- Registre : Aucune suggestion.
- Fin du rapport -
le log HJK
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:52:35, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Christophe\Bureau\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [uhexzVfzg9] C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: taedrd.dll
O21 - SSODL: AppAdm - {49BD36A7-F680-A785-B01E-005FC47E944E} - C:\Program Files\ikvcgg\AppAdm.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:52:35, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Christophe\Bureau\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [uhexzVfzg9] C:\Documents and Settings\All Users\Application Data\slwxenqj\wfsjcbcb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: taedrd.dll
O21 - SSODL: AppAdm - {49BD36A7-F680-A785-B01E-005FC47E944E} - C:\Program Files\ikvcgg\AppAdm.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Télécharges SDFix à l'adresse ci-dessous :
https://www.malekal.com/slenfbot-still-an-other-irc-bot/
1) Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier sur le Bureau.
2) Redémarres ton ordinateur en mode sans échec :
- Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît, tapotes la touche F8 (ou F5 sur certains PC) jusqu'à l'affichage du menu des options avancées de Windows.
- Sélectionnes "Mode sans échec" et appuyes sur la touche Enter.
- Choisis ta session habituelle, pas le compte "Administrateur".
3) Ouvres le dossier SDFix et double cliques sur "RunThis.bat".
4) Appuies sur Y pour commencer le processus de nettoyage.
5) Il te demandera à un moment d'appuyer sur une touche pour redémarrer, fais-le.
(Ton pc chargera un peu plus longtemps cette fois-ci car l'outil travaille.)
6) Lorsque ton pc est chargé, il affichera Finished.
7) Appuies sur une touche pour finir l'exécution du script.
8) Les icônes du Bureau affichées, le rapport SDFix apparaitra et s'enregistrera aussi dans le dossier SDFix sous le nom "Report.txt".
9) Colles le fichier Report.txt et refais un log Hijackthis.
https://www.malekal.com/slenfbot-still-an-other-irc-bot/
1) Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier sur le Bureau.
2) Redémarres ton ordinateur en mode sans échec :
- Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît, tapotes la touche F8 (ou F5 sur certains PC) jusqu'à l'affichage du menu des options avancées de Windows.
- Sélectionnes "Mode sans échec" et appuyes sur la touche Enter.
- Choisis ta session habituelle, pas le compte "Administrateur".
3) Ouvres le dossier SDFix et double cliques sur "RunThis.bat".
4) Appuies sur Y pour commencer le processus de nettoyage.
5) Il te demandera à un moment d'appuyer sur une touche pour redémarrer, fais-le.
(Ton pc chargera un peu plus longtemps cette fois-ci car l'outil travaille.)
6) Lorsque ton pc est chargé, il affichera Finished.
7) Appuies sur une touche pour finir l'exécution du script.
8) Les icônes du Bureau affichées, le rapport SDFix apparaitra et s'enregistrera aussi dans le dossier SDFix sous le nom "Report.txt".
9) Colles le fichier Report.txt et refais un log Hijackthis.
