Sujet Précédent Sujet Suivant

Ordi verolé

celice -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,
Pourriez vous m'aider, voilà le compte rendu de hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:33:10, on 20/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
c:\Program Files\Fichiers communs\Symantec Shared\NMain.exe
c:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Flag Owns Live Grim] C:\Documents and Settings\All Users\Application Data\Software rule flag owns\Clock License.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Dog This] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\INSIDE~1\MANAGERINTERHELP.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
A voir également:

25 réponses

  • 1
  • 2
Réponse 1 / 25
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Salut,

Important : Désactive TeaTimer, le résident de Spybot, il va gêner la désinfection en empêchant la modification des BHO.

---> Démarre Spybot, clique sur Mode, coche Mode avancé
---> A gauche, clique sur Outils, puis sur Résident
---> Décoche la case devant Résident "TeaTimer" :
http://apu.mabul.org/up/5/apu-5-gpdx9e06cwz2dypom2q7n6nc.jpg
---> Quitte Spybot

Note : Je te conseille de ne pas le réactiver, il a été incapable d'empêcher l'infection de ton PC.

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
0
Réponse 2 / 25
celice
 
le voili le voilà....

--------------------\\ Lop S&D 4.2.4-4 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 09/07/05 11:51:31 Ver: 08.00.12
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2005 (Activated)
Firewall : Norton Internet Security 2005 (Activated)
C:\ (Local Disk) - NTFS - Total : 226 Go Free : 166 Go
D:\ (Local Disk) - NTFS - Total : 5 Go Free : 3 Go
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 20/09/2008|10:55 )

--------------------\\ Listing des dossiers dans APPLIC~1

[01/01/2005|10:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[25/11/2004|05:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/01/2005|11:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2005|11:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[01/01/2005|11:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[12/09/2008|22:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[20/09/2008|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/03/2007|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[26/12/2007|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/01/2005|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/09/2006|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[27/01/2007|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/04/2007|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[12/12/2005|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GTek
[01/01/2005|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[01/01/2005|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[20/07/2008|14:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[02/11/2007|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[28/01/2006|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[01/01/2005|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/04/2007|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[01/09/2006|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[01/01/2005|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2005|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[02/11/2007|09:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[10/06/2008|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[14/09/2008|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
[01/01/2005|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[01/11/2006|16:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[18/09/2008|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/01/2005|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[10/12/2005|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[21/02/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/04/2007|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[01/01/2005|10:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2005|11:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2005|11:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2005|11:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[20/05/2008|14:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[09/06/2008|20:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[12/09/2008|13:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\alot
[26/03/2007|17:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
[20/03/2008|20:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[14/02/2008|15:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Camfrog
[20/05/2008|13:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CamfrogWEB
[01/09/2006|10:44] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DataLayer
[26/12/2005|13:25] C:\DOCUME~1\HP_PRO~1\APPLIC~1\FotoWire
[27/01/2007|18:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[20/06/2006|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[22/03/2006|20:57] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[15/12/2005|18:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[18/12/2005|21:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterVideo
[11/12/2005|00:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
[14/12/2005|18:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[12/09/2008|12:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\LimeWire
[10/12/2005|22:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[25/08/2008|17:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[29/02/2008|14:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[23/12/2005|11:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Morpheus
[24/03/2007|13:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[18/12/2005|21:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[25/04/2007|19:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\My Battle for Middle-earth(tm) II Files
[19/07/2006|13:51] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nikon
[01/09/2006|11:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nokia
[01/09/2006|10:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PC Suite
[15/12/2005|17:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PC Tools
[26/08/2006|13:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[01/01/2005|11:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[02/11/2007|09:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SiteAdvisor(2)
[06/09/2008|23:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skype
[07/09/2008|00:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\skypePM
[14/12/2005|18:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[11/12/2005|18:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[07/06/2007|16:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[29/03/2007|16:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Talkback
[15/01/2006|12:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[06/07/2008|13:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc
[29/09/2006|10:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\You've Got Pictures Screensaver

[18/09/2008|16:45] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Adobe
[20/09/2008|09:17] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\AdobeUM
[13/09/2008|13:49] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Apple Computer
[13/09/2008|17:40] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\DivX
[13/09/2008|11:31] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Google
[25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Identities
[14/09/2008|10:03] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside readme lite
[14/09/2008|20:13] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Lavasoft
[20/09/2008|10:55] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\LimeWire
[12/09/2008|21:44] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Macromedia
[12/09/2008|22:45] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Microsoft
[13/09/2008|11:38] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Mozilla
[12/09/2008|21:34] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\MSNInstaller
[13/09/2008|11:39] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Real
[01/01/2005|11:01] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\SampleView
[12/09/2008|21:27] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Symantec
[13/09/2008|11:38] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Talkback

[01/01/2005|10:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[02/11/2007|09:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor(2)
[18/12/2005|23:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot

[01/01/2005|10:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[18/12/2005|22:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[20/09/2008 10:00][--ah-----] C:\WINDOWS\tasks\A713F92491A46338.job
[12/09/2008 21:53][--a------] C:\WINDOWS\tasks\Connexion facile … Internet.job
[12/09/2008 21:18][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
[12/09/2008 22:50][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/09/2008 10:45][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[15/08/2008 20:00][--a------] C:\WINDOWS\tasks\Norton Internet Security - Analyse systŠme complŠte - HP_Propri‚taire.job
[20/09/2008 10:51][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[20/09/2008 09:10][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

( A713F92491A46338.job )=( c:\docume~1\hp_pro~1.nom\applic~1\inside~1\Logliesgram.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[13/01/2007|14:30] C:\Program Files\360Share Pro
[01/01/2005|10:55] C:\Program Files\Adobe
[25/08/2008|15:23] C:\Program Files\alot
[02/11/2007|09:59] C:\Program Files\Alwil Software
[26/08/2006|12:35] C:\Program Files\aod
[15/12/2005|13:38] C:\Program Files\AOL 9.0
[12/09/2008|22:50] C:\Program Files\Apple Software Update
[19/07/2006|13:49] C:\Program Files\ArcSoft
[18/12/2005|20:42] C:\Program Files\BeWAN ADSL V1.9.0.3
[14/09/2008|10:12] C:\Program Files\BitDownload
[12/09/2008|22:52] C:\Program Files\Bonjour
[25/08/2008|15:23] C:\Program Files\Camfrog
[31/12/2007|16:16] C:\Program Files\CFWebAdvancedU
[24/11/2004|03:37] C:\Program Files\ComPlus Applications
[10/05/2007|09:00] C:\Program Files\Dial-Messenger
[01/09/2006|11:07] C:\Program Files\DIFX
[13/09/2008|17:35] C:\Program Files\DivX
[27/07/2008|11:06] C:\Program Files\Dofus
[12/09/2008|21:53] C:\Program Files\Easy Internet signup
[19/09/2007|16:51] C:\Program Files\Eidos Interactive
[13/09/2008|10:47] C:\Program Files\eMule
[14/09/2008|20:36] C:\Program Files\Enigma Software Group
[20/09/2008|09:10] C:\Program Files\Fichiers communs
[01/01/2005|11:09] C:\Program Files\Google
[01/01/2005|10:54] C:\Program Files\Hewlett-Packard
[01/01/2005|10:43] C:\Program Files\HP
[19/12/2006|15:07] C:\Program Files\IKEA HomePlanner
[13/05/2006|18:05] C:\Program Files\Illustrate
[14/09/2008|10:01] C:\Program Files\inside readme lite
[01/01/2005|11:06] C:\Program Files\InstallShield Installation Information
[13/09/2008|13:27] C:\Program Files\Internet Explorer
[01/01/2005|10:54] C:\Program Files\InterVideo
[01/01/2005|10:57] C:\Program Files\iPod
[21/04/2006|15:12] C:\Program Files\iRiver
[12/09/2008|22:53] C:\Program Files\iTunes
[01/01/2005|10:29] C:\Program Files\Java
[19/12/2005|18:02] C:\Program Files\Kazaa
[25/08/2008|17:27] C:\Program Files\K-Lite Codec Pack
[20/07/2008|14:39] C:\Program Files\Lavasoft
[10/12/2005|22:46] C:\Program Files\Learn2.com
[13/09/2008|09:46] C:\Program Files\LimeWire
[10/03/2006|14:21] C:\Program Files\Logitech
[02/11/2007|09:28] C:\Program Files\McAfee
[02/11/2007|09:16] C:\Program Files\McAfee.com
[13/09/2008|12:46] C:\Program Files\Messenger
[11/06/2007|20:45] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[25/11/2004|05:27] C:\Program Files\microsoft frontpage
[15/09/2008|19:56] C:\Program Files\Microsoft LifeCam
[01/01/2005|10:56] C:\Program Files\Microsoft Office
[01/01/2005|10:56] C:\Program Files\Microsoft Works
[14/01/2007|11:35] C:\Program Files\Morpheus Ultra
[13/09/2008|12:04] C:\Program Files\Movie Maker
[13/09/2008|11:38] C:\Program Files\Mozilla Firefox
[13/05/2006|17:50] C:\Program Files\MP3 Player Utilities
[14/09/2008|20:41] C:\Program Files\MSBuild
[12/09/2008|21:47] C:\Program Files\MSN
[25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
[13/09/2008|12:25] C:\Program Files\MSN Messenger
[12/09/2008|21:44] C:\Program Files\MSN Toolbar
[11/06/2007|20:49] C:\Program Files\MSXML 4.0
[10/03/2006|14:52] C:\Program Files\MUSICMATCH
[01/01/2005|10:59] C:\Program Files\muvee Technologies
[18/12/2005|22:47] C:\Program Files\Need2Find
[13/09/2008|12:03] C:\Program Files\NetMeeting
[19/07/2006|13:50] C:\Program Files\Nikon
[13/09/2008|09:16] C:\Program Files\Norton Internet Security
[18/12/2005|20:43] C:\Program Files\Nullsoft
[25/11/2004|05:27] C:\Program Files\Online Services
[13/09/2008|12:03] C:\Program Files\Outlook Express
[27/07/2008|11:21] C:\Program Files\Palm
[01/01/2005|11:11] C:\Program Files\PC-Doctor 5 for Windows
[17/03/2007|13:41] C:\Program Files\Picasa2
[29/03/2007|16:07] C:\Program Files\Power IE
[12/09/2008|22:52] C:\Program Files\QuickTime
[26/08/2006|13:37] C:\Program Files\Real
[14/09/2008|20:41] C:\Program Files\Reference Assemblies
[19/07/2008|10:46] C:\Program Files\Safari
[13/09/2008|11:04] C:\Program Files\SAGEM
[29/03/2007|13:33] C:\Program Files\Securitoo
[01/01/2005|11:09] C:\Program Files\Services en ligne
[25/12/2006|11:07] C:\Program Files\SigmaTel
[02/11/2007|09:28] C:\Program Files\SiteAdvisor(2)
[10/06/2008|17:49] C:\Program Files\Skype
[01/01/2005|10:53] C:\Program Files\Sonic
[01/11/2006|16:23] C:\Program Files\Sony Ericsson
[14/09/2008|19:49] C:\Program Files\Spybot - Search & Destroy
[12/09/2008|21:58] C:\Program Files\Symantec
[12/09/2008|21:58] C:\Program Files\SymNetDrv
[25/12/2006|10:52] C:\Program Files\TechCity Solutions
[20/02/2008|16:45] C:\Program Files\The Weather Channel FW
[20/09/2008|09:31] C:\Program Files\Trend Micro
[24/11/2004|03:37] C:\Program Files\Uninstall Information
[27/07/2008|11:10] C:\Program Files\VideoLAN
[10/12/2005|22:46] C:\Program Files\Viewpoint
[20/09/2008|10:17] C:\Program Files\Wanadoo
[29/11/2007|13:57] C:\Program Files\WebMediaPlayer
[20/08/2007|00:53] C:\Program Files\Winamp
[27/04/2007|14:46] C:\Program Files\Windows Live Favorites
[30/11/2007|18:44] C:\Program Files\Windows Live Toolbar
[06/12/2006|21:42] C:\Program Files\Windows Media Connect 2
[14/09/2008|19:56] C:\Program Files\Windows Media Player
[13/09/2008|12:03] C:\Program Files\Windows NT
[24/11/2004|03:37] C:\Program Files\WindowsUpdate
[13/01/2007|10:53] C:\Program Files\WinRAR
[25/11/2004|05:28] C:\Program Files\xerox
[12/07/2007|16:32] C:\Program Files\YesMessenger

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[20/09/2008|09:19] C:\Program Files\Fichiers communs\Adobe
[26/03/2007|17:56] C:\Program Files\Fichiers communs\AOL
[25/12/2006|10:55] C:\Program Files\Fichiers communs\aolback
[12/09/2008|22:51] C:\Program Files\Fichiers communs\Apple
[26/12/2005|13:25] C:\Program Files\Fichiers communs\FotoWire
[01/01/2005|10:48] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2005|10:46] C:\Program Files\Fichiers communs\HP
[01/01/2005|10:59] C:\Program Files\Fichiers communs\InstallShield
[01/01/2005|10:29] C:\Program Files\Fichiers communs\Java
[01/01/2005|10:53] C:\Program Files\Fichiers communs\LightScribe
[10/03/2006|14:19] C:\Program Files\Fichiers communs\Logitech
[02/11/2007|09:28] C:\Program Files\Fichiers communs\McAfee
[01/01/2005|10:56] C:\Program Files\Fichiers communs\Microsoft Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
[01/01/2005|10:59] C:\Program Files\Fichiers communs\muvee Technologies
[19/07/2006|13:51] C:\Program Files\Fichiers communs\Nikon
[29/09/2006|10:19] C:\Program Files\Fichiers communs\Nullsoft
[25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
[26/08/2006|13:37] C:\Program Files\Fichiers communs\Real
[13/09/2008|03:47] C:\Program Files\Fichiers communs\Services
[10/06/2008|17:48] C:\Program Files\Fichiers communs\Skype
[01/01/2005|10:52] C:\Program Files\Fichiers communs\Sonic Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
[01/01/2005|10:52] C:\Program Files\Fichiers communs\SureThing Shared
[18/09/2008|19:05] C:\Program Files\Fichiers communs\Symantec Shared
[13/09/2008|12:03] C:\Program Files\Fichiers communs\System
[01/01/2005|10:53] C:\Program Files\Fichiers communs\TiVo Shared
[14/09/2008|20:03] C:\Program Files\Fichiers communs\Wise Installation Wizard
[26/08/2006|13:37] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 69 Processes )

IEXPLORE.EXE ~ [PID:632]
IEXPLORE.EXE ~ [PID:2532]
IEXPLORE.EXE ~ [PID:5968]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\INSIDE~1
C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\INSIDE~1\ikmusqoo.exe
C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\INSIDE~1\Log lies gram.exe
C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\INSIDE~1\MANAGERINTERHELP.exe
C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\INSIDE~1\xpzbcikq.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Clock License.exe
C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1
C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1\ikmusqoo.exe
C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1\Log lies gram.exe
C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1\MANAGERINTERHELP.exe
C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1\xpzbcikq.exe
C:\Program Files\inside~1
C:\Program Files\BitDownload
C:\DOCUME~1\HP_PRO~1.NOM\Cookies\hp_propriétaire@advertising[2].txt
C:\DOCUME~1\HP_PRO~1.NOM\Cookies\hp_propriétaire@adopt.euroclick[1].txt
C:\WINDOWS\Tasks\A713F92491A46338.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Safe media beep]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\HP_PRO~1.NOM\\APPLIC~1\\INSIDE~1\\MANAGERINTERHELP.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dog This"="C:\\DOCUME~1\\HP_PRO~1.NOM\\APPLIC~1\\INSIDE~1\\MANAGERINTERHELP.exe"
"Dog This"="C:\\DOCUME~1\\HP_PRO~1.NOM\\APPLIC~1\\INSIDE~1\\MANAGERINTERHELP.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Flag Owns Live Grim"="C:\\Documents and Settings\\All Users\\Application Data\\Software rule flag owns\\Clock License.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 11:00:24
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\Program Files\WebMediaPlayer
C:\Program Files\WebMediaPlayer\Conditions g‚n‚rales.url
C:\Program Files\WebMediaPlayer\Confidentialit‚.url
C:\Program Files\WebMediaPlayer\resources
C:\Program Files\WebMediaPlayer\skins
C:\Program Files\WebMediaPlayer\sqlite3.dll
C:\Program Files\WebMediaPlayer\uninst.exe
C:\Program Files\WebMediaPlayer\updates
C:\Program Files\WebMediaPlayer\Website.url
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer\Conditions g‚n‚rales.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer\Confidentialit‚.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer\WebMediaPlayer.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer\Website.lnk
C:\WINDOWS\Pack.epk
[b]==> EGDACCESS <==/b

[F:33][D:76]-> C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\Temp
[F:62][D:0]-> C:\DOCUME~1\HP_PRO~1.NOM\Cookies
[F:1839][D:5]-> C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 20/09/2008|11:03 - Option : [1]

--------------------\\ Fin du rapport a 11:03:29
0
Réponse 3 / 25
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
0
Réponse 4 / 25
celice
 
le revoili....

--------------------\\ Lop S&D 4.2.4-4 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 09/07/05 11:51:31 Ver: 08.00.12
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2005 (Activated)
Firewall : Norton Internet Security 2005 (Activated)
C:\ (Local Disk) - NTFS - Total : 226 Go Free : 166 Go
D:\ (Local Disk) - NTFS - Total : 5 Go Free : 3 Go
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [2] ( 20/09/2008|14:57 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Clock License.exe
Supprime! - C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1\ikmusqoo.exe
Supprime! - C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1\Log lies gram.exe
Supprime! - C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1\MANAGERINTERHELP.exe
Supprime! - C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1\xpzbcikq.exe
Supprime! - C:\DOCUME~1\HP_PRO~1.NOM\Cookies\hp_propriétaire@advertising[2].txt
Supprime! - C:\DOCUME~1\HP_PRO~1.NOM\Cookies\hp_propriétaire@adopt.euroclick[1].txt
Supprime! - C:\WINDOWS\Tasks\A713F92491A46338.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
Supprime! - C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\inside~1
Supprime! - C:\Program Files\inside~1
Supprime! - C:\Program Files\BitDownload

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Application Data

[01/01/2005|10:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[25/11/2004|05:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/01/2005|11:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2005|11:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[01/01/2005|11:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[12/09/2008|22:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[20/09/2008|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/03/2007|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[26/12/2007|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/01/2005|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/09/2006|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[27/01/2007|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/04/2007|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[12/12/2005|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GTek
[01/01/2005|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[01/01/2005|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[20/07/2008|14:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[02/11/2007|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[28/01/2006|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[01/01/2005|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/04/2007|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[01/09/2006|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[01/01/2005|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2005|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[02/11/2007|09:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[10/06/2008|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[01/01/2005|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[01/11/2006|16:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[18/09/2008|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/01/2005|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[21/02/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/04/2007|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[01/01/2005|10:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2005|11:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2005|11:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2005|11:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[20/05/2008|14:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[09/06/2008|20:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[12/09/2008|13:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\alot
[26/03/2007|17:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AOL
[20/03/2008|20:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[14/02/2008|15:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Camfrog
[20/05/2008|13:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CamfrogWEB
[01/09/2006|10:44] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DataLayer
[26/12/2005|13:25] C:\DOCUME~1\HP_PRO~1\APPLIC~1\FotoWire
[27/01/2007|18:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[20/06/2006|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[22/03/2006|20:57] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[15/12/2005|18:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[18/12/2005|21:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterVideo
[11/12/2005|00:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
[14/12/2005|18:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[12/09/2008|12:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\LimeWire
[10/12/2005|22:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[25/08/2008|17:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[29/02/2008|14:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[23/12/2005|11:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Morpheus
[24/03/2007|13:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[18/12/2005|21:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[25/04/2007|19:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\My Battle for Middle-earth(tm) II Files
[19/07/2006|13:51] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nikon
[01/09/2006|11:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nokia
[01/09/2006|10:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PC Suite
[15/12/2005|17:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PC Tools
[26/08/2006|13:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[01/01/2005|11:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[02/11/2007|09:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SiteAdvisor(2)
[06/09/2008|23:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skype
[07/09/2008|00:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\skypePM
[14/12/2005|18:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[11/12/2005|18:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[07/06/2007|16:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[29/03/2007|16:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Talkback
[15/01/2006|12:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[06/07/2008|13:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc
[29/09/2006|10:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\You've Got Pictures Screensaver

[18/09/2008|16:45] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Adobe
[20/09/2008|09:17] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\AdobeUM
[13/09/2008|13:49] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Apple Computer
[13/09/2008|17:40] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\DivX
[13/09/2008|11:31] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Google
[25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Identities
[14/09/2008|20:13] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Lavasoft
[20/09/2008|14:57] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\LimeWire
[12/09/2008|21:44] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Macromedia
[12/09/2008|22:45] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Microsoft
[13/09/2008|11:38] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Mozilla
[12/09/2008|21:34] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\MSNInstaller
[13/09/2008|11:39] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Real
[01/01/2005|11:01] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\SampleView
[12/09/2008|21:27] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Symantec
[13/09/2008|11:38] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Talkback

[01/01/2005|10:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[02/11/2007|09:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor(2)
[18/12/2005|23:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot

[01/01/2005|10:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[18/12/2005|22:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/09/2008 21:53][--a------] C:\WINDOWS\tasks\Connexion facile … Internet.job
[12/09/2008 21:18][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
[12/09/2008 22:50][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/09/2008 14:45][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[15/08/2008 20:00][--a------] C:\WINDOWS\tasks\Norton Internet Security - Analyse systŠme complŠte - HP_Propri‚taire.job
[20/09/2008 14:56][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[20/09/2008 09:10][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[13/01/2007|14:30] C:\Program Files\360Share Pro
[01/01/2005|10:55] C:\Program Files\Adobe
[25/08/2008|15:23] C:\Program Files\alot
[02/11/2007|09:59] C:\Program Files\Alwil Software
[26/08/2006|12:35] C:\Program Files\aod
[15/12/2005|13:38] C:\Program Files\AOL 9.0
[12/09/2008|22:50] C:\Program Files\Apple Software Update
[19/07/2006|13:49] C:\Program Files\ArcSoft
[18/12/2005|20:42] C:\Program Files\BeWAN ADSL V1.9.0.3
[12/09/2008|22:52] C:\Program Files\Bonjour
[25/08/2008|15:23] C:\Program Files\Camfrog
[31/12/2007|16:16] C:\Program Files\CFWebAdvancedU
[24/11/2004|03:37] C:\Program Files\ComPlus Applications
[10/05/2007|09:00] C:\Program Files\Dial-Messenger
[01/09/2006|11:07] C:\Program Files\DIFX
[13/09/2008|17:35] C:\Program Files\DivX
[27/07/2008|11:06] C:\Program Files\Dofus
[12/09/2008|21:53] C:\Program Files\Easy Internet signup
[19/09/2007|16:51] C:\Program Files\Eidos Interactive
[13/09/2008|10:47] C:\Program Files\eMule
[14/09/2008|20:36] C:\Program Files\Enigma Software Group
[20/09/2008|09:10] C:\Program Files\Fichiers communs
[01/01/2005|11:09] C:\Program Files\Google
[01/01/2005|10:54] C:\Program Files\Hewlett-Packard
[01/01/2005|10:43] C:\Program Files\HP
[19/12/2006|15:07] C:\Program Files\IKEA HomePlanner
[13/05/2006|18:05] C:\Program Files\Illustrate
[01/01/2005|11:06] C:\Program Files\InstallShield Installation Information
[13/09/2008|13:27] C:\Program Files\Internet Explorer
[01/01/2005|10:54] C:\Program Files\InterVideo
[01/01/2005|10:57] C:\Program Files\iPod
[21/04/2006|15:12] C:\Program Files\iRiver
[12/09/2008|22:53] C:\Program Files\iTunes
[01/01/2005|10:29] C:\Program Files\Java
[19/12/2005|18:02] C:\Program Files\Kazaa
[25/08/2008|17:27] C:\Program Files\K-Lite Codec Pack
[20/07/2008|14:39] C:\Program Files\Lavasoft
[10/12/2005|22:46] C:\Program Files\Learn2.com
[13/09/2008|09:46] C:\Program Files\LimeWire
[10/03/2006|14:21] C:\Program Files\Logitech
[02/11/2007|09:28] C:\Program Files\McAfee
[02/11/2007|09:16] C:\Program Files\McAfee.com
[13/09/2008|12:46] C:\Program Files\Messenger
[11/06/2007|20:45] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[25/11/2004|05:27] C:\Program Files\microsoft frontpage
[15/09/2008|19:56] C:\Program Files\Microsoft LifeCam
[01/01/2005|10:56] C:\Program Files\Microsoft Office
[01/01/2005|10:56] C:\Program Files\Microsoft Works
[14/01/2007|11:35] C:\Program Files\Morpheus Ultra
[13/09/2008|12:04] C:\Program Files\Movie Maker
[13/09/2008|11:38] C:\Program Files\Mozilla Firefox
[13/05/2006|17:50] C:\Program Files\MP3 Player Utilities
[14/09/2008|20:41] C:\Program Files\MSBuild
[12/09/2008|21:47] C:\Program Files\MSN
[25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
[13/09/2008|12:25] C:\Program Files\MSN Messenger
[12/09/2008|21:44] C:\Program Files\MSN Toolbar
[11/06/2007|20:49] C:\Program Files\MSXML 4.0
[10/03/2006|14:52] C:\Program Files\MUSICMATCH
[01/01/2005|10:59] C:\Program Files\muvee Technologies
[18/12/2005|22:47] C:\Program Files\Need2Find
[13/09/2008|12:03] C:\Program Files\NetMeeting
[19/07/2006|13:50] C:\Program Files\Nikon
[13/09/2008|09:16] C:\Program Files\Norton Internet Security
[18/12/2005|20:43] C:\Program Files\Nullsoft
[25/11/2004|05:27] C:\Program Files\Online Services
[13/09/2008|12:03] C:\Program Files\Outlook Express
[27/07/2008|11:21] C:\Program Files\Palm
[01/01/2005|11:11] C:\Program Files\PC-Doctor 5 for Windows
[17/03/2007|13:41] C:\Program Files\Picasa2
[29/03/2007|16:07] C:\Program Files\Power IE
[12/09/2008|22:52] C:\Program Files\QuickTime
[26/08/2006|13:37] C:\Program Files\Real
[14/09/2008|20:41] C:\Program Files\Reference Assemblies
[19/07/2008|10:46] C:\Program Files\Safari
[13/09/2008|11:04] C:\Program Files\SAGEM
[29/03/2007|13:33] C:\Program Files\Securitoo
[01/01/2005|11:09] C:\Program Files\Services en ligne
[25/12/2006|11:07] C:\Program Files\SigmaTel
[02/11/2007|09:28] C:\Program Files\SiteAdvisor(2)
[10/06/2008|17:49] C:\Program Files\Skype
[01/01/2005|10:53] C:\Program Files\Sonic
[01/11/2006|16:23] C:\Program Files\Sony Ericsson
[14/09/2008|19:49] C:\Program Files\Spybot - Search & Destroy
[12/09/2008|21:58] C:\Program Files\Symantec
[12/09/2008|21:58] C:\Program Files\SymNetDrv
[25/12/2006|10:52] C:\Program Files\TechCity Solutions
[20/02/2008|16:45] C:\Program Files\The Weather Channel FW
[20/09/2008|09:31] C:\Program Files\Trend Micro
[24/11/2004|03:37] C:\Program Files\Uninstall Information
[27/07/2008|11:10] C:\Program Files\VideoLAN
[20/09/2008|14:57] C:\Program Files\Wanadoo
[29/11/2007|13:57] C:\Program Files\WebMediaPlayer
[20/08/2007|00:53] C:\Program Files\Winamp
[27/04/2007|14:46] C:\Program Files\Windows Live Favorites
[30/11/2007|18:44] C:\Program Files\Windows Live Toolbar
[06/12/2006|21:42] C:\Program Files\Windows Media Connect 2
[14/09/2008|19:56] C:\Program Files\Windows Media Player
[13/09/2008|12:03] C:\Program Files\Windows NT
[24/11/2004|03:37] C:\Program Files\WindowsUpdate
[13/01/2007|10:53] C:\Program Files\WinRAR
[25/11/2004|05:28] C:\Program Files\xerox
[12/07/2007|16:32] C:\Program Files\YesMessenger

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[20/09/2008|09:20] C:\Program Files\Fichiers communs\Adobe
[26/03/2007|17:56] C:\Program Files\Fichiers communs\AOL
[25/12/2006|10:55] C:\Program Files\Fichiers communs\aolback
[12/09/2008|22:51] C:\Program Files\Fichiers communs\Apple
[26/12/2005|13:25] C:\Program Files\Fichiers communs\FotoWire
[01/01/2005|10:48] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2005|10:46] C:\Program Files\Fichiers communs\HP
[01/01/2005|10:59] C:\Program Files\Fichiers communs\InstallShield
[01/01/2005|10:29] C:\Program Files\Fichiers communs\Java
[01/01/2005|10:53] C:\Program Files\Fichiers communs\LightScribe
[10/03/2006|14:19] C:\Program Files\Fichiers communs\Logitech
[02/11/2007|09:28] C:\Program Files\Fichiers communs\McAfee
[01/01/2005|10:56] C:\Program Files\Fichiers communs\Microsoft Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
[01/01/2005|10:59] C:\Program Files\Fichiers communs\muvee Technologies
[19/07/2006|13:51] C:\Program Files\Fichiers communs\Nikon
[29/09/2006|10:19] C:\Program Files\Fichiers communs\Nullsoft
[25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
[26/08/2006|13:37] C:\Program Files\Fichiers communs\Real
[13/09/2008|03:47] C:\Program Files\Fichiers communs\Services
[10/06/2008|17:48] C:\Program Files\Fichiers communs\Skype
[01/01/2005|10:52] C:\Program Files\Fichiers communs\Sonic Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
[01/01/2005|10:52] C:\Program Files\Fichiers communs\SureThing Shared
[18/09/2008|19:05] C:\Program Files\Fichiers communs\Symantec Shared
[13/09/2008|12:03] C:\Program Files\Fichiers communs\System
[01/01/2005|10:53] C:\Program Files\Fichiers communs\TiVo Shared
[14/09/2008|20:03] C:\Program Files\Fichiers communs\Wise Installation Wizard
[26/08/2006|13:37] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 65 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 14:59:44
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\Program Files\WebMediaPlayer
C:\Program Files\WebMediaPlayer\Conditions g‚n‚rales.url
C:\Program Files\WebMediaPlayer\Confidentialit‚.url
C:\Program Files\WebMediaPlayer\resources
C:\Program Files\WebMediaPlayer\skins
C:\Program Files\WebMediaPlayer\sqlite3.dll
C:\Program Files\WebMediaPlayer\updates
C:\Program Files\WebMediaPlayer\Website.url
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer\Conditions g‚n‚rales.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer\Confidentialit‚.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer\WebMediaPlayer.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\WebMediaPlayer\Website.lnk
C:\WINDOWS\Pack.epk
[b]==> EGDACCESS <==/b

[F:33][D:76]-> C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\Temp
[F:64][D:0]-> C:\DOCUME~1\HP_PRO~1.NOM\Cookies
[F:1964][D:5]-> C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 20/09/2008|11:03 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 20/09/2008|15:01 - Option : [2]

--------------------\\ Fin du rapport a 15:01:48
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Supprime Lop S&D

---> Puis fais ceci :

- Télécharge Navilog1 (de IL-MAFIOSO) et enregistre-le sur le bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

- Double-clique sur Navilog1.exe afin de lancer l'installation

- Si le fix ne lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le bureau

- Appuie sur F ou f puis valide par Entrée

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options

- Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix

- Patiente jusqu'au message : *** Analyse Termine le ..... ***

- Le scan fini, le bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse

- Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
0
Réponse 6 / 25
celice
 
Search Navipromo version 3.6.5 commencé le 21/09/2008 à 11:16:47,87

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "HP_Propriétaire"

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

...\WebMediaPlayer trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\HP_PRO~2\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\HP_PRO~2\locals~1\applic~1" *

*** Recherche fichiers ***

C:\WINDOWS\pack.epk trouvé !

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

* Dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\locals~1\applic~1" :

le rapport....

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :

* Dans "C:\DOCUME~1\HP_PRO~2\locals~1\applic~1" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 21/09/2008 à 11:23:50,31 ***
0
Réponse 7 / 25
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Relance Navilog1, fais l'option 2 et poste le rapport.
0
Réponse 8 / 25
celice
 
voila....

Clean Navipromo version 3.6.5 commencé le 21/09/2008 à 13:23:04,96

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "HP_Propriétaire"

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS

Nettoyage exécuté au redémarrage de l'ordinateur

*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *

* Suppression dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\HP_PRO~2\locals~1\applic~1" *

*** Suppression dossiers dans "C:\WINDOWS" ***

*** Suppression dossiers dans "C:\Program Files" ***

...\WebMediaPlayer ...suppression...
...\WebMediaPlayer supprimé !

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\HP_PRO~2\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***

*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\HP_Propri‚taire.NOM-EB85C523610\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans "C:\WINDOWS\system32" *

* Dans "C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\locals~1\applic~1" *

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Dans "C:\DOCUME~1\HP_PRO~2\locals~1\applic~1" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 21/09/2008 à 13:26:01,59 ***
0
Réponse 9 / 25
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Désinstalle Navilog1

---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
0
Réponse 10 / 25
celice
 
le rapport:

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1184
Windows 5.1.2600 Service Pack 3

21/09/2008 16:00:09
mbam-log-2008-09-21 (16-00-09).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 158358
Temps écoulé: 1 hour(s), 7 minute(s), 42 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\zgtatinzmc_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\zgtatinzmc_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\zgtatinzmc.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\icremov.bat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\uid.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
0
Réponse 11 / 25
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Relance MBAM, va dans Quarantaine et supprime tout

---> Poste un nouveau rapport HijackThis
0
Réponse 12 / 25
celice
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:22:38, on 22/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Dog This] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\INSIDE~1\MANAGERINTERHELP.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0
Réponse 13 / 25
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.ccleaner.com/ccleaner/download

---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.

---> Poste un nouveau rapport HijackThis
0
Réponse 14 / 25
celice
 
le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:58:37, on 23/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\vVX3000.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\Wanadoo\WOOBRO~1\DownloadManager.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0
Réponse 15 / 25
celice
 
le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:58:37, on 23/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\vVX3000.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\Wanadoo\WOOBRO~1\DownloadManager.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0
Réponse 16 / 25
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp

---> Relance HijackThis et choisis Do a system scan only

---> Coche les cases qui sont devant les lignes suivantes :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Redémarre ton PC et poste un nouveau rapport HijackThis
0
Réponse 17 / 25
celice
 
impossible de mettre JAVA à Jour....
0
Réponse 18 / 25
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Pour Java, utilise ceci :
http://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/VerifyItem-Start/jre-6u7-windows-i586-p.exe?BundledLineItemUUID=LN9IBe.lns0AAAEcFQoT3o.w&OrderID=F5NIBe.lx_YAAAEcBwoT3o.w&ProductID=BUtIBe.pr_UAAAEaTTMke7Zb&FileName=/jre-6u7-windows-i586-p.exe
0
Réponse 19 / 25
celice
 
le dernier rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:52, on 24/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\vVX3000.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0
Réponse 20 / 25
celice
 
le dernier rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:52, on 24/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\vVX3000.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0