Ordinateur très lent, pubs omniprésentes...
Carina
-
guillaume -
guillaume -
Bonsoir,
Voilà j'ai un gros souci depuis 2 semaines avec mon ordi, il est très lent et lorsque je navigue sur internet, des fenêtres de pubs s'affichent continuellement, c'est de pire en pire ces jours-ci... En naviguant sur le web j'ai constaté que beaucioup de personnes avaient ce problème ces temps-ci...
Si quelqu'un pouvait m'aider à résoudre ce problème assez rapidement ce serait gentil...
Voici le rapport de mon scan HiJackThis...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:29:00, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SurfairyHlp Class - {E0B9B5FE-B66E-4FB0-A1D9-726F0E743CFD} - C:\Program Files\Surfairy\SurfairyPP.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Help Creative Meow City] C:\Documents and Settings\All Users\Application Data\aim rect help creative\HOLD HIDE.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ford keep] C:\DOCUME~1\Carina\APPLIC~1\OPTION~1\2 Bin Flag.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Global Startup: Hp psc 700 series.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Carina\Application Data\Dealio\kb126\res\DealioSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Suggestions - {2223664C-1942-4276-9A2D-E8D8F547C5D2} - res://EffiPeled (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Voilà j'ai un gros souci depuis 2 semaines avec mon ordi, il est très lent et lorsque je navigue sur internet, des fenêtres de pubs s'affichent continuellement, c'est de pire en pire ces jours-ci... En naviguant sur le web j'ai constaté que beaucioup de personnes avaient ce problème ces temps-ci...
Si quelqu'un pouvait m'aider à résoudre ce problème assez rapidement ce serait gentil...
Voici le rapport de mon scan HiJackThis...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:29:00, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SurfairyHlp Class - {E0B9B5FE-B66E-4FB0-A1D9-726F0E743CFD} - C:\Program Files\Surfairy\SurfairyPP.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Help Creative Meow City] C:\Documents and Settings\All Users\Application Data\aim rect help creative\HOLD HIDE.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ford keep] C:\DOCUME~1\Carina\APPLIC~1\OPTION~1\2 Bin Flag.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Global Startup: Hp psc 700 series.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Carina\Application Data\Dealio\kb126\res\DealioSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Suggestions - {2223664C-1942-4276-9A2D-E8D8F547C5D2} - res://EffiPeled (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
A voir également:
- Ordinateur très lent, pubs omniprésentes...
- Pc tres lent - Guide
- Réinitialiser ordinateur - Guide
- Clavier de l'ordinateur - Guide
- Bloquer les pubs youtube - Accueil - Streaming
- Mon mac est lent comment le nettoyer - Guide
20 réponses
Salut
Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
TUTO :: http://www.malekal.com/Adware.Magic_Control.php
Bon courage
A++
Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
TUTO :: http://www.malekal.com/Adware.Magic_Control.php
Bon courage
A++
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Je n'ai pas de page d'accueil, j'ai simplment laissé une page vierge, mais dés que je commence à ouvrir des page web j'ai des pubs aussitôt. Mon ordi est lent et se bloque de temps en temps pendant de courts instants aussi bien sur internet que ds laes autres programmes... Je pense qu'il y a un virus, non ? Que dit mon scan HijackThis ?
Salut
essaye ceci:malware bytes anti malware, lien ici:http://www.commentcamarche.net/telecharger/logiciel 4 securite
tuto ici:http://www.malekal.com/menu_tutorials_logiciels.php
essaye ceci:malware bytes anti malware, lien ici:http://www.commentcamarche.net/telecharger/logiciel 4 securite
tuto ici:http://www.malekal.com/menu_tutorials_logiciels.php
Merci pour ton aide, la recherche est lancée, je patiente. Par contre j'ai aussi fait l'analyse avec Malware bytes, Anti malware que Guillaume m'a conseillé plus haut, mais rien de suspect n'a été trouvé... Je ne comprends rien à ce qui se passe...
Voilà (enfin !) le rapport avec Navilog1 :
Search Navipromo version 3.6.5 commencé le 21/09/2008 à 11:55:29,67
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Carina"
Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Carina\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ALAIN\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Romain\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Carina\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ALAIN\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Romain\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Carina\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ALAIN\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Romain\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Carina\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ALAIN\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\Romain\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Carina\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ALAIN\locals~1\applic~1" :
* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" :
* Dans "C:\DOCUME~1\Romain\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 21/09/2008 à 12:21:23,10 ***
Search Navipromo version 3.6.5 commencé le 21/09/2008 à 11:55:29,67
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Carina"
Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Carina\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ALAIN\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Romain\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Carina\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ALAIN\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Romain\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Carina\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ALAIN\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Romain\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Carina\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ALAIN\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\Romain\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Carina\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ALAIN\locals~1\applic~1" :
* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" :
* Dans "C:\DOCUME~1\Romain\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 21/09/2008 à 12:21:23,10 ***
Voilà le scan HijackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:13, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SurfairyHlp Class - {E0B9B5FE-B66E-4FB0-A1D9-726F0E743CFD} - C:\Program Files\Surfairy\SurfairyPP.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Help Creative Meow City] C:\Documents and Settings\All Users\Application Data\aim rect help creative\GRID PART.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ford keep] C:\DOCUME~1\Carina\APPLIC~1\OPTION~1\2 Bin Flag.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Global Startup: Hp psc 700 series.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Carina\Application Data\Dealio\kb126\res\DealioSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Suggestions - {2223664C-1942-4276-9A2D-E8D8F547C5D2} - res://EffiPeled (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:13, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SurfairyHlp Class - {E0B9B5FE-B66E-4FB0-A1D9-726F0E743CFD} - C:\Program Files\Surfairy\SurfairyPP.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Help Creative Meow City] C:\Documents and Settings\All Users\Application Data\aim rect help creative\GRID PART.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ford keep] C:\DOCUME~1\Carina\APPLIC~1\OPTION~1\2 Bin Flag.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Global Startup: Hp psc 700 series.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Carina\Application Data\Dealio\kb126\res\DealioSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Suggestions - {2223664C-1942-4276-9A2D-E8D8F547C5D2} - res://EffiPeled (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Re
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Voilà le rapport :
-----------\\ ToolBar S&D 1.2.0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Carina ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 35 Go Free : 15 Go
D:\ (Local Disk) - NTFS - Total : 74 Go Free : 58 Go
Q:\ (CD or DVD)
R:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [1] ( 21/09/2008|15:37 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\Carina\LOCALS~1\Temp\NERO14992\Toolbar.exe
C:\DOCUME~1\ALAIN\APPLIC~1\Dealio
C:\DOCUME~1\ALAIN\APPLIC~1\Dealio\kb126
C:\DOCUME~1\Romain\APPLIC~1\Dealio
C:\DOCUME~1\Romain\APPLIC~1\Dealio\kb126
C:\WINDOWS\Prefetch\DEALIOAU.EXE-0D71B01B.pf
C:\DOCUME~1\Carina\Cookies\carina@dealio[1].txt
C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
C:\DOCUME~1\ALAIN\APPLIC~1\Search Settings
C:\DOCUME~1\ALAIN\APPLIC~1\Search Settings\kb126
C:\DOCUME~1\Carina\APPLIC~1\Search Settings
C:\DOCUME~1\Carina\APPLIC~1\Search Settings\kb126
C:\DOCUME~1\Romain\APPLIC~1\Search Settings
C:\DOCUME~1\Romain\APPLIC~1\Search Settings\kb126
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb126
C:\Program Files\Search Settings\SearchSettings.exe
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="about:blank"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 21/09/2008|15:42 - Option : [1]
-----------\\ Fin du rapport a 15:42:16,37
-----------\\ ToolBar S&D 1.2.0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Carina ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 35 Go Free : 15 Go
D:\ (Local Disk) - NTFS - Total : 74 Go Free : 58 Go
Q:\ (CD or DVD)
R:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [1] ( 21/09/2008|15:37 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\Carina\LOCALS~1\Temp\NERO14992\Toolbar.exe
C:\DOCUME~1\ALAIN\APPLIC~1\Dealio
C:\DOCUME~1\ALAIN\APPLIC~1\Dealio\kb126
C:\DOCUME~1\Romain\APPLIC~1\Dealio
C:\DOCUME~1\Romain\APPLIC~1\Dealio\kb126
C:\WINDOWS\Prefetch\DEALIOAU.EXE-0D71B01B.pf
C:\DOCUME~1\Carina\Cookies\carina@dealio[1].txt
C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
C:\DOCUME~1\ALAIN\APPLIC~1\Search Settings
C:\DOCUME~1\ALAIN\APPLIC~1\Search Settings\kb126
C:\DOCUME~1\Carina\APPLIC~1\Search Settings
C:\DOCUME~1\Carina\APPLIC~1\Search Settings\kb126
C:\DOCUME~1\Romain\APPLIC~1\Search Settings
C:\DOCUME~1\Romain\APPLIC~1\Search Settings\kb126
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb126
C:\Program Files\Search Settings\SearchSettings.exe
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="about:blank"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 21/09/2008|15:42 - Option : [1]
-----------\\ Fin du rapport a 15:42:16,37
Ok
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Merci, voilà le rapport :
-----------\\ ToolBar S&D 1.2.0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Carina ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 35 Go Free : 15 Go
D:\ (Local Disk) - NTFS - Total : 74 Go Free : 58 Go
Q:\ (CD or DVD)
R:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [2] ( 21/09/2008|16:04 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Carina\LOCALS~1\Temp\NERO14992\Toolbar.exe
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\Dealio\kb126
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\Dealio\kb126
Supprime! - C:\WINDOWS\Prefetch\DEALIOAU.EXE-0D71B01B.pf
Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\Search Settings\kb126
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\Search Settings\kb126
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\Search Settings\kb126
Supprime! - C:\Program Files\Search Settings\kb126
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\Dealio
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\Dealio
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\Search Settings
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\Search Settings
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\Search Settings
Supprime! - C:\Program Files\Search Settings
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\Carina\Cookies\carina@dealio[2].txt
-----------\\ ToolBar S&D 1.2.0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Carina ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 35 Go Free : 15 Go
D:\ (Local Disk) - NTFS - Total : 74 Go Free : 58 Go
Q:\ (CD or DVD)
R:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [2] ( 21/09/2008|16:04 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Carina\LOCALS~1\Temp\NERO14992\Toolbar.exe
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\Dealio\kb126
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\Dealio\kb126
Supprime! - C:\WINDOWS\Prefetch\DEALIOAU.EXE-0D71B01B.pf
Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\Search Settings\kb126
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\Search Settings\kb126
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\Search Settings\kb126
Supprime! - C:\Program Files\Search Settings\kb126
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\Dealio
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\Dealio
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\Search Settings
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\Search Settings
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\Search Settings
Supprime! - C:\Program Files\Search Settings
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\Carina\Cookies\carina@dealio[2].txt
et la fin du rapport :
----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="about:blank"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 21/09/2008|15:42 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 21/09/2008|16:12 - Option : [2]
-----------\\ Fin du rapport a 16:12:32,45
----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="about:blank"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 21/09/2008|15:42 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 21/09/2008|16:12 - Option : [2]
-----------\\ Fin du rapport a 16:12:32,45
Impeccable
Télécharge ceci:https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
Télécharge ceci:https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
voici le rapport :
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Carina ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 35 Go Free : 15 Go
D:\ (Local Disk) - NTFS - Total : 74 Go Free : 58 Go
Q:\ (CD or DVD)
R:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 21/09/2008|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[13/01/2008|01:32] C:\DOCUME~1\ALAIN\APPLIC~1\Adobe
[22/02/2008|00:05] C:\DOCUME~1\ALAIN\APPLIC~1\AdobeUM
[24/02/2008|20:31] C:\DOCUME~1\ALAIN\APPLIC~1\ArcSoft
[13/01/2008|14:26] C:\DOCUME~1\ALAIN\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[16/01/2008|00:07] C:\DOCUME~1\ALAIN\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[13/01/2008|01:12] C:\DOCUME~1\ALAIN\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\ALAIN\APPLIC~1\InterTrust
[13/01/2008|10:57] C:\DOCUME~1\ALAIN\APPLIC~1\Macromedia
[07/09/2008|17:16] C:\DOCUME~1\ALAIN\APPLIC~1\Microsoft
[01/09/2008|22:55] C:\DOCUME~1\ALAIN\APPLIC~1\OptionOnceBold
[28/06/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/08/2008|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[21/09/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative
[19/02/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alexandra Ledermann 8
[05/07/2008|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[05/07/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[16/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[21/09/2008|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[15/01/2008|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[15/04/2008|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/02/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[15/08/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[14/08/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero(2)
[13/01/2008|01:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[26/04/2008|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[20/02/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/04/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/02/2008|15:06] C:\DOCUME~1\Carina\APPLIC~1\Adobe
[28/06/2008|17:16] C:\DOCUME~1\Carina\APPLIC~1\AdobeUM
[22/07/2008|20:08] C:\DOCUME~1\Carina\APPLIC~1\Ahead
[05/07/2008|22:22] C:\DOCUME~1\Carina\APPLIC~1\Apple Computer
[20/02/2008|16:00] C:\DOCUME~1\Carina\APPLIC~1\ArcSoft
[14/08/2008|13:44] C:\DOCUME~1\Carina\APPLIC~1\Creative
[13/01/2008|11:39] C:\DOCUME~1\Carina\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[06/04/2008|15:10] C:\DOCUME~1\Carina\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[14/08/2008|18:47] C:\DOCUME~1\Carina\APPLIC~1\GrabPro
[20/02/2008|16:58] C:\DOCUME~1\Carina\APPLIC~1\Help
[13/01/2008|01:12] C:\DOCUME~1\Carina\APPLIC~1\Identities
[19/02/2008|18:40] C:\DOCUME~1\Carina\APPLIC~1\InstallShield
[13/01/2008|01:32] C:\DOCUME~1\Carina\APPLIC~1\InterTrust
[16/04/2008|20:23] C:\DOCUME~1\Carina\APPLIC~1\Macromedia
[21/09/2008|10:35] C:\DOCUME~1\Carina\APPLIC~1\Malwarebytes
[13/01/2008|12:24] C:\DOCUME~1\Carina\APPLIC~1\MGI
[15/04/2008|18:39] C:\DOCUME~1\Carina\APPLIC~1\Microsoft
[19/02/2008|17:46] C:\DOCUME~1\Carina\APPLIC~1\MSN6
[17/07/2008|14:51] C:\DOCUME~1\Carina\APPLIC~1\OpenOffice.org2
[21/09/2008|09:51] C:\DOCUME~1\Carina\APPLIC~1\OptionOnceBold
[14/08/2008|18:55] C:\DOCUME~1\Carina\APPLIC~1\Orbit
[20/02/2008|16:01] C:\DOCUME~1\Carina\APPLIC~1\Panasonic
[20/02/2008|20:06] C:\DOCUME~1\Carina\APPLIC~1\SecuROM
[13/01/2008|17:47] C:\DOCUME~1\Carina\APPLIC~1\vlc
[15/04/2008|19:26] C:\DOCUME~1\Carina\APPLIC~1\Windows Live Writer
[16/04/2008|19:12] C:\DOCUME~1\Carina\APPLIC~1\WinRAR
[13/01/2008|01:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[13/01/2008|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[13/01/2008|01:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[29/05/2008|22:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[13/01/2008|01:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/01/2008|01:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/01/2008|01:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[13/01/2008|01:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterTrust
[13/01/2008|01:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[14/02/2008|18:44] C:\DOCUME~1\Romain\APPLIC~1\Adobe
[17/02/2008|11:32] C:\DOCUME~1\Romain\APPLIC~1\AdobeUM
[18/01/2008|18:18] C:\DOCUME~1\Romain\APPLIC~1\Ahead
[27/07/2008|10:25] C:\DOCUME~1\Romain\APPLIC~1\Apple Computer
[25/08/2008|19:11] C:\DOCUME~1\Romain\APPLIC~1\DivX
[16/01/2008|00:42] C:\DOCUME~1\Romain\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/01/2008|19:11] C:\DOCUME~1\Romain\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[19/01/2008|11:08] C:\DOCUME~1\Romain\APPLIC~1\Help
[13/01/2008|01:12] C:\DOCUME~1\Romain\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\Romain\APPLIC~1\InterTrust
[17/01/2008|19:14] C:\DOCUME~1\Romain\APPLIC~1\Macromedia
[25/08/2008|18:57] C:\DOCUME~1\Romain\APPLIC~1\Microsoft
[30/08/2008|09:05] C:\DOCUME~1\Romain\APPLIC~1\OptionOnceBold
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[21/09/2008 16:00][--ah-----] C:\WINDOWS\tasks\AE9B38C79188A93B.job
[21/09/2008 16:00][--ah-----] C:\WINDOWS\tasks\AB58F4AF91876BCB.job
[21/09/2008 10:03][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AB58F4AF91876BCB.job )=( c:\docume~1\romain\applic~1\option~1\Funkitchplay.exe )
( AE9B38C79188A93B.job )=( c:\docume~1\carina\applic~1\option~1\Funkitchplay.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|17:12] C:\Program Files\Adobe
[13/01/2008|12:34] C:\Program Files\Alwil Software
[05/07/2008|22:16] C:\Program Files\Apple Software Update
[20/02/2008|15:49] C:\Program Files\ArcSoft
[21/02/2008|17:35] C:\Program Files\ATI Technologies
[13/01/2008|01:25] C:\Program Files\Audioneer
[13/01/2008|01:23] C:\Program Files\BackWeb
[13/01/2008|01:05] C:\Program Files\ComPlus Applications
[13/01/2008|01:30] C:\Program Files\DesignPro 2000
[19/02/2008|16:57] C:\Program Files\DivX
[13/01/2008|11:02] C:\Program Files\D-Link
[14/09/2008|16:20] C:\Program Files\EHMINSTALL
[14/08/2008|13:11] C:\Program Files\Fichiers communs
[13/01/2008|01:30] C:\Program Files\HandyBits
[17/04/2008|10:35] C:\Program Files\Hewlett-Packard
[14/08/2008|13:44] C:\Program Files\InstallShield Installation Information
[14/08/2008|21:59] C:\Program Files\Internet Explorer
[14/08/2008|22:03] C:\Program Files\Messenger
[30/08/2008|09:04] C:\Program Files\Messenger Plus! Live
[13/01/2008|12:24] C:\Program Files\MGI
[26/04/2008|17:33] C:\Program Files\Micro Application
[13/01/2008|01:08] C:\Program Files\microsoft frontpage
[13/01/2008|11:49] C:\Program Files\Microsoft Games
[13/01/2008|01:31] C:\Program Files\Microsoft Money
[19/02/2008|16:55] C:\Program Files\Microsoft Office
[15/04/2008|18:46] C:\Program Files\Microsoft SQL Server Compact Edition
[13/01/2008|01:19] C:\Program Files\MouseWare
[20/02/2008|21:01] C:\Program Files\Movie Maker
[15/04/2008|18:54] C:\Program Files\MSN
[13/01/2008|01:04] C:\Program Files\MSN Gaming Zone
[21/09/2008|15:55] C:\Program Files\Navilog1
[15/01/2008|17:23] C:\Program Files\Nero
[20/02/2008|20:57] C:\Program Files\NetMeeting
[16/04/2008|20:57] C:\Program Files\OpenOffice.org 2.1
[16/03/2008|03:36] C:\Program Files\Outlook Express
[20/02/2008|15:51] C:\Program Files\Panasonic
[13/01/2008|02:06] C:\Program Files\Prassi PrimoDVD 2.0 (French)
[05/07/2008|22:19] C:\Program Files\QuickTime
[19/02/2008|16:57] C:\Program Files\QuickTime(2)
[13/01/2008|01:31] C:\Program Files\SBApps
[13/01/2008|17:33] C:\Program Files\Screensaver Wonder 4
[13/01/2008|01:04] C:\Program Files\Services en ligne
[26/06/2008|19:32] C:\Program Files\SimTractor 3.5
[14/08/2008|13:44] C:\Program Files\SimTractor 4.0
[13/01/2008|01:27] C:\Program Files\Surfairy
[13/01/2008|11:06] C:\Program Files\TELE2
[21/09/2008|00:28] C:\Program Files\Trend Micro
[18/02/2008|22:36] C:\Program Files\Uninstall Information
[13/01/2008|17:35] C:\Program Files\VideoLAN
[16/04/2008|20:11] C:\Program Files\VirginMega
[17/04/2008|11:02] C:\Program Files\Windows Live
[19/09/2008|21:32] C:\Program Files\Windows Media Connect 2
[15/04/2008|23:12] C:\Program Files\Windows Media Player
[16/01/2008|00:16] C:\Program Files\Windows Messaging
[20/02/2008|20:57] C:\Program Files\Windows NT
[13/01/2008|14:49] C:\Program Files\WindowsUpdate
[13/01/2008|01:08] C:\Program Files\xerox
[15/08/2008|09:59] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/02/2008|20:29] C:\Program Files\Fichiers communs\Adobe
[15/08/2008|13:11] C:\Program Files\Fichiers communs\Ahead
[05/07/2008|22:15] C:\Program Files\Fichiers communs\Apple
[13/01/2008|01:29] C:\Program Files\Fichiers communs\Designer
[14/08/2008|13:40] C:\Program Files\Fichiers communs\Elecard
[20/02/2008|15:52] C:\Program Files\Fichiers communs\InstallShield
[20/01/2008|16:51] C:\Program Files\Fichiers communs\LightScribe
[13/01/2008|01:19] C:\Program Files\Fichiers communs\Logitech
[13/01/2008|12:24] C:\Program Files\Fichiers communs\MGI Shared
[15/04/2008|18:45] C:\Program Files\Fichiers communs\Microsoft Shared
[13/01/2008|01:05] C:\Program Files\Fichiers communs\MSSoap
[13/01/2008|01:00] C:\Program Files\Fichiers communs\ODBC
[19/02/2008|16:10] C:\Program Files\Fichiers communs\Services
[14/08/2008|13:40] C:\Program Files\Fichiers communs\Solveig Multimedia
[13/01/2008|01:00] C:\Program Files\Fichiers communs\SpeechEngines
[16/03/2008|03:36] C:\Program Files\Fichiers communs\System
[04/08/2008|15:38] C:\Program Files\Fichiers communs\Teknum Systems
[15/04/2008|18:44] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 48 Processes )
iexplore.exe ~ [PID:176]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative
C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative\GRID PART.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative\HOLD HIDE.exe
C:\DOCUME~1\ALAIN\APPLIC~1\option~1
C:\DOCUME~1\ALAIN\APPLIC~1\option~1\2 Bin Flag.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1
C:\DOCUME~1\Carina\APPLIC~1\option~1\2 Bin Flag.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\fsbyknji.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\Funk itch play.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\gkgbssat.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\lpjgzksa.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\MPEGVGAOKAYCURB.exe
C:\DOCUME~1\Romain\APPLIC~1\option~1
C:\DOCUME~1\Romain\APPLIC~1\option~1\2 Bin Flag.exe
C:\DOCUME~1\Romain\APPLIC~1\option~1\Funk itch play.exe
C:\DOCUME~1\Romain\APPLIC~1\option~1\MPEGVGAOKAYCURB.exe
C:\DOCUME~1\Romain\APPLIC~1\option~1\txghbxui.exe
C:\DOCUME~1\Carina\Cookies\carina@advertstream[2].txt
C:\DOCUME~1\Carina\Cookies\carina@orbitdownloader[1].txt
C:\DOCUME~1\Carina\Cookies\carina@search.orbitdownloader[1].txt
C:\DOCUME~1\Carina\Cookies\carina@www.orbitdownloader[1].txt
C:\DOCUME~1\Carina\Cookies\carina@banner.casinoking[2].txt
C:\DOCUME~1\Carina\Cookies\carina@casinoking[1].txt
C:\DOCUME~1\Carina\Cookies\carina@banner.cotedazurpalace[2].txt
C:\DOCUME~1\Carina\Cookies\carina@cotedazurpalace[2].txt
C:\DOCUME~1\Carina\Cookies\carina@adopt.euroclick[2].txt
C:\DOCUME~1\Carina\Cookies\carina@pacificpoker[1].txt
C:\DOCUME~1\Carina\Cookies\carina@partypoker[1].txt
C:\DOCUME~1\Carina\Cookies\carina@32vegas[2].txt
C:\DOCUME~1\Carina\Cookies\carina@banner.32vegas[2].txt
C:\DOCUME~1\Carina\Cookies\carina@blogs.lasvegasmagazine[2].txt
C:\WINDOWS\Tasks\AB58F4AF91876BCB.job
C:\WINDOWS\Tasks\AE9B38C79188A93B.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ford keep"="C:\\DOCUME~1\\Carina\\APPLIC~1\\OPTION~1\\2 Bin Flag.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Help Creative Meow City"="C:\\Documents and Settings\\All Users\\Application Data\\aim rect help creative\\GRID PART.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 16:25:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:3409][D:104]-> C:\DOCUME~1\Carina\LOCALS~1\Temp
[F:811][D:0]-> C:\DOCUME~1\Carina\Cookies
[F:6810][D:22]-> C:\DOCUME~1\Carina\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 21/09/2008|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:03
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Carina ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 35 Go Free : 15 Go
D:\ (Local Disk) - NTFS - Total : 74 Go Free : 58 Go
Q:\ (CD or DVD)
R:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 21/09/2008|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[13/01/2008|01:32] C:\DOCUME~1\ALAIN\APPLIC~1\Adobe
[22/02/2008|00:05] C:\DOCUME~1\ALAIN\APPLIC~1\AdobeUM
[24/02/2008|20:31] C:\DOCUME~1\ALAIN\APPLIC~1\ArcSoft
[13/01/2008|14:26] C:\DOCUME~1\ALAIN\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[16/01/2008|00:07] C:\DOCUME~1\ALAIN\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[13/01/2008|01:12] C:\DOCUME~1\ALAIN\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\ALAIN\APPLIC~1\InterTrust
[13/01/2008|10:57] C:\DOCUME~1\ALAIN\APPLIC~1\Macromedia
[07/09/2008|17:16] C:\DOCUME~1\ALAIN\APPLIC~1\Microsoft
[01/09/2008|22:55] C:\DOCUME~1\ALAIN\APPLIC~1\OptionOnceBold
[28/06/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/08/2008|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[21/09/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative
[19/02/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alexandra Ledermann 8
[05/07/2008|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[05/07/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[16/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[21/09/2008|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[15/01/2008|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[15/04/2008|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/02/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[15/08/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[14/08/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero(2)
[13/01/2008|01:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[26/04/2008|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[20/02/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/04/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/02/2008|15:06] C:\DOCUME~1\Carina\APPLIC~1\Adobe
[28/06/2008|17:16] C:\DOCUME~1\Carina\APPLIC~1\AdobeUM
[22/07/2008|20:08] C:\DOCUME~1\Carina\APPLIC~1\Ahead
[05/07/2008|22:22] C:\DOCUME~1\Carina\APPLIC~1\Apple Computer
[20/02/2008|16:00] C:\DOCUME~1\Carina\APPLIC~1\ArcSoft
[14/08/2008|13:44] C:\DOCUME~1\Carina\APPLIC~1\Creative
[13/01/2008|11:39] C:\DOCUME~1\Carina\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[06/04/2008|15:10] C:\DOCUME~1\Carina\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[14/08/2008|18:47] C:\DOCUME~1\Carina\APPLIC~1\GrabPro
[20/02/2008|16:58] C:\DOCUME~1\Carina\APPLIC~1\Help
[13/01/2008|01:12] C:\DOCUME~1\Carina\APPLIC~1\Identities
[19/02/2008|18:40] C:\DOCUME~1\Carina\APPLIC~1\InstallShield
[13/01/2008|01:32] C:\DOCUME~1\Carina\APPLIC~1\InterTrust
[16/04/2008|20:23] C:\DOCUME~1\Carina\APPLIC~1\Macromedia
[21/09/2008|10:35] C:\DOCUME~1\Carina\APPLIC~1\Malwarebytes
[13/01/2008|12:24] C:\DOCUME~1\Carina\APPLIC~1\MGI
[15/04/2008|18:39] C:\DOCUME~1\Carina\APPLIC~1\Microsoft
[19/02/2008|17:46] C:\DOCUME~1\Carina\APPLIC~1\MSN6
[17/07/2008|14:51] C:\DOCUME~1\Carina\APPLIC~1\OpenOffice.org2
[21/09/2008|09:51] C:\DOCUME~1\Carina\APPLIC~1\OptionOnceBold
[14/08/2008|18:55] C:\DOCUME~1\Carina\APPLIC~1\Orbit
[20/02/2008|16:01] C:\DOCUME~1\Carina\APPLIC~1\Panasonic
[20/02/2008|20:06] C:\DOCUME~1\Carina\APPLIC~1\SecuROM
[13/01/2008|17:47] C:\DOCUME~1\Carina\APPLIC~1\vlc
[15/04/2008|19:26] C:\DOCUME~1\Carina\APPLIC~1\Windows Live Writer
[16/04/2008|19:12] C:\DOCUME~1\Carina\APPLIC~1\WinRAR
[13/01/2008|01:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[13/01/2008|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[13/01/2008|01:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[29/05/2008|22:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[13/01/2008|01:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/01/2008|01:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/01/2008|01:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[13/01/2008|01:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterTrust
[13/01/2008|01:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[14/02/2008|18:44] C:\DOCUME~1\Romain\APPLIC~1\Adobe
[17/02/2008|11:32] C:\DOCUME~1\Romain\APPLIC~1\AdobeUM
[18/01/2008|18:18] C:\DOCUME~1\Romain\APPLIC~1\Ahead
[27/07/2008|10:25] C:\DOCUME~1\Romain\APPLIC~1\Apple Computer
[25/08/2008|19:11] C:\DOCUME~1\Romain\APPLIC~1\DivX
[16/01/2008|00:42] C:\DOCUME~1\Romain\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/01/2008|19:11] C:\DOCUME~1\Romain\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[19/01/2008|11:08] C:\DOCUME~1\Romain\APPLIC~1\Help
[13/01/2008|01:12] C:\DOCUME~1\Romain\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\Romain\APPLIC~1\InterTrust
[17/01/2008|19:14] C:\DOCUME~1\Romain\APPLIC~1\Macromedia
[25/08/2008|18:57] C:\DOCUME~1\Romain\APPLIC~1\Microsoft
[30/08/2008|09:05] C:\DOCUME~1\Romain\APPLIC~1\OptionOnceBold
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[21/09/2008 16:00][--ah-----] C:\WINDOWS\tasks\AE9B38C79188A93B.job
[21/09/2008 16:00][--ah-----] C:\WINDOWS\tasks\AB58F4AF91876BCB.job
[21/09/2008 10:03][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AB58F4AF91876BCB.job )=( c:\docume~1\romain\applic~1\option~1\Funkitchplay.exe )
( AE9B38C79188A93B.job )=( c:\docume~1\carina\applic~1\option~1\Funkitchplay.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|17:12] C:\Program Files\Adobe
[13/01/2008|12:34] C:\Program Files\Alwil Software
[05/07/2008|22:16] C:\Program Files\Apple Software Update
[20/02/2008|15:49] C:\Program Files\ArcSoft
[21/02/2008|17:35] C:\Program Files\ATI Technologies
[13/01/2008|01:25] C:\Program Files\Audioneer
[13/01/2008|01:23] C:\Program Files\BackWeb
[13/01/2008|01:05] C:\Program Files\ComPlus Applications
[13/01/2008|01:30] C:\Program Files\DesignPro 2000
[19/02/2008|16:57] C:\Program Files\DivX
[13/01/2008|11:02] C:\Program Files\D-Link
[14/09/2008|16:20] C:\Program Files\EHMINSTALL
[14/08/2008|13:11] C:\Program Files\Fichiers communs
[13/01/2008|01:30] C:\Program Files\HandyBits
[17/04/2008|10:35] C:\Program Files\Hewlett-Packard
[14/08/2008|13:44] C:\Program Files\InstallShield Installation Information
[14/08/2008|21:59] C:\Program Files\Internet Explorer
[14/08/2008|22:03] C:\Program Files\Messenger
[30/08/2008|09:04] C:\Program Files\Messenger Plus! Live
[13/01/2008|12:24] C:\Program Files\MGI
[26/04/2008|17:33] C:\Program Files\Micro Application
[13/01/2008|01:08] C:\Program Files\microsoft frontpage
[13/01/2008|11:49] C:\Program Files\Microsoft Games
[13/01/2008|01:31] C:\Program Files\Microsoft Money
[19/02/2008|16:55] C:\Program Files\Microsoft Office
[15/04/2008|18:46] C:\Program Files\Microsoft SQL Server Compact Edition
[13/01/2008|01:19] C:\Program Files\MouseWare
[20/02/2008|21:01] C:\Program Files\Movie Maker
[15/04/2008|18:54] C:\Program Files\MSN
[13/01/2008|01:04] C:\Program Files\MSN Gaming Zone
[21/09/2008|15:55] C:\Program Files\Navilog1
[15/01/2008|17:23] C:\Program Files\Nero
[20/02/2008|20:57] C:\Program Files\NetMeeting
[16/04/2008|20:57] C:\Program Files\OpenOffice.org 2.1
[16/03/2008|03:36] C:\Program Files\Outlook Express
[20/02/2008|15:51] C:\Program Files\Panasonic
[13/01/2008|02:06] C:\Program Files\Prassi PrimoDVD 2.0 (French)
[05/07/2008|22:19] C:\Program Files\QuickTime
[19/02/2008|16:57] C:\Program Files\QuickTime(2)
[13/01/2008|01:31] C:\Program Files\SBApps
[13/01/2008|17:33] C:\Program Files\Screensaver Wonder 4
[13/01/2008|01:04] C:\Program Files\Services en ligne
[26/06/2008|19:32] C:\Program Files\SimTractor 3.5
[14/08/2008|13:44] C:\Program Files\SimTractor 4.0
[13/01/2008|01:27] C:\Program Files\Surfairy
[13/01/2008|11:06] C:\Program Files\TELE2
[21/09/2008|00:28] C:\Program Files\Trend Micro
[18/02/2008|22:36] C:\Program Files\Uninstall Information
[13/01/2008|17:35] C:\Program Files\VideoLAN
[16/04/2008|20:11] C:\Program Files\VirginMega
[17/04/2008|11:02] C:\Program Files\Windows Live
[19/09/2008|21:32] C:\Program Files\Windows Media Connect 2
[15/04/2008|23:12] C:\Program Files\Windows Media Player
[16/01/2008|00:16] C:\Program Files\Windows Messaging
[20/02/2008|20:57] C:\Program Files\Windows NT
[13/01/2008|14:49] C:\Program Files\WindowsUpdate
[13/01/2008|01:08] C:\Program Files\xerox
[15/08/2008|09:59] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/02/2008|20:29] C:\Program Files\Fichiers communs\Adobe
[15/08/2008|13:11] C:\Program Files\Fichiers communs\Ahead
[05/07/2008|22:15] C:\Program Files\Fichiers communs\Apple
[13/01/2008|01:29] C:\Program Files\Fichiers communs\Designer
[14/08/2008|13:40] C:\Program Files\Fichiers communs\Elecard
[20/02/2008|15:52] C:\Program Files\Fichiers communs\InstallShield
[20/01/2008|16:51] C:\Program Files\Fichiers communs\LightScribe
[13/01/2008|01:19] C:\Program Files\Fichiers communs\Logitech
[13/01/2008|12:24] C:\Program Files\Fichiers communs\MGI Shared
[15/04/2008|18:45] C:\Program Files\Fichiers communs\Microsoft Shared
[13/01/2008|01:05] C:\Program Files\Fichiers communs\MSSoap
[13/01/2008|01:00] C:\Program Files\Fichiers communs\ODBC
[19/02/2008|16:10] C:\Program Files\Fichiers communs\Services
[14/08/2008|13:40] C:\Program Files\Fichiers communs\Solveig Multimedia
[13/01/2008|01:00] C:\Program Files\Fichiers communs\SpeechEngines
[16/03/2008|03:36] C:\Program Files\Fichiers communs\System
[04/08/2008|15:38] C:\Program Files\Fichiers communs\Teknum Systems
[15/04/2008|18:44] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 48 Processes )
iexplore.exe ~ [PID:176]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative
C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative\GRID PART.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative\HOLD HIDE.exe
C:\DOCUME~1\ALAIN\APPLIC~1\option~1
C:\DOCUME~1\ALAIN\APPLIC~1\option~1\2 Bin Flag.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1
C:\DOCUME~1\Carina\APPLIC~1\option~1\2 Bin Flag.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\fsbyknji.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\Funk itch play.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\gkgbssat.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\lpjgzksa.exe
C:\DOCUME~1\Carina\APPLIC~1\option~1\MPEGVGAOKAYCURB.exe
C:\DOCUME~1\Romain\APPLIC~1\option~1
C:\DOCUME~1\Romain\APPLIC~1\option~1\2 Bin Flag.exe
C:\DOCUME~1\Romain\APPLIC~1\option~1\Funk itch play.exe
C:\DOCUME~1\Romain\APPLIC~1\option~1\MPEGVGAOKAYCURB.exe
C:\DOCUME~1\Romain\APPLIC~1\option~1\txghbxui.exe
C:\DOCUME~1\Carina\Cookies\carina@advertstream[2].txt
C:\DOCUME~1\Carina\Cookies\carina@orbitdownloader[1].txt
C:\DOCUME~1\Carina\Cookies\carina@search.orbitdownloader[1].txt
C:\DOCUME~1\Carina\Cookies\carina@www.orbitdownloader[1].txt
C:\DOCUME~1\Carina\Cookies\carina@banner.casinoking[2].txt
C:\DOCUME~1\Carina\Cookies\carina@casinoking[1].txt
C:\DOCUME~1\Carina\Cookies\carina@banner.cotedazurpalace[2].txt
C:\DOCUME~1\Carina\Cookies\carina@cotedazurpalace[2].txt
C:\DOCUME~1\Carina\Cookies\carina@adopt.euroclick[2].txt
C:\DOCUME~1\Carina\Cookies\carina@pacificpoker[1].txt
C:\DOCUME~1\Carina\Cookies\carina@partypoker[1].txt
C:\DOCUME~1\Carina\Cookies\carina@32vegas[2].txt
C:\DOCUME~1\Carina\Cookies\carina@banner.32vegas[2].txt
C:\DOCUME~1\Carina\Cookies\carina@blogs.lasvegasmagazine[2].txt
C:\WINDOWS\Tasks\AB58F4AF91876BCB.job
C:\WINDOWS\Tasks\AE9B38C79188A93B.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ford keep"="C:\\DOCUME~1\\Carina\\APPLIC~1\\OPTION~1\\2 Bin Flag.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Help Creative Meow City"="C:\\Documents and Settings\\All Users\\Application Data\\aim rect help creative\\GRID PART.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 16:25:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:3409][D:104]-> C:\DOCUME~1\Carina\LOCALS~1\Temp
[F:811][D:0]-> C:\DOCUME~1\Carina\Cookies
[F:6810][D:22]-> C:\DOCUME~1\Carina\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 21/09/2008|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:03
C'est fait :
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Carina ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 35 Go Free : 15 Go
D:\ (Local Disk) - NTFS - Total : 74 Go Free : 58 Go
Q:\ (CD or DVD)
R:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [2] ( 21/09/2008|16:35 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative\GRID PART.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative\HOLD HIDE.exe
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\option~1\2 Bin Flag.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\2 Bin Flag.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\fsbyknji.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\Funk itch play.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\gkgbssat.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\lpjgzksa.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\MPEGVGAOKAYCURB.exe
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1\2 Bin Flag.exe
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1\Funk itch play.exe
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1\MPEGVGAOKAYCURB.exe
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1\txghbxui.exe
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@advertstream[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@orbitdownloader[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@search.orbitdownloader[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@www.orbitdownloader[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@casinoking[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@partypoker[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@32vegas[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@blogs.lasvegasmagazine[2].txt
Supprime! - C:\WINDOWS\Tasks\AB58F4AF91876BCB.job
Supprime! - C:\WINDOWS\Tasks\AE9B38C79188A93B.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\option~1
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[13/01/2008|01:32] C:\DOCUME~1\ALAIN\APPLIC~1\Adobe
[22/02/2008|00:05] C:\DOCUME~1\ALAIN\APPLIC~1\AdobeUM
[24/02/2008|20:31] C:\DOCUME~1\ALAIN\APPLIC~1\ArcSoft
[13/01/2008|14:26] C:\DOCUME~1\ALAIN\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[16/01/2008|00:07] C:\DOCUME~1\ALAIN\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[13/01/2008|01:12] C:\DOCUME~1\ALAIN\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\ALAIN\APPLIC~1\InterTrust
[13/01/2008|10:57] C:\DOCUME~1\ALAIN\APPLIC~1\Macromedia
[07/09/2008|17:16] C:\DOCUME~1\ALAIN\APPLIC~1\Microsoft
[28/06/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/08/2008|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[19/02/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alexandra Ledermann 8
[05/07/2008|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[05/07/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[16/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[21/09/2008|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[15/01/2008|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[15/04/2008|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/02/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[15/08/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[14/08/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero(2)
[13/01/2008|01:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[26/04/2008|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[20/02/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/04/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/02/2008|15:06] C:\DOCUME~1\Carina\APPLIC~1\Adobe
[28/06/2008|17:16] C:\DOCUME~1\Carina\APPLIC~1\AdobeUM
[22/07/2008|20:08] C:\DOCUME~1\Carina\APPLIC~1\Ahead
[05/07/2008|22:22] C:\DOCUME~1\Carina\APPLIC~1\Apple Computer
[20/02/2008|16:00] C:\DOCUME~1\Carina\APPLIC~1\ArcSoft
[14/08/2008|13:44] C:\DOCUME~1\Carina\APPLIC~1\Creative
[13/01/2008|11:39] C:\DOCUME~1\Carina\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[06/04/2008|15:10] C:\DOCUME~1\Carina\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[14/08/2008|18:47] C:\DOCUME~1\Carina\APPLIC~1\GrabPro
[20/02/2008|16:58] C:\DOCUME~1\Carina\APPLIC~1\Help
[13/01/2008|01:12] C:\DOCUME~1\Carina\APPLIC~1\Identities
[19/02/2008|18:40] C:\DOCUME~1\Carina\APPLIC~1\InstallShield
[13/01/2008|01:32] C:\DOCUME~1\Carina\APPLIC~1\InterTrust
[16/04/2008|20:23] C:\DOCUME~1\Carina\APPLIC~1\Macromedia
[21/09/2008|10:35] C:\DOCUME~1\Carina\APPLIC~1\Malwarebytes
[13/01/2008|12:24] C:\DOCUME~1\Carina\APPLIC~1\MGI
[15/04/2008|18:39] C:\DOCUME~1\Carina\APPLIC~1\Microsoft
[19/02/2008|17:46] C:\DOCUME~1\Carina\APPLIC~1\MSN6
[17/07/2008|14:51] C:\DOCUME~1\Carina\APPLIC~1\OpenOffice.org2
[14/08/2008|18:55] C:\DOCUME~1\Carina\APPLIC~1\Orbit
[20/02/2008|16:01] C:\DOCUME~1\Carina\APPLIC~1\Panasonic
[20/02/2008|20:06] C:\DOCUME~1\Carina\APPLIC~1\SecuROM
[13/01/2008|17:47] C:\DOCUME~1\Carina\APPLIC~1\vlc
[15/04/2008|19:26] C:\DOCUME~1\Carina\APPLIC~1\Windows Live Writer
[16/04/2008|19:12] C:\DOCUME~1\Carina\APPLIC~1\WinRAR
[13/01/2008|01:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[13/01/2008|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[13/01/2008|01:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[29/05/2008|22:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[13/01/2008|01:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/01/2008|01:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/01/2008|01:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[13/01/2008|01:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterTrust
[13/01/2008|01:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[14/02/2008|18:44] C:\DOCUME~1\Romain\APPLIC~1\Adobe
[17/02/2008|11:32] C:\DOCUME~1\Romain\APPLIC~1\AdobeUM
[18/01/2008|18:18] C:\DOCUME~1\Romain\APPLIC~1\Ahead
[27/07/2008|10:25] C:\DOCUME~1\Romain\APPLIC~1\Apple Computer
[25/08/2008|19:11] C:\DOCUME~1\Romain\APPLIC~1\DivX
[16/01/2008|00:42] C:\DOCUME~1\Romain\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/01/2008|19:11] C:\DOCUME~1\Romain\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[19/01/2008|11:08] C:\DOCUME~1\Romain\APPLIC~1\Help
[13/01/2008|01:12] C:\DOCUME~1\Romain\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\Romain\APPLIC~1\InterTrust
[17/01/2008|19:14] C:\DOCUME~1\Romain\APPLIC~1\Macromedia
[25/08/2008|18:57] C:\DOCUME~1\Romain\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[21/09/2008 10:03][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|17:12] C:\Program Files\Adobe
[13/01/2008|12:34] C:\Program Files\Alwil Software
[05/07/2008|22:16] C:\Program Files\Apple Software Update
[20/02/2008|15:49] C:\Program Files\ArcSoft
[21/02/2008|17:35] C:\Program Files\ATI Technologies
[13/01/2008|01:25] C:\Program Files\Audioneer
[13/01/2008|01:23] C:\Program Files\BackWeb
[13/01/2008|01:05] C:\Program Files\ComPlus Applications
[13/01/2008|01:30] C:\Program Files\DesignPro 2000
[19/02/2008|16:57] C:\Program Files\DivX
[13/01/2008|11:02] C:\Program Files\D-Link
[14/09/2008|16:20] C:\Program Files\EHMINSTALL
[14/08/2008|13:11] C:\Program Files\Fichiers communs
[13/01/2008|01:30] C:\Program Files\HandyBits
[17/04/2008|10:35] C:\Program Files\Hewlett-Packard
[14/08/2008|13:44] C:\Program Files\InstallShield Installation Information
[14/08/2008|21:59] C:\Program Files\Internet Explorer
[14/08/2008|22:03] C:\Program Files\Messenger
[30/08/2008|09:04] C:\Program Files\Messenger Plus! Live
[13/01/2008|12:24] C:\Program Files\MGI
[26/04/2008|17:33] C:\Program Files\Micro Application
[13/01/2008|01:08] C:\Program Files\microsoft frontpage
[13/01/2008|11:49] C:\Program Files\Microsoft Games
[13/01/2008|01:31] C:\Program Files\Microsoft Money
[19/02/2008|16:55] C:\Program Files\Microsoft Office
[15/04/2008|18:46] C:\Program Files\Microsoft SQL Server Compact Edition
[13/01/2008|01:19] C:\Program Files\MouseWare
[20/02/2008|21:01] C:\Program Files\Movie Maker
[15/04/2008|18:54] C:\Program Files\MSN
[13/01/2008|01:04] C:\Program Files\MSN Gaming Zone
[21/09/2008|15:55] C:\Program Files\Navilog1
[15/01/2008|17:23] C:\Program Files\Nero
[20/02/2008|20:57] C:\Program Files\NetMeeting
[16/04/2008|20:57] C:\Program Files\OpenOffice.org 2.1
[16/03/2008|03:36] C:\Program Files\Outlook Express
[20/02/2008|15:51] C:\Program Files\Panasonic
[13/01/2008|02:06] C:\Program Files\Prassi PrimoDVD 2.0 (French)
[05/07/2008|22:19] C:\Program Files\QuickTime
[19/02/2008|16:57] C:\Program Files\QuickTime(2)
[13/01/2008|01:31] C:\Program Files\SBApps
[13/01/2008|17:33] C:\Program Files\Screensaver Wonder 4
[13/01/2008|01:04] C:\Program Files\Services en ligne
[26/06/2008|19:32] C:\Program Files\SimTractor 3.5
[14/08/2008|13:44] C:\Program Files\SimTractor 4.0
[13/01/2008|01:27] C:\Program Files\Surfairy
[13/01/2008|11:06] C:\Program Files\TELE2
[21/09/2008|00:28] C:\Program Files\Trend Micro
[18/02/2008|22:36] C:\Program Files\Uninstall Information
[13/01/2008|17:35] C:\Program Files\VideoLAN
[16/04/2008|20:11] C:\Program Files\VirginMega
[17/04/2008|11:02] C:\Program Files\Windows Live
[19/09/2008|21:32] C:\Program Files\Windows Media Connect 2
[15/04/2008|23:12] C:\Program Files\Windows Media Player
[16/01/2008|00:16] C:\Program Files\Windows Messaging
[20/02/2008|20:57] C:\Program Files\Windows NT
[13/01/2008|14:49] C:\Program Files\WindowsUpdate
[13/01/2008|01:08] C:\Program Files\xerox
[15/08/2008|09:59] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/02/2008|20:29] C:\Program Files\Fichiers communs\Adobe
[15/08/2008|13:11] C:\Program Files\Fichiers communs\Ahead
[05/07/2008|22:15] C:\Program Files\Fichiers communs\Apple
[13/01/2008|01:29] C:\Program Files\Fichiers communs\Designer
[14/08/2008|13:40] C:\Program Files\Fichiers communs\Elecard
[20/02/2008|15:52] C:\Program Files\Fichiers communs\InstallShield
[20/01/2008|16:51] C:\Program Files\Fichiers communs\LightScribe
[13/01/2008|01:19] C:\Program Files\Fichiers communs\Logitech
[13/01/2008|12:24] C:\Program Files\Fichiers communs\MGI Shared
[15/04/2008|18:45] C:\Program Files\Fichiers communs\Microsoft Shared
[13/01/2008|01:05] C:\Program Files\Fichiers communs\MSSoap
[13/01/2008|01:00] C:\Program Files\Fichiers communs\ODBC
[19/02/2008|16:10] C:\Program Files\Fichiers communs\Services
[14/08/2008|13:40] C:\Program Files\Fichiers communs\Solveig Multimedia
[13/01/2008|01:00] C:\Program Files\Fichiers communs\SpeechEngines
[16/03/2008|03:36] C:\Program Files\Fichiers communs\System
[04/08/2008|15:38] C:\Program Files\Fichiers communs\Teknum Systems
[15/04/2008|18:44] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 46 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 16:37:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:3409][D:104]-> C:\DOCUME~1\Carina\LOCALS~1\Temp
[F:797][D:0]-> C:\DOCUME~1\Carina\Cookies
[F:6864][D:22]-> C:\DOCUME~1\Carina\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 21/09/2008|16:28 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 21/09/2008|16:39 - Option : [2]
--------------------\\ Fin du rapport a 16:39:21
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor )
BIOS : Default System BIOS
USER : Carina ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 35 Go Free : 15 Go
D:\ (Local Disk) - NTFS - Total : 74 Go Free : 58 Go
Q:\ (CD or DVD)
R:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [2] ( 21/09/2008|16:35 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative\GRID PART.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative\HOLD HIDE.exe
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\option~1\2 Bin Flag.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\2 Bin Flag.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\fsbyknji.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\Funk itch play.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\gkgbssat.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\lpjgzksa.exe
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1\MPEGVGAOKAYCURB.exe
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1\2 Bin Flag.exe
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1\Funk itch play.exe
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1\MPEGVGAOKAYCURB.exe
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1\txghbxui.exe
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@advertstream[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@orbitdownloader[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@search.orbitdownloader[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@www.orbitdownloader[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@casinoking[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@partypoker[1].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@32vegas[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\Carina\Cookies\carina@blogs.lasvegasmagazine[2].txt
Supprime! - C:\WINDOWS\Tasks\AB58F4AF91876BCB.job
Supprime! - C:\WINDOWS\Tasks\AE9B38C79188A93B.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\aim rect help creative
Supprime! - C:\DOCUME~1\ALAIN\APPLIC~1\option~1
Supprime! - C:\DOCUME~1\Carina\APPLIC~1\option~1
Supprime! - C:\DOCUME~1\Romain\APPLIC~1\option~1
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[13/01/2008|01:32] C:\DOCUME~1\ALAIN\APPLIC~1\Adobe
[22/02/2008|00:05] C:\DOCUME~1\ALAIN\APPLIC~1\AdobeUM
[24/02/2008|20:31] C:\DOCUME~1\ALAIN\APPLIC~1\ArcSoft
[13/01/2008|14:26] C:\DOCUME~1\ALAIN\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[16/01/2008|00:07] C:\DOCUME~1\ALAIN\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[13/01/2008|01:12] C:\DOCUME~1\ALAIN\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\ALAIN\APPLIC~1\InterTrust
[13/01/2008|10:57] C:\DOCUME~1\ALAIN\APPLIC~1\Macromedia
[07/09/2008|17:16] C:\DOCUME~1\ALAIN\APPLIC~1\Microsoft
[28/06/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/08/2008|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[19/02/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alexandra Ledermann 8
[05/07/2008|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[05/07/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[16/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[21/09/2008|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[15/01/2008|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[15/04/2008|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/02/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[15/08/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[14/08/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero(2)
[13/01/2008|01:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[26/04/2008|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[20/02/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/04/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/02/2008|15:06] C:\DOCUME~1\Carina\APPLIC~1\Adobe
[28/06/2008|17:16] C:\DOCUME~1\Carina\APPLIC~1\AdobeUM
[22/07/2008|20:08] C:\DOCUME~1\Carina\APPLIC~1\Ahead
[05/07/2008|22:22] C:\DOCUME~1\Carina\APPLIC~1\Apple Computer
[20/02/2008|16:00] C:\DOCUME~1\Carina\APPLIC~1\ArcSoft
[14/08/2008|13:44] C:\DOCUME~1\Carina\APPLIC~1\Creative
[13/01/2008|11:39] C:\DOCUME~1\Carina\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[06/04/2008|15:10] C:\DOCUME~1\Carina\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[14/08/2008|18:47] C:\DOCUME~1\Carina\APPLIC~1\GrabPro
[20/02/2008|16:58] C:\DOCUME~1\Carina\APPLIC~1\Help
[13/01/2008|01:12] C:\DOCUME~1\Carina\APPLIC~1\Identities
[19/02/2008|18:40] C:\DOCUME~1\Carina\APPLIC~1\InstallShield
[13/01/2008|01:32] C:\DOCUME~1\Carina\APPLIC~1\InterTrust
[16/04/2008|20:23] C:\DOCUME~1\Carina\APPLIC~1\Macromedia
[21/09/2008|10:35] C:\DOCUME~1\Carina\APPLIC~1\Malwarebytes
[13/01/2008|12:24] C:\DOCUME~1\Carina\APPLIC~1\MGI
[15/04/2008|18:39] C:\DOCUME~1\Carina\APPLIC~1\Microsoft
[19/02/2008|17:46] C:\DOCUME~1\Carina\APPLIC~1\MSN6
[17/07/2008|14:51] C:\DOCUME~1\Carina\APPLIC~1\OpenOffice.org2
[14/08/2008|18:55] C:\DOCUME~1\Carina\APPLIC~1\Orbit
[20/02/2008|16:01] C:\DOCUME~1\Carina\APPLIC~1\Panasonic
[20/02/2008|20:06] C:\DOCUME~1\Carina\APPLIC~1\SecuROM
[13/01/2008|17:47] C:\DOCUME~1\Carina\APPLIC~1\vlc
[15/04/2008|19:26] C:\DOCUME~1\Carina\APPLIC~1\Windows Live Writer
[16/04/2008|19:12] C:\DOCUME~1\Carina\APPLIC~1\WinRAR
[13/01/2008|01:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[13/01/2008|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[13/01/2008|01:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[29/05/2008|22:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[13/01/2008|01:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/01/2008|01:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/01/2008|01:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[13/01/2008|01:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterTrust
[13/01/2008|01:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[14/02/2008|18:44] C:\DOCUME~1\Romain\APPLIC~1\Adobe
[17/02/2008|11:32] C:\DOCUME~1\Romain\APPLIC~1\AdobeUM
[18/01/2008|18:18] C:\DOCUME~1\Romain\APPLIC~1\Ahead
[27/07/2008|10:25] C:\DOCUME~1\Romain\APPLIC~1\Apple Computer
[25/08/2008|19:11] C:\DOCUME~1\Romain\APPLIC~1\DivX
[16/01/2008|00:42] C:\DOCUME~1\Romain\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/01/2008|19:11] C:\DOCUME~1\Romain\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[19/01/2008|11:08] C:\DOCUME~1\Romain\APPLIC~1\Help
[13/01/2008|01:12] C:\DOCUME~1\Romain\APPLIC~1\Identities
[13/01/2008|01:32] C:\DOCUME~1\Romain\APPLIC~1\InterTrust
[17/01/2008|19:14] C:\DOCUME~1\Romain\APPLIC~1\Macromedia
[25/08/2008|18:57] C:\DOCUME~1\Romain\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[21/09/2008 10:03][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|17:12] C:\Program Files\Adobe
[13/01/2008|12:34] C:\Program Files\Alwil Software
[05/07/2008|22:16] C:\Program Files\Apple Software Update
[20/02/2008|15:49] C:\Program Files\ArcSoft
[21/02/2008|17:35] C:\Program Files\ATI Technologies
[13/01/2008|01:25] C:\Program Files\Audioneer
[13/01/2008|01:23] C:\Program Files\BackWeb
[13/01/2008|01:05] C:\Program Files\ComPlus Applications
[13/01/2008|01:30] C:\Program Files\DesignPro 2000
[19/02/2008|16:57] C:\Program Files\DivX
[13/01/2008|11:02] C:\Program Files\D-Link
[14/09/2008|16:20] C:\Program Files\EHMINSTALL
[14/08/2008|13:11] C:\Program Files\Fichiers communs
[13/01/2008|01:30] C:\Program Files\HandyBits
[17/04/2008|10:35] C:\Program Files\Hewlett-Packard
[14/08/2008|13:44] C:\Program Files\InstallShield Installation Information
[14/08/2008|21:59] C:\Program Files\Internet Explorer
[14/08/2008|22:03] C:\Program Files\Messenger
[30/08/2008|09:04] C:\Program Files\Messenger Plus! Live
[13/01/2008|12:24] C:\Program Files\MGI
[26/04/2008|17:33] C:\Program Files\Micro Application
[13/01/2008|01:08] C:\Program Files\microsoft frontpage
[13/01/2008|11:49] C:\Program Files\Microsoft Games
[13/01/2008|01:31] C:\Program Files\Microsoft Money
[19/02/2008|16:55] C:\Program Files\Microsoft Office
[15/04/2008|18:46] C:\Program Files\Microsoft SQL Server Compact Edition
[13/01/2008|01:19] C:\Program Files\MouseWare
[20/02/2008|21:01] C:\Program Files\Movie Maker
[15/04/2008|18:54] C:\Program Files\MSN
[13/01/2008|01:04] C:\Program Files\MSN Gaming Zone
[21/09/2008|15:55] C:\Program Files\Navilog1
[15/01/2008|17:23] C:\Program Files\Nero
[20/02/2008|20:57] C:\Program Files\NetMeeting
[16/04/2008|20:57] C:\Program Files\OpenOffice.org 2.1
[16/03/2008|03:36] C:\Program Files\Outlook Express
[20/02/2008|15:51] C:\Program Files\Panasonic
[13/01/2008|02:06] C:\Program Files\Prassi PrimoDVD 2.0 (French)
[05/07/2008|22:19] C:\Program Files\QuickTime
[19/02/2008|16:57] C:\Program Files\QuickTime(2)
[13/01/2008|01:31] C:\Program Files\SBApps
[13/01/2008|17:33] C:\Program Files\Screensaver Wonder 4
[13/01/2008|01:04] C:\Program Files\Services en ligne
[26/06/2008|19:32] C:\Program Files\SimTractor 3.5
[14/08/2008|13:44] C:\Program Files\SimTractor 4.0
[13/01/2008|01:27] C:\Program Files\Surfairy
[13/01/2008|11:06] C:\Program Files\TELE2
[21/09/2008|00:28] C:\Program Files\Trend Micro
[18/02/2008|22:36] C:\Program Files\Uninstall Information
[13/01/2008|17:35] C:\Program Files\VideoLAN
[16/04/2008|20:11] C:\Program Files\VirginMega
[17/04/2008|11:02] C:\Program Files\Windows Live
[19/09/2008|21:32] C:\Program Files\Windows Media Connect 2
[15/04/2008|23:12] C:\Program Files\Windows Media Player
[16/01/2008|00:16] C:\Program Files\Windows Messaging
[20/02/2008|20:57] C:\Program Files\Windows NT
[13/01/2008|14:49] C:\Program Files\WindowsUpdate
[13/01/2008|01:08] C:\Program Files\xerox
[15/08/2008|09:59] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/02/2008|20:29] C:\Program Files\Fichiers communs\Adobe
[15/08/2008|13:11] C:\Program Files\Fichiers communs\Ahead
[05/07/2008|22:15] C:\Program Files\Fichiers communs\Apple
[13/01/2008|01:29] C:\Program Files\Fichiers communs\Designer
[14/08/2008|13:40] C:\Program Files\Fichiers communs\Elecard
[20/02/2008|15:52] C:\Program Files\Fichiers communs\InstallShield
[20/01/2008|16:51] C:\Program Files\Fichiers communs\LightScribe
[13/01/2008|01:19] C:\Program Files\Fichiers communs\Logitech
[13/01/2008|12:24] C:\Program Files\Fichiers communs\MGI Shared
[15/04/2008|18:45] C:\Program Files\Fichiers communs\Microsoft Shared
[13/01/2008|01:05] C:\Program Files\Fichiers communs\MSSoap
[13/01/2008|01:00] C:\Program Files\Fichiers communs\ODBC
[19/02/2008|16:10] C:\Program Files\Fichiers communs\Services
[14/08/2008|13:40] C:\Program Files\Fichiers communs\Solveig Multimedia
[13/01/2008|01:00] C:\Program Files\Fichiers communs\SpeechEngines
[16/03/2008|03:36] C:\Program Files\Fichiers communs\System
[04/08/2008|15:38] C:\Program Files\Fichiers communs\Teknum Systems
[15/04/2008|18:44] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 46 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 16:37:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:3409][D:104]-> C:\DOCUME~1\Carina\LOCALS~1\Temp
[F:797][D:0]-> C:\DOCUME~1\Carina\Cookies
[F:6864][D:22]-> C:\DOCUME~1\Carina\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 21/09/2008|16:28 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 21/09/2008|16:39 - Option : [2]
--------------------\\ Fin du rapport a 16:39:21
ça devient bon
Installe ccleaner ici:https://www.malekal.com/tutoriel-ccleaner/
Dans l'onglet "options"; "avancé"; décoche "effacer uniquement les fichiers de plus de 48 H"
Lance l'analyse et ensuite le nettoyage
Ensuite reposte un scan hijackhis
Installe ccleaner ici:https://www.malekal.com/tutoriel-ccleaner/
Dans l'onglet "options"; "avancé"; décoche "effacer uniquement les fichiers de plus de 48 H"
Lance l'analyse et ensuite le nettoyage
Ensuite reposte un scan hijackhis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:17, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Global Startup: Hp psc 700 series.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Scan saved at 17:18:17, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Global Startup: Hp psc 700 series.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
re
relance un scan et fixe ces lignes superflues:
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Tuto si necessaire ici:http://www.malekal.com/tutorial_HijackThis.ph
Ton log est propre
Change d'anti virus :lis ça:https://forum.malekal.com/viewtopic.php?f=45&t=3528
Fait ceci:http://www.libellules.ch/desactiver_restauration.php
relance un scan et fixe ces lignes superflues:
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Tuto si necessaire ici:http://www.malekal.com/tutorial_HijackThis.ph
Ton log est propre
Change d'anti virus :lis ça:https://forum.malekal.com/viewtopic.php?f=45&t=3528
Fait ceci:http://www.libellules.ch/desactiver_restauration.php
Merci, pour les lignes c'est fait. Par-contre, pourquoi dois-je désactiver la restauration du système, c'est indispensable ?
Re
As tu encore des problèmes de pub intempestives?
Utilises Firefox avec extensions Adblock; No script
Plus sur pour naviguer voir ceci:http://forum.malekal.com/viewtopic.php?f=45&t=4959
Vaccines Internet explorer avec ceci:https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/28872.html
Tuto ici:https://kerio.probb.fr/t241-tuto-spywareblaster
As tu encore des problèmes de pub intempestives?
Utilises Firefox avec extensions Adblock; No script
Plus sur pour naviguer voir ceci:http://forum.malekal.com/viewtopic.php?f=45&t=4959
Vaccines Internet explorer avec ceci:https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/28872.html
Tuto ici:https://kerio.probb.fr/t241-tuto-spywareblaster
Non, non plus aucun problème : pas de pubs, mon ordi fonctionne à un rythme normal, il ne se bloque plus...
Merci beaucoup pour ton aide !
Merci beaucoup pour ton aide !
