Sujet Précédent Sujet Suivant

Ordi rame ++ : rapport hijackthis

Résolu
Utilisateur anonyme -  
geoffrey5 Messages postés 14008 Statut Contributeur sécurité -
Bonjour,
navigation ralentie, pas de virus trouvé,
je n'arrive plus à ouvrir certains sites...
besoin d'aide!!
merci!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:07:23, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Vidal\Communs\Vidal.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: PrintMe - {97387E2B-B2FA-4E4A-A607-F3B5C134F71C} - C:\Program Files\EFI\PrintMeToolbar\htpmcap.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: PrintMe - {97387E2B-B2FA-4E4A-A607-F3B5C134F71C} - C:\Program Files\EFI\PrintMeToolbar\htpmcap.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [vdlDeamon] C:\Program Files\Vidal\Communs\Vidal.exe
O4 - HKLM\..\Run: [Option Bib Logo Log] C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB\phone meta.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [download curb] C:\DOCUME~1\FLOREN~1\APPLIC~1\DELETE~1\Jump remote.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
A voir également:

24 réponses

  • 1
  • 2
Réponse 1 / 24
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Salut !!

▶ Télécharge Toolbar-S&D (Team IDN) sur ton Bureau à cette adresse :

(c est le numéro 6 en bas de la page) : https://www.androidworld.fr/

▶ Lance l'installation du programme en exécutant le fichier téléchargé.
▶ Double-clique maintenant sur le raccourci de Toolbar-S&D.
▶ Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
▶ Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
▶ Poste le rapport généré. (C:\TB.txt)
0
Réponse 2 / 24
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Salut,

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
0
Réponse 3 / 24
Utilisateur anonyme
 
VOILA POUR LE RAPPORT LOP S&D
--------------------\\ Lop S&D 4.2.3-6 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : florence bovay ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)

"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
Option : [1] ( 21/09/2008|12:19 )

--------------------\\ Listing des dossiers dans APPLIC~1

[02/08/2008|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/07/2007|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/09/2006|08:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[28/08/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[17/03/2005|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/06/2007|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/02/2006|23:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[24/09/2006|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[02/04/2008|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
[15/06/2007|08:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[12/02/2006|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/10/2007|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[29/12/2005|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[17/03/2005|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/10/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/11/2005|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[24/10/2005|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[25/09/2006|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[16/03/2008|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/10/2007|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[18/03/2005|09:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[18/03/2005|09:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[17/03/2005|10:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[17/03/2005|10:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/03/2005|16:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/03/2005|09:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[18/03/2005|10:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[17/03/2005|13:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba

[06/01/2007|18:05] C:\DOCUME~1\FLOREN~1\APPLIC~1\3M
[21/04/2008|20:34] C:\DOCUME~1\FLOREN~1\APPLIC~1\Adobe
[02/08/2008|13:28] C:\DOCUME~1\FLOREN~1\APPLIC~1\AdobeUM
[16/09/2006|20:27] C:\DOCUME~1\FLOREN~1\APPLIC~1\Apple Computer
[04/09/2005|09:58] C:\DOCUME~1\FLOREN~1\APPLIC~1\ArcSoft
[11/04/2008|19:01] C:\DOCUME~1\FLOREN~1\APPLIC~1\DeleteLessMail
[17/03/2005|10:13] C:\DOCUME~1\FLOREN~1\APPLIC~1\desktop.ini
[04/09/2005|10:06] C:\DOCUME~1\FLOREN~1\APPLIC~1\FotoWire
[04/05/2006|20:26] C:\DOCUME~1\FLOREN~1\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[21/09/2006|22:11] C:\DOCUME~1\FLOREN~1\APPLIC~1\Google
[28/10/2005|14:53] C:\DOCUME~1\FLOREN~1\APPLIC~1\Help
[01/02/2006|23:05] C:\DOCUME~1\FLOREN~1\APPLIC~1\Hewlett-PackardHP PSC 1500 series1138827603_API.log
[24/09/2006|17:13] C:\DOCUME~1\FLOREN~1\APPLIC~1\Hewlett-PackardHP PSC 1500 series1138827603_PROTOCOL.log
[01/02/2006|23:05] C:\DOCUME~1\FLOREN~1\APPLIC~1\Hewlett-PackardHP PSC 1500 series1138827603_UI.log
[01/02/2006|23:05] C:\DOCUME~1\FLOREN~1\APPLIC~1\HP
[04/05/2006|20:31] C:\DOCUME~1\FLOREN~1\APPLIC~1\HPSU_48BitScanUpdate.log
[17/03/2005|10:03] C:\DOCUME~1\FLOREN~1\APPLIC~1\Identities
[19/01/2008|16:25] C:\DOCUME~1\FLOREN~1\APPLIC~1\Image Zone Express
[06/09/2005|18:58] C:\DOCUME~1\FLOREN~1\APPLIC~1\InterVideo
[03/09/2005|12:24] C:\DOCUME~1\FLOREN~1\APPLIC~1\Macromedia
[28/08/2008|17:11] C:\DOCUME~1\FLOREN~1\APPLIC~1\Microsoft
[06/12/2005|21:50] C:\DOCUME~1\FLOREN~1\APPLIC~1\Microsoft Web Folders
[04/09/2006|21:53] C:\DOCUME~1\FLOREN~1\APPLIC~1\Mozilla
[04/09/2005|00:21] C:\DOCUME~1\FLOREN~1\APPLIC~1\MSNInstaller
[02/12/2006|02:12] C:\DOCUME~1\FLOREN~1\APPLIC~1\PatchUpdate_HP_CounterReport_Update_HPSU.log
[18/08/2008|23:36] C:\DOCUME~1\FLOREN~1\APPLIC~1\Real
[18/03/2005|09:52] C:\DOCUME~1\FLOREN~1\APPLIC~1\Sonic
[22/11/2005|19:04] C:\DOCUME~1\FLOREN~1\APPLIC~1\Sun
[03/09/2005|22:01] C:\DOCUME~1\FLOREN~1\APPLIC~1\Symantec
[05/03/2007|22:57] C:\DOCUME~1\FLOREN~1\APPLIC~1\Talkback
[17/03/2005|13:54] C:\DOCUME~1\FLOREN~1\APPLIC~1\toshiba
[30/08/2008|15:22] C:\DOCUME~1\FLOREN~1\APPLIC~1\U3
[04/05/2006|20:01] C:\DOCUME~1\FLOREN~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log

[28/08/2008|17:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[20/01/2006|18:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot

[02/08/2008|13:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[20/01/2006|21:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Webroot

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[01/09/2008 22:42][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[21/09/2008 12:00][--ah-----] C:\WINDOWS\tasks\AD2F42CA91ACF5A2.job
[21/09/2008 11:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( AD2F42CA91ACF5A2.job )=( c:\docume~1\floren~1\applic~1\delete~1\okayidleamen.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[13/06/2007|10:02] C:\Program Files\Adobe
[22/09/2007|17:30] C:\Program Files\Air France TravelDesk
[22/09/2007|18:16] C:\Program Files\Alwil Software
[13/10/2007|22:10] C:\Program Files\Antipub
[17/03/2005|11:39] C:\Program Files\Apoint2K
[28/08/2008|19:13] C:\Program Files\Apple Software Update
[04/09/2005|09:57] C:\Program Files\ArcSoft
[27/08/2008|12:07] C:\Program Files\a-squared Free
[17/03/2005|12:02] C:\Program Files\Atheros
[02/08/2008|13:22] C:\Program Files\AVG
[28/08/2008|19:04] C:\Program Files\Bonjour
[04/09/2005|09:49] C:\Program Files\Canon
[14/10/2007|20:44] C:\Program Files\Casperlab Software
[30/01/2006|11:16] C:\Program Files\CCleaner
[11/04/2008|19:01] C:\Program Files\Circle Developement
[17/03/2005|09:18] C:\Program Files\ComPlus Applications
[30/03/2008|20:59] C:\Program Files\DeleteLessMail
[16/11/2006|02:16] C:\Program Files\EFI
[19/09/2008|15:05] C:\Program Files\eMule
[22/08/2008|18:44] C:\Program Files\Fichiers communs
[29/04/2006|19:11] C:\Program Files\Fnacmusic
[13/06/2007|09:58] C:\Program Files\Google
[02/08/2008|13:11] C:\Program Files\Grisoft
[01/02/2006|22:57] C:\Program Files\Hewlett-Packard
[04/07/2006|07:48] C:\Program Files\HP
[22/08/2008|19:07] C:\Program Files\InstallShield Installation Information
[17/03/2005|11:32] C:\Program Files\Intel
[19/08/2008|00:00] C:\Program Files\Internet Explorer
[03/09/2005|12:16] C:\Program Files\InterVideo
[28/08/2008|19:10] C:\Program Files\iPod
[28/08/2008|19:11] C:\Program Files\iTunes
[17/03/2005|09:30] C:\Program Files\Java
[04/09/2005|10:06] C:\Program Files\Logitech
[17/03/2005|11:56] C:\Program Files\ltmoh
[19/08/2008|00:03] C:\Program Files\Messenger
[30/03/2008|20:58] C:\Program Files\Messenger Plus! Live
[10/05/2007|21:53] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[17/03/2005|09:21] C:\Program Files\microsoft frontpage
[10/11/2006|17:08] C:\Program Files\Microsoft Office
[30/03/2005|10:07] C:\Program Files\Microsoft Works
[18/03/2005|10:58] C:\Program Files\Microsoft.NET
[17/03/2005|09:19] C:\Program Files\Movie Maker
[22/09/2007|18:09] C:\Program Files\Mozilla Firefox
[04/09/2005|00:12] C:\Program Files\MSN
[18/01/2007|23:12] C:\Program Files\MSN Apps
[17/03/2005|09:17] C:\Program Files\MSN Gaming Zone
[14/10/2006|10:00] C:\Program Files\MSXML 4.0
[22/10/2007|22:29] C:\Program Files\Navilog1
[17/03/2005|09:19] C:\Program Files\NetMeeting
[17/03/2005|09:18] C:\Program Files\Online Services
[14/10/2007|21:13] C:\Program Files\Onlstsvc
[09/02/2007|17:31] C:\Program Files\Orange HSS
[09/02/2007|17:45] C:\Program Files\OrangeHSS
[14/06/2007|20:33] C:\Program Files\Outlook Express
[21/01/2006|16:16] C:\Program Files\Oxilog
[20/12/2006|00:23] C:\Program Files\PDFCreator
[26/08/2008|20:05] C:\Program Files\QuickTime
[28/03/2006|13:22] C:\Program Files\Real
[22/09/2007|18:12] C:\Program Files\Rio
[29/10/2005|22:44] C:\Program Files\SAGEM
[17/03/2005|09:19] C:\Program Files\Services en ligne
[12/11/2006|21:57] C:\Program Files\SLD Codec Pack
[17/03/2005|13:52] C:\Program Files\Sonic
[15/10/2007|08:45] C:\Program Files\Spybot - Search & Destroy
[13/11/2005|16:15] C:\Program Files\Symantec
[30/03/2005|06:31] C:\Program Files\TOSHIBA
[28/08/2008|17:37] C:\Program Files\Trend Micro
[22/03/2005|16:07] C:\Program Files\Uninstall Information
[19/11/2007|09:52] C:\Program Files\VIDAL
[21/09/2008|12:08] C:\Program Files\Wanadoo
[16/03/2008|11:18] C:\Program Files\Windows Live
[01/10/2006|22:22] C:\Program Files\Windows Live Toolbar
[17/12/2006|17:56] C:\Program Files\Windows Media Connect 2
[02/10/2007|19:21] C:\Program Files\Windows Media Player
[17/03/2005|09:17] C:\Program Files\Windows NT
[17/03/2005|09:19] C:\Program Files\WindowsUpdate
[17/03/2005|09:21] C:\Program Files\xerox
[14/10/2007|20:52] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[02/08/2008|13:30] C:\Program Files\Fichiers communs\Adobe
[05/07/2007|22:29] C:\Program Files\Fichiers communs\Apple
[10/11/2006|17:09] C:\Program Files\Fichiers communs\DESIGNER
[04/09/2005|10:06] C:\Program Files\Fichiers communs\FotoWire
[09/02/2007|17:26] C:\Program Files\Fichiers communs\France Telecom
[01/02/2006|22:56] C:\Program Files\Fichiers communs\Hewlett-Packard
[04/07/2006|07:48] C:\Program Files\Fichiers communs\HP
[17/03/2005|12:15] C:\Program Files\Fichiers communs\InstallShield
[17/03/2005|09:30] C:\Program Files\Fichiers communs\Java
[04/09/2005|10:03] C:\Program Files\Fichiers communs\Logitech
[02/08/2008|13:23] C:\Program Files\Fichiers communs\Microsoft Shared
[17/03/2005|09:19] C:\Program Files\Fichiers communs\MSSoap
[17/03/2005|10:13] C:\Program Files\Fichiers communs\ODBC
[21/08/2008|10:34] C:\Program Files\Fichiers communs\Real
[17/03/2005|09:19] C:\Program Files\Fichiers communs\Services
[06/01/2007|09:50] C:\Program Files\Fichiers communs\Softwin
[17/03/2005|10:13] C:\Program Files\Fichiers communs\SpeechEngines
[12/11/2005|23:24] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|20:33] C:\Program Files\Fichiers communs\System
[16/03/2008|11:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[21/08/2008|10:34] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 75 Processus )

IEXPLORE.EXE ~ [PID:3252]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\FLOREN~1\APPLIC~1\DeleteLessMail
C:\Program Files\DeleteLessMail
C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
C:\DOCUME~1\FLOREN~1\APPLIC~1\delete~1
C:\Program Files\delete~1
C:\Program Files\Circle Developement
C:\DOCUME~1\FLOREN~1\Cookies\florence_bovay@adopt.euroclick[2].txt
C:\WINDOWS\Tasks\AD2F42CA91ACF5A2.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"download curb"="C:\\DOCUME~1\\FLOREN~1\\APPLIC~1\\DELETE~1\\Jump remote.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Option Bib Logo Log"="C:\\Documents and Settings\\All Users\\Application Data\\LICENSE ADMIN OPTION BIB\\phone meta.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 12:19:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 7

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\copie i tunes\02 Crack Maniac.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\02 Crack Maniac 1.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\08 Point d'Orgue.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\The Spinto Band\Nice And Nicely Done\06 Crack The Whip.wma

[F:185][D:8]-> C:\DOCUME~1\FLOREN~1\LOCALS~1\Temp
[F:215][D:0]-> C:\DOCUME~1\FLOREN~1\Cookies
[F:20329][D:31]-> C:\DOCUME~1\FLOREN~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 12:22:57
0
Réponse 4 / 24
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 24
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ensuite fais toolbarSD stp^^
0
Réponse 6 / 24
Utilisateur anonyme
 
--------------------\\ Lop S&D 4.2.3-6 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : florence bovay ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)

"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )
Option : [2] ( 21/09/2008|12:50 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\FLOREN~1\Cookies\florence_bovay@adopt.euroclick[2].txt
Supprime! - C:\WINDOWS\Tasks\AD2F42CA91ACF5A2.job
Supprime! - C:\DOCUME~1\FLOREN~1\APPLIC~1\DeleteLessMail
Supprime! - C:\Program Files\DeleteLessMail
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[02/08/2008|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/07/2007|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/09/2006|08:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[28/08/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[17/03/2005|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/06/2007|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/02/2006|23:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[24/09/2006|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[15/06/2007|08:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[12/02/2006|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/10/2007|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[29/12/2005|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[17/03/2005|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/10/2007|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/11/2005|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[24/10/2005|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[25/09/2006|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[16/03/2008|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/10/2007|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[18/03/2005|09:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[18/03/2005|09:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[17/03/2005|10:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[17/03/2005|10:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/03/2005|16:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/03/2005|09:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[18/03/2005|10:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[17/03/2005|13:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba

[06/01/2007|18:05] C:\DOCUME~1\FLOREN~1\APPLIC~1\3M
[21/04/2008|20:34] C:\DOCUME~1\FLOREN~1\APPLIC~1\Adobe
[02/08/2008|13:28] C:\DOCUME~1\FLOREN~1\APPLIC~1\AdobeUM
[16/09/2006|20:27] C:\DOCUME~1\FLOREN~1\APPLIC~1\Apple Computer
[04/09/2005|09:58] C:\DOCUME~1\FLOREN~1\APPLIC~1\ArcSoft
[17/03/2005|10:13] C:\DOCUME~1\FLOREN~1\APPLIC~1\desktop.ini
[04/09/2005|10:06] C:\DOCUME~1\FLOREN~1\APPLIC~1\FotoWire
[04/05/2006|20:26] C:\DOCUME~1\FLOREN~1\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[21/09/2006|22:11] C:\DOCUME~1\FLOREN~1\APPLIC~1\Google
[28/10/2005|14:53] C:\DOCUME~1\FLOREN~1\APPLIC~1\Help
[01/02/2006|23:05] C:\DOCUME~1\FLOREN~1\APPLIC~1\Hewlett-PackardHP PSC 1500 series1138827603_API.log
[24/09/2006|17:13] C:\DOCUME~1\FLOREN~1\APPLIC~1\Hewlett-PackardHP PSC 1500 series1138827603_PROTOCOL.log
[01/02/2006|23:05] C:\DOCUME~1\FLOREN~1\APPLIC~1\Hewlett-PackardHP PSC 1500 series1138827603_UI.log
[01/02/2006|23:05] C:\DOCUME~1\FLOREN~1\APPLIC~1\HP
[04/05/2006|20:31] C:\DOCUME~1\FLOREN~1\APPLIC~1\HPSU_48BitScanUpdate.log
[17/03/2005|10:03] C:\DOCUME~1\FLOREN~1\APPLIC~1\Identities
[19/01/2008|16:25] C:\DOCUME~1\FLOREN~1\APPLIC~1\Image Zone Express
[06/09/2005|18:58] C:\DOCUME~1\FLOREN~1\APPLIC~1\InterVideo
[03/09/2005|12:24] C:\DOCUME~1\FLOREN~1\APPLIC~1\Macromedia
[28/08/2008|17:11] C:\DOCUME~1\FLOREN~1\APPLIC~1\Microsoft
[06/12/2005|21:50] C:\DOCUME~1\FLOREN~1\APPLIC~1\Microsoft Web Folders
[04/09/2006|21:53] C:\DOCUME~1\FLOREN~1\APPLIC~1\Mozilla
[04/09/2005|00:21] C:\DOCUME~1\FLOREN~1\APPLIC~1\MSNInstaller
[02/12/2006|02:12] C:\DOCUME~1\FLOREN~1\APPLIC~1\PatchUpdate_HP_CounterReport_Update_HPSU.log
[18/08/2008|23:36] C:\DOCUME~1\FLOREN~1\APPLIC~1\Real
[18/03/2005|09:52] C:\DOCUME~1\FLOREN~1\APPLIC~1\Sonic
[22/11/2005|19:04] C:\DOCUME~1\FLOREN~1\APPLIC~1\Sun
[03/09/2005|22:01] C:\DOCUME~1\FLOREN~1\APPLIC~1\Symantec
[05/03/2007|22:57] C:\DOCUME~1\FLOREN~1\APPLIC~1\Talkback
[17/03/2005|13:54] C:\DOCUME~1\FLOREN~1\APPLIC~1\toshiba
[30/08/2008|15:22] C:\DOCUME~1\FLOREN~1\APPLIC~1\U3
[04/05/2006|20:01] C:\DOCUME~1\FLOREN~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log

[28/08/2008|17:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[20/01/2006|18:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot

[02/08/2008|13:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[20/01/2006|21:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Webroot

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[01/09/2008 22:42][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[21/09/2008 11:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[13/06/2007|10:02] C:\Program Files\Adobe
[22/09/2007|17:30] C:\Program Files\Air France TravelDesk
[22/09/2007|18:16] C:\Program Files\Alwil Software
[13/10/2007|22:10] C:\Program Files\Antipub
[17/03/2005|11:39] C:\Program Files\Apoint2K
[28/08/2008|19:13] C:\Program Files\Apple Software Update
[04/09/2005|09:57] C:\Program Files\ArcSoft
[27/08/2008|12:07] C:\Program Files\a-squared Free
[17/03/2005|12:02] C:\Program Files\Atheros
[02/08/2008|13:22] C:\Program Files\AVG
[28/08/2008|19:04] C:\Program Files\Bonjour
[04/09/2005|09:49] C:\Program Files\Canon
[14/10/2007|20:44] C:\Program Files\Casperlab Software
[30/01/2006|11:16] C:\Program Files\CCleaner
[17/03/2005|09:18] C:\Program Files\ComPlus Applications
[16/11/2006|02:16] C:\Program Files\EFI
[19/09/2008|15:05] C:\Program Files\eMule
[22/08/2008|18:44] C:\Program Files\Fichiers communs
[29/04/2006|19:11] C:\Program Files\Fnacmusic
[13/06/2007|09:58] C:\Program Files\Google
[02/08/2008|13:11] C:\Program Files\Grisoft
[01/02/2006|22:57] C:\Program Files\Hewlett-Packard
[04/07/2006|07:48] C:\Program Files\HP
[22/08/2008|19:07] C:\Program Files\InstallShield Installation Information
[17/03/2005|11:32] C:\Program Files\Intel
[19/08/2008|00:00] C:\Program Files\Internet Explorer
[03/09/2005|12:16] C:\Program Files\InterVideo
[28/08/2008|19:10] C:\Program Files\iPod
[28/08/2008|19:11] C:\Program Files\iTunes
[17/03/2005|09:30] C:\Program Files\Java
[04/09/2005|10:06] C:\Program Files\Logitech
[17/03/2005|11:56] C:\Program Files\ltmoh
[19/08/2008|00:03] C:\Program Files\Messenger
[30/03/2008|20:58] C:\Program Files\Messenger Plus! Live
[10/05/2007|21:53] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[17/03/2005|09:21] C:\Program Files\microsoft frontpage
[10/11/2006|17:08] C:\Program Files\Microsoft Office
[30/03/2005|10:07] C:\Program Files\Microsoft Works
[18/03/2005|10:58] C:\Program Files\Microsoft.NET
[17/03/2005|09:19] C:\Program Files\Movie Maker
[22/09/2007|18:09] C:\Program Files\Mozilla Firefox
[04/09/2005|00:12] C:\Program Files\MSN
[18/01/2007|23:12] C:\Program Files\MSN Apps
[17/03/2005|09:17] C:\Program Files\MSN Gaming Zone
[14/10/2006|10:00] C:\Program Files\MSXML 4.0
[22/10/2007|22:29] C:\Program Files\Navilog1
[17/03/2005|09:19] C:\Program Files\NetMeeting
[17/03/2005|09:18] C:\Program Files\Online Services
[14/10/2007|21:13] C:\Program Files\Onlstsvc
[09/02/2007|17:31] C:\Program Files\Orange HSS
[09/02/2007|17:45] C:\Program Files\OrangeHSS
[14/06/2007|20:33] C:\Program Files\Outlook Express
[21/01/2006|16:16] C:\Program Files\Oxilog
[20/12/2006|00:23] C:\Program Files\PDFCreator
[26/08/2008|20:05] C:\Program Files\QuickTime
[28/03/2006|13:22] C:\Program Files\Real
[22/09/2007|18:12] C:\Program Files\Rio
[29/10/2005|22:44] C:\Program Files\SAGEM
[17/03/2005|09:19] C:\Program Files\Services en ligne
[12/11/2006|21:57] C:\Program Files\SLD Codec Pack
[17/03/2005|13:52] C:\Program Files\Sonic
[15/10/2007|08:45] C:\Program Files\Spybot - Search & Destroy
[13/11/2005|16:15] C:\Program Files\Symantec
[30/03/2005|06:31] C:\Program Files\TOSHIBA
[28/08/2008|17:37] C:\Program Files\Trend Micro
[22/03/2005|16:07] C:\Program Files\Uninstall Information
[19/11/2007|09:52] C:\Program Files\VIDAL
[21/09/2008|12:08] C:\Program Files\Wanadoo
[16/03/2008|11:18] C:\Program Files\Windows Live
[01/10/2006|22:22] C:\Program Files\Windows Live Toolbar
[17/12/2006|17:56] C:\Program Files\Windows Media Connect 2
[02/10/2007|19:21] C:\Program Files\Windows Media Player
[17/03/2005|09:17] C:\Program Files\Windows NT
[17/03/2005|09:19] C:\Program Files\WindowsUpdate
[17/03/2005|09:21] C:\Program Files\xerox
[14/10/2007|20:52] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[02/08/2008|13:30] C:\Program Files\Fichiers communs\Adobe
[05/07/2007|22:29] C:\Program Files\Fichiers communs\Apple
[10/11/2006|17:09] C:\Program Files\Fichiers communs\DESIGNER
[04/09/2005|10:06] C:\Program Files\Fichiers communs\FotoWire
[09/02/2007|17:26] C:\Program Files\Fichiers communs\France Telecom
[01/02/2006|22:56] C:\Program Files\Fichiers communs\Hewlett-Packard
[04/07/2006|07:48] C:\Program Files\Fichiers communs\HP
[17/03/2005|12:15] C:\Program Files\Fichiers communs\InstallShield
[17/03/2005|09:30] C:\Program Files\Fichiers communs\Java
[04/09/2005|10:03] C:\Program Files\Fichiers communs\Logitech
[02/08/2008|13:23] C:\Program Files\Fichiers communs\Microsoft Shared
[17/03/2005|09:19] C:\Program Files\Fichiers communs\MSSoap
[17/03/2005|10:13] C:\Program Files\Fichiers communs\ODBC
[21/08/2008|10:34] C:\Program Files\Fichiers communs\Real
[17/03/2005|09:19] C:\Program Files\Fichiers communs\Services
[06/01/2007|09:50] C:\Program Files\Fichiers communs\Softwin
[17/03/2005|10:13] C:\Program Files\Fichiers communs\SpeechEngines
[12/11/2005|23:24] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|20:33] C:\Program Files\Fichiers communs\System
[16/03/2008|11:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[21/08/2008|10:34] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 73 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 12:51:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 7

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\copie i tunes\02 Crack Maniac.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\02 Crack Maniac 1.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\08 Point d'Orgue.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\The Spinto Band\Nice And Nicely Done\06 Crack The Whip.wma

[F:185][D:8]-> C:\DOCUME~1\FLOREN~1\LOCALS~1\Temp
[F:214][D:0]-> C:\DOCUME~1\FLOREN~1\Cookies
[F:20332][D:31]-> C:\DOCUME~1\FLOREN~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 12:53:06
0
Réponse 7 / 24
Utilisateur anonyme
 
LE RAPPORT TOOLBAR

-----------\\ ToolBar S&D 1.2.0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : florence bovay ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 74 Go Free : 30 Go
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [1] ( 21/09/2008|13:08 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\WINDOWS\Prefetch\RUNDLL32.EXE-1F88488D.pf

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.orange.fr/portail"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="https://www.orange.fr/portail"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\copie i tunes\02 Crack Maniac.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\02 Crack Maniac 1.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\08 Point d'Orgue.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\The Spinto Band\Nice And Nicely Done\06 Crack The Whip.wma

1 - "C:\ToolBar SD\TB_1.txt" - 21/09/2008|13:09 - Option : [1]

-----------\\ Fin du rapport a 13:09:02,95
0
Réponse 8 / 24
Utilisateur anonyme
 
LE RAPPORT TOOLBAR

-----------\\ ToolBar S&D 1.2.0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : florence bovay ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 74 Go Free : 30 Go
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [1] ( 21/09/2008|13:08 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\WINDOWS\Prefetch\RUNDLL32.EXE-1F88488D.pf

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.orange.fr/portail"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="https://www.orange.fr/portail"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\copie i tunes\02 Crack Maniac.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\02 Crack Maniac 1.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\08 Point d'Orgue.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\The Spinto Band\Nice And Nicely Done\06 Crack The Whip.wma

1 - "C:\ToolBar SD\TB_1.txt" - 21/09/2008|13:09 - Option : [1]

-----------\\ Fin du rapport a 13:09:02,95
0
Réponse 9 / 24
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok maintenant :

▶ Relance Toolbar-S&D en double-cliquant sur le raccourci.
▶ Tape sur "2" puis valide en appuyant sur "Entrée".
/!\ Ne ferme pas la fenêtre lors de la suppression !
▶ Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

ensuite :

▶ Télécharger SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

(c est le numéro 8 en bas de la page) : https://www.androidworld.fr/

▶ Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur ton disque C:.

/!\ Démarre en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): menu M.S.E..

▶ Choisir son compte, pas celui de l'Administrateur ou autre.

Dérouler la liste des instructions ci-dessous :

• Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuyer sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuyer sur une touche pour redémarrer le PC.
• Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copier/coller le contenu du fichier Report.txt dans la prochaine réponse sur le forum

et ensuite refais un nouveau rapport hijackthis stp
0
Réponse 10 / 24
Utilisateur anonyme
 
LE RAPPORT TOOLBAR

-----------\\ ToolBar S&D 1.2.0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : florence bovay ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 74 Go Free : 30 Go
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [2] ( 21/09/2008|18:06 )

-----------\\ SUPPRESSION

Supprime! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1F88488D.pf

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.orange.fr/portail"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="https://www.orange.fr/portail"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\copie i tunes\02 Crack Maniac.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\02 Crack Maniac 1.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\iTunes\iTunes Music\Babx\crack maniac\08 Point d'Orgue.m4a
C:\DOCUME~1\FLOREN~1\Mes documents\Ma musique\The Spinto Band\Nice And Nicely Done\06 Crack The Whip.wma

1 - "C:\ToolBar SD\TB_1.txt" - 21/09/2008|13:09 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 21/09/2008|18:08 - Option : [2]

-----------\\ Fin du rapport a 18:08:43,54
0
Réponse 11 / 24
Utilisateur anonyme
 
rapport sdfix

[b]SDFix: Version 1.227 [/b]
Run by florence bovay on 21/09/2008 at 18:25

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

[b]Checking Files [/b]:

No Trojan Files Found
0
Réponse 12 / 24
Utilisateur anonyme
 
et le dernier rapport hijackthis!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:16, on 21/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Vidal\Communs\Vidal.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: PrintMe - {97387E2B-B2FA-4E4A-A607-F3B5C134F71C} - C:\Program Files\EFI\PrintMeToolbar\htpmcap.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: PrintMe - {97387E2B-B2FA-4E4A-A607-F3B5C134F71C} - C:\Program Files\EFI\PrintMeToolbar\htpmcap.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [vdlDeamon] C:\Program Files\Vidal\Communs\Vidal.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 13 / 24
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Salut !!

On continue...

▶ Télécharger sur le bureau malwarebytes à cette adresse :

https://www.androidworld.fr/

▶ Voici un tuto pour bien l installer et bien l utiliser :

https://www.androidworld.fr/

aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé

Après l analyse, redémarrer le pc et poste le rapport !!
0
Réponse 14 / 24
Utilisateur anonyme
 
et voilà!
je n'ai rien eu à supprimer
mais l'ordi rame toujours...

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1190
Windows 5.1.2600 Service Pack 2

22/09/2008 12:52:10
mbam-log-2008-09-22 (12-52-10).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 161067
Temps écoulé: 1 hour(s), 39 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 15 / 24
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
▶ Télécharge Combofix de sUBs

(c est le numéro 5 en bas de la page)

▶ et enregistre le sur le Bureau.

▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)

Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

ensuite envois le rapport et refais un nouveau rapport hijackthis stp
0
Réponse 16 / 24
Utilisateur anonyme
 
LE RAPPORT COMBOFIX

ComboFix 08-09-20.05 - florence bovay 2008-09-23 13:16:46.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.235 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\florence bovay\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-08-23 au 2008-09-23 ))))))))))))))))))))))))))))))))))))
.

2008-09-23 09:09 . 2008-09-23 09:09 <REP> d-------- C:\WINDOWS\LastGood
2008-09-22 11:11 . 2008-09-22 11:11 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-22 11:11 . 2008-09-22 11:11 <REP> d-------- C:\Documents and Settings\florence bovay\Application Data\Malwarebytes
2008-09-22 11:11 . 2008-09-22 11:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-22 11:11 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-22 11:11 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-21 18:19 . 2008-09-21 18:20 <REP> d-------- C:\WINDOWS\ERUNT
2008-09-21 18:17 . 2008-09-21 18:44 <REP> d-------- C:\SDFix
2008-09-21 13:08 . 2008-09-21 18:08 5,052 --a------ C:\Documents and Settings\Orph.egd
2008-09-21 13:07 . 2008-09-21 18:08 <REP> d-------- C:\ToolBar SD
2008-09-18 19:11 . 2008-09-18 19:32 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-09-17 22:14 . 2008-09-17 22:14 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-08-29 13:12 . 2008-09-21 12:53 <REP> d-------- C:\Lop SD
2008-08-28 19:10 . 2008-08-28 19:10 <REP> d-------- C:\Program Files\iPod
2008-08-28 19:04 . 2008-08-28 19:04 <REP> d-------- C:\Program Files\Bonjour
2008-08-28 17:37 . 2008-08-28 17:37 <REP> d-------- C:\Program Files\Trend Micro
2008-08-26 20:03 . 2008-08-26 20:05 <REP> d-------- C:\Program Files\QuickTime

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-23 11:15 --------- d-----w C:\Program Files\Wanadoo
2008-09-22 09:26 --------- d-----w C:\Program Files\eMule
2008-08-30 13:22 --------- d-----w C:\Documents and Settings\florence bovay\Application Data\U3
2008-08-28 17:13 --------- d-----w C:\Program Files\Apple Software Update
2008-08-28 17:11 --------- d-----w C:\Program Files\iTunes
2008-08-28 15:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-08-27 10:07 --------- d-----w C:\Program Files\a-squared Free
2008-08-22 17:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-21 08:34 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-08-21 08:34 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-08-02 11:30 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-08-02 11:28 --------- d-----w C:\Documents and Settings\florence bovay\Application Data\AdobeUM
2008-08-02 11:22 --------- d-----w C:\Program Files\AVG
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-01-05 22:58 17 ----a-w C:\Documents and Settings\florence bovay\getfile.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-03-02 65536]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-17 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-10-30 192512]
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-11-17 1077327]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2003-09-05 184320]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2005-01-21 675840]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2004-11-29 53248]
"TOSHIBA Accessibility"="C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe" [2004-12-07 24576]
"HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-12-23 28672]
"SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2005-02-25 65536]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2004-11-15 118784]
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2004-11-12 73728]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-01-14 122939]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-11-02 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-11-02 126976]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-25 454656]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-25 212992]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 49152]
"vdlDeamon"="C:\Program Files\Vidal\Communs\Vidal.exe" [2007-05-15 964096]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-21 185896]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"AGRSMMSG"="AGRSMMSG.exe" [2004-10-28 C:\WINDOWS\agrsmmsg.exe]
"Zooming"="ZoomingHook.exe" [2004-07-14 C:\WINDOWS\system32\ZoomingHook.exe]
"TCtryIOHook"="TCtrlIOHook.exe" [2005-02-16 C:\WINDOWS\system32\TCtrlIOHook.exe]
"TPSMain"="TPSMain.exe" [2005-01-21 C:\WINDOWS\system32\TPSMain.exe]
"NDSTray.exe"="NDSTray.exe" [BU]
"TFncKy"="TFncKy.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"msacm.enc"= ITIG726.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
S1 MSIstub;MSIstub;C:\WINDOWS\system32\drivers\dxgusbd.sys [ ]
S3 RIOUNIV;Rio universal USB driver;C:\WINDOWS\system32\Drivers\RIOUNIV.sys [2006-03-21 16128]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{196e41a7-7695-11dd-a512-000fb0914aa3}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94b5c3ee-eb3f-11db-a22e-000fb0914aa3}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-LDM - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
HKLM-Run-Adobe Photo Downloader - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe

.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\florence bovay\Application Data\Mozilla\Firefox\Profiles\ytngihq3.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://french.ircfast2.com/index.php?rvs=hompag
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 13:24:23
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-09-23 13:26:43
ComboFix-quarantined-files.txt 2008-09-23 11:26:20

Avant-CF: 31ÿ934ÿ214ÿ144 octets libres
Après-CF: 32,700,428,288 octets libres

159 --- E O F --- 2008-09-23 11:10:48
0
Réponse 17 / 24
Utilisateur anonyme
 
ET LE NOUVEAU RAPPORT HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:44:14, on 23/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Vidal\Communs\Vidal.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: PrintMe - {97387E2B-B2FA-4E4A-A607-F3B5C134F71C} - C:\Program Files\EFI\PrintMeToolbar\htpmcap.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: PrintMe - {97387E2B-B2FA-4E4A-A607-F3B5C134F71C} - C:\Program Files\EFI\PrintMeToolbar\htpmcap.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vdlDeamon] C:\Program Files\Vidal\Communs\Vidal.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 18 / 24
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Salut !!

relance hijackthis en cliquant sur scan only et coches ces lignes stp :

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O2 - BHO: PrintMe - {97387E2B-B2FA-4E4A-A607-F3B5C134F71C} - C:\Program Files\EFI\PrintMeToolbar\htpmcap.dll
O3 - Toolbar: PrintMe - {97387E2B-B2FA-4E4A-A607-F3B5C134F71C} - C:\Program Files\EFI\PrintMeToolbar\htpmcap.dll

puis tu cliques sur fix checked.

vas aussi faire ces mises à niveau suivantes stp :

java : https://www.java.com/fr/download/manual.jsp

adobe reader XP : https://get2.adobe.com/reader/otherversions/

et ensuite désinstalle la version antérieure de java.

est ce que tu as encore des problemes ??
0
Réponse 19 / 24
Utilisateur anonyme
 
j'ai tout fait sauf désinstaller java, je le trouve où?
0
Réponse 20 / 24
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
elle se trouve dans ajout/suppression de programmes

ensuite dis moi si tu as encore des problemes stp
-1

Discussions similaires

Iptv beug
leogauthier15 -
bazfile -

1 réponse