Problème de spam: CID SVP aidez-moi!
T46
Messages postés
6
Statut
Membre
-
T46 Messages postés 6 Statut Membre -
T46 Messages postés 6 Statut Membre -
Bonjour,
comme le titre le dit, j'ai un problème de pub CID, je me suis renseigné à pas mal d'endroit et j'ai crus comprendre qu'on attrapait sa en téléchargeant MSN PLUS avec des logiciels P2P et autre logiciel gratuit en contrepartit.
entre autre j'ai téléchargé msn plus, Utorrent et beaucoup d'autre logiciel gratuit. En cherchant un peu plus j'ai trouvé des tutoriels pour enlever l'adaware Lop grâce au logiciel comme spybot et Ccleaner; j'ai essayé les deux sans succès.Ensuite j'ai essayé Hijackthis mais après qu'il m'ait donné le résultat du scan je ne sais pas comment trouvé les lignes infectés! je voulais savoir si vous pouviez m'aider.
voici le scan:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:35:04, on 25/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Goto Software\Vade Retro\Vaderetro_mgr.exe
D:\Windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Windows\ehome\ehtray.exe
G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe
G:\Program Files\Steam\Steam.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Windows\ehome\ehmsas.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\Internet Explorer\IEUser.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\utilisateur\Theo1\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [MSConfig] "D:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VadeRetro Outlook] D:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VadeRetro Desktop] D:\Program Files\Goto Software\Vade Retro\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [axis web cake second] "D:\ProgramData\Else plan bone.q1s80"
O4 - HKCU\..\Run: [Google Update] "D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "G:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\ad-aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - D:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - D:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - D:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - D:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
comme le titre le dit, j'ai un problème de pub CID, je me suis renseigné à pas mal d'endroit et j'ai crus comprendre qu'on attrapait sa en téléchargeant MSN PLUS avec des logiciels P2P et autre logiciel gratuit en contrepartit.
entre autre j'ai téléchargé msn plus, Utorrent et beaucoup d'autre logiciel gratuit. En cherchant un peu plus j'ai trouvé des tutoriels pour enlever l'adaware Lop grâce au logiciel comme spybot et Ccleaner; j'ai essayé les deux sans succès.Ensuite j'ai essayé Hijackthis mais après qu'il m'ait donné le résultat du scan je ne sais pas comment trouvé les lignes infectés! je voulais savoir si vous pouviez m'aider.
voici le scan:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:35:04, on 25/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Goto Software\Vade Retro\Vaderetro_mgr.exe
D:\Windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Windows\ehome\ehtray.exe
G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe
G:\Program Files\Steam\Steam.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Windows\ehome\ehmsas.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\Internet Explorer\IEUser.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\utilisateur\Theo1\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [MSConfig] "D:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VadeRetro Outlook] D:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VadeRetro Desktop] D:\Program Files\Goto Software\Vade Retro\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [axis web cake second] "D:\ProgramData\Else plan bone.q1s80"
O4 - HKCU\..\Run: [Google Update] "D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "G:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\ad-aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - D:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - D:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - D:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - D:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
A voir également:
- Problème de spam: CID SVP aidez-moi!
- Spam messenger - Guide
- Spam whatsapp - Accueil - Messagerie instantanée
- Mcafee spam - Accueil - Piratage
- Account-security-noreply@ accountprotection.microsoft.com spam ✓ - Forum Hotmail / Outlook.com
- 0173 spam - Forum Mobile
15 réponses
donc voilà j'ai suivis tes instructions et fait le scan avec lop
le voici:
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3600+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Theo ( Administrator )
BOOT : Normal boot
Firewall : ZoneAlarm Firewall 7.1.254.000 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 108 Go Free : 60 Go
D:\ (Local Disk) - NTFS - Total : 41 Go Free : 1 Go
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total : 232 Go Free : 83 Go
I:\ (USB) - FAT32 - Total : 966 Mo Free : 0 Go
"D:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 26/09/2008|20:51 )
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[25/12/2007|11:45] D:\Users\Theo\AppData\Local\{32A3A4F2-B792-11D6-A78A-00B0D0150110}
[19/09/2008|17:01] D:\Users\Theo\AppData\Local\2BrightSparks
[02/01/2008|00:07] D:\Users\Theo\AppData\Local\ACD Systems
[24/06/2008|09:51] D:\Users\Theo\AppData\Local\Adobe
[27/06/2008|22:38] D:\Users\Theo\AppData\Local\Ahead
[25/12/2007|11:45] D:\Users\Theo\AppData\Local\Apple
[01/07/2008|09:57] D:\Users\Theo\AppData\Local\Apple Computer
[25/12/2007|11:36] D:\Users\Theo\AppData\Local\Application Data
[16/09/2008|19:14] D:\Users\Theo\AppData\Local\BVRP Software
[27/07/2008|14:35] D:\Users\Theo\AppData\Local\Cooliris
[06/07/2008|20:17] D:\Users\Theo\AppData\Local\d3d8caps.dat
[02/09/2008|19:18] D:\Users\Theo\AppData\Local\d3d9caps.dat
[25/09/2008|20:25] D:\Users\Theo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[05/07/2008|14:27] D:\Users\Theo\AppData\Local\Downloaded Installations
[12/05/2008|14:19] D:\Users\Theo\AppData\Local\eMule
[25/12/2007|11:45] D:\Users\Theo\AppData\Local\GameSpy
[26/09/2008|18:35] D:\Users\Theo\AppData\Local\GDIPFONTCACHEV1.DAT
[26/09/2008|19:31] D:\Users\Theo\AppData\Local\Google
[03/12/2007|18:12] D:\Users\Theo\AppData\Local\Help
[25/12/2007|11:36] D:\Users\Theo\AppData\Local\Historique
[26/09/2008|18:44] D:\Users\Theo\AppData\Local\IconCache.db
[26/09/2008|17:27] D:\Users\Theo\AppData\Local\Microsoft
[29/01/2008|17:45] D:\Users\Theo\AppData\Local\Microsoft Game Studios
[15/01/2008|18:33] D:\Users\Theo\AppData\Local\Microsoft Games
[25/12/2007|11:45] D:\Users\Theo\AppData\Local\Mozilla
[16/09/2008|21:07] D:\Users\Theo\AppData\Local\NOS
[31/08/2008|18:43] D:\Users\Theo\AppData\Local\Paint.NET
[16/05/2008|16:25] D:\Users\Theo\AppData\Local\PunkBuster
[31/12/2007|18:48] D:\Users\Theo\AppData\Local\Stardock
[26/09/2008|20:50] D:\Users\Theo\AppData\Local\Temp
[25/12/2007|11:36] D:\Users\Theo\AppData\Local\Temporary Internet Files
[30/12/2007|10:57] D:\Users\Theo\AppData\Local\VirtualStore
[18/03/2008|19:43] D:\Users\Theo\AppData\Local\Xenocode
--------------------\\ Tâches planifiées dans D:\Windows\tasks
[26/09/2008 20:47][--a--c---] D:\Windows\tasks\GoogleUpdateTaskUser.job
[26/09/2008 09:24][--ah-c---] D:\Windows\tasks\User_Feed_Synchronization-{4C83F4FD-21F6-415D-99EA-A0A10388D329}.job
[26/09/2008 18:38][--ah-c---] D:\Windows\tasks\User_Feed_Synchronization-{3C3AE14C-04F2-44DF-9C77-A12CE968AF8A}.job
[26/09/2008 17:36][--a--c---] D:\Windows\tasks\sauvegarde de bit defender.job
[05/08/2004 14:00][-rah-----] D:\Windows\tasks\desktop.ini
[26/09/2008 17:36][--ah-c---] D:\Windows\tasks\SA.DAT
[02/11/2006 15:09][--a--c---] D:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans D:\ProgramData
[19/09/2008|15:58] D:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[02/01/2008|00:03] D:\ProgramData\ACD Systems
[19/01/2008|13:46] D:\ProgramData\Adobe
[29/12/2007|13:18] D:\ProgramData\aim rect help creative
[25/12/2007|11:38] D:\ProgramData\Apple
[25/12/2007|11:38] D:\ProgramData\Apple Computer
[02/11/2006|15:02] D:\ProgramData\Application Data
[19/09/2008|16:45] D:\ProgramData\Avira
[25/12/2007|11:38] D:\ProgramData\Azureus
[25/12/2007|11:38] D:\ProgramData\BitDefender
[30/08/2008|18:08] D:\ProgramData\Book Slow Axis Web
[25/12/2007|12:01] D:\ProgramData\Bureau
[16/09/2008|19:13] D:\ProgramData\BVRP Software
[10/02/2008|21:37] D:\ProgramData\CheckPoint
[02/11/2006|15:02] D:\ProgramData\Desktop
[02/11/2006|15:02] D:\ProgramData\Documents
[25/12/2007|11:38] D:\ProgramData\DRM
[05/07/2008|14:26] D:\ProgramData\Electronic Arts
[30/08/2008|18:08] D:\ProgramData\Else plan bone.q1s80
[12/05/2008|14:19] D:\ProgramData\eMule
[25/12/2007|12:01] D:\ProgramData\Favoris
[02/11/2006|15:02] D:\ProgramData\Favorites
[19/09/2008|18:20] D:\ProgramData\HEART FORK DOG
[16/07/2008|18:47] D:\ProgramData\Lavasoft
[05/07/2008|17:07] D:\ProgramData\Media Center Programs
[25/12/2007|12:01] D:\ProgramData\Menu D‚marrer
[23/09/2008|22:32] D:\ProgramData\Messenger Plus!
[24/06/2008|11:38] D:\ProgramData\Microsoft
[25/12/2007|11:38] D:\ProgramData\Microsoft Corporation
[31/12/2007|15:24] D:\ProgramData\Microsoft Games
[31/12/2007|15:24] D:\ProgramData\Microsoft Gamesÿ
[25/12/2007|12:01] D:\ProgramData\ModŠles
[01/07/2008|14:19] D:\ProgramData\Nero
[20/01/2008|12:46] D:\ProgramData\ntuser.pol
[25/06/2008|14:43] D:\ProgramData\NVIDIA
[14/01/2008|18:55] D:\ProgramData\rect 2 2.034sa1q
[30/08/2008|18:07] D:\ProgramData\rect 2 2.11rr9l
[08/04/2008|19:07] D:\ProgramData\rect 2 2.19b1m1
[08/04/2008|18:45] D:\ProgramData\rect 2 2.2rv8hi
[29/12/2007|13:18] D:\ProgramData\rect 2 2.2ufd7
[14/01/2008|19:40] D:\ProgramData\rect 2 2.3kcfc
[14/01/2008|20:24] D:\ProgramData\rect 2 2.45ijl
[29/03/2008|11:24] D:\ProgramData\rect 2 2.4u6mfk
[14/01/2008|19:18] D:\ProgramData\rect 2 2.7w4qq
[07/01/2008|19:03] D:\ProgramData\rect 2 2.fgd4sre
[14/01/2008|20:02] D:\ProgramData\rect 2 2.gsypw
[30/08/2008|18:07] D:\ProgramData\rect 2 2.i0mu6v
[01/01/2008|22:09] D:\ProgramData\rect 2 2.jsq6t
[15/01/2008|18:06] D:\ProgramData\rect 2 2.vcfecey
[07/01/2008|19:03] D:\ProgramData\rect 2 2.xbm7r
[08/04/2008|18:23] D:\ProgramData\rect 2 2.yzdhhqc
[29/03/2008|11:24] D:\ProgramData\rect 2 2.zck9p
[20/09/2008|15:36] D:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] D:\ProgramData\Start Menu
[29/03/2008|11:25] D:\ProgramData\Stupid Support Setup.eccsjy
[02/11/2006|15:02] D:\ProgramData\Templates
[23/06/2008|22:21] D:\ProgramData\Ubisoft
[13/09/2008|14:36] D:\ProgramData\VadeRetro
[25/12/2007|11:38] D:\ProgramData\Windows Genuine Advantage
[19/07/2008|19:35] D:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans D:\Program Files
[02/01/2008|00:03] D:\Program Files\ACD Systems
[09/06/2008|19:51] D:\Program Files\Adobe
[28/06/2008|10:56] D:\Program Files\Ahead
[25/12/2007|11:38] D:\Program Files\ANI
[19/09/2008|15:46] D:\Program Files\Apple Software Update
[02/01/2008|13:08] D:\Program Files\Audacity 1.3 Beta (Unicode)
[16/09/2008|19:20] D:\Program Files\Avanquest update
[19/09/2008|16:45] D:\Program Files\Avira
[25/12/2007|11:38] D:\Program Files\BitDefender
[19/09/2008|15:48] D:\Program Files\Bonjour
[26/12/2007|22:52] D:\Program Files\CCleaner
[17/09/2008|19:43] D:\Program Files\Common Files
[18/10/2007|19:57] D:\Program Files\ComPlus Applications
[25/12/2007|11:38] D:\Program Files\DIFX
[25/12/2007|11:38] D:\Program Files\DivX
[25/12/2007|11:38] D:\Program Files\D-Link
[05/07/2008|14:27] D:\Program Files\Electronic Arts
[25/12/2007|12:01] D:\Program Files\Fichiers communs [D:\Program Files\Common Files]
[25/12/2007|11:39] D:\Program Files\GameSpy
[04/04/2008|17:29] D:\Program Files\GameSpy Arcade
[03/02/2008|21:42] D:\Program Files\Google
[13/09/2008|14:36] D:\Program Files\Goto Software
[16/09/2008|19:13] D:\Program Files\InstallShield Installation Information
[16/09/2008|21:46] D:\Program Files\Internet Explorer
[19/09/2008|15:58] D:\Program Files\iPod
[14/05/2008|19:41] D:\Program Files\iTunes
[23/03/2008|23:33] D:\Program Files\Java
[07/06/2008|19:24] D:\Program Files\Lavalys
[10/02/2008|21:33] D:\Program Files\Lavasoft
[12/06/2008|16:48] D:\Program Files\LimeWire
[18/01/2008|18:49] D:\Program Files\MagicISO
[23/09/2008|19:55] D:\Program Files\Messenger Plus! Live
[25/12/2007|11:40] D:\Program Files\microsoft frontpage
[04/01/2008|23:29] D:\Program Files\Microsoft Games
[17/05/2008|14:25] D:\Program Files\Microsoft Office
[16/09/2008|21:46] D:\Program Files\Movie Maker
[25/09/2008|10:40] D:\Program Files\Mozilla Firefox
[02/11/2006|14:37] D:\Program Files\MSBuild
[17/05/2008|14:24] D:\Program Files\MSECache
[25/12/2007|11:40] D:\Program Files\MSN
[25/12/2007|11:40] D:\Program Files\MSN Gaming Zone
[30/12/2007|17:55] D:\Program Files\MSXML 4.0
[13/07/2008|23:17] D:\Program Files\NeoTrace Express
[14/07/2008|18:05] D:\Program Files\Nici
[26/09/2008|16:20] D:\Program Files\OpenOffice.org 2.4
[19/09/2008|15:57] D:\Program Files\QuickTime
[25/12/2007|11:40] D:\Program Files\Real
[25/12/2007|11:40] D:\Program Files\Realtek AC97
[02/11/2006|14:37] D:\Program Files\Reference Assemblies
[31/01/2008|23:21] D:\Program Files\RSSoft
[19/09/2008|18:30] D:\Program Files\Sarkophage
[25/12/2007|11:40] D:\Program Files\Services en ligne
[04/01/2008|19:18] D:\Program Files\Spybot - Search & Destroy
[25/06/2008|14:32] D:\Program Files\SystemRequirementsLab
[02/11/2006|15:01] D:\Program Files\Uninstall Information
[07/02/2008|22:43] D:\Program Files\uTorrent
[25/12/2007|11:40] D:\Program Files\VideoLAN
[16/09/2008|21:46] D:\Program Files\Windows Calendar
[16/09/2008|21:46] D:\Program Files\Windows Collaboration
[16/09/2008|21:46] D:\Program Files\Windows Defender
[16/09/2008|21:46] D:\Program Files\Windows Journal
[19/07/2008|19:39] D:\Program Files\Windows Live
[16/09/2008|21:46] D:\Program Files\Windows Mail
[01/11/2007|22:26] D:\Program Files\Windows Media Connect 2
[16/09/2008|21:46] D:\Program Files\Windows Media Player
[25/12/2007|12:01] D:\Program Files\Windows NT
[16/09/2008|21:46] D:\Program Files\Windows Photo Gallery
[16/09/2008|21:46] D:\Program Files\Windows Sidebar
[25/12/2007|11:40] D:\Program Files\WinRAR
[25/12/2007|11:40] D:\Program Files\xerox
[07/09/2008|09:16] D:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans D:\Program Files\Common Files
[02/01/2008|00:03] D:\Program Files\Common Files\ACD Systems
[16/09/2008|21:34] D:\Program Files\Common Files\Adobe
[28/06/2008|10:56] D:\Program Files\Common Files\Ahead
[19/09/2008|15:56] D:\Program Files\Common Files\Apple
[25/12/2007|11:39] D:\Program Files\Common Files\BitDefender
[25/12/2007|11:39] D:\Program Files\Common Files\InstallShield
[25/12/2007|11:39] D:\Program Files\Common Files\Java
[16/09/2008|18:17] D:\Program Files\Common Files\microsoft shared
[25/12/2007|11:39] D:\Program Files\Common Files\MSSoap
[01/07/2008|14:19] D:\Program Files\Common Files\Nero
[25/12/2007|11:39] D:\Program Files\Common Files\ODBC
[17/09/2008|19:43] D:\Program Files\Common Files\Real
[02/11/2006|13:18] D:\Program Files\Common Files\Services
[02/11/2006|13:18] D:\Program Files\Common Files\SpeechEngines
[17/09/2008|11:32] D:\Program Files\Common Files\Steam
[16/09/2008|21:46] D:\Program Files\Common Files\System
[19/07/2008|19:38] D:\Program Files\Common Files\WindowsLiveInstaller
[16/07/2008|18:45] D:\Program Files\Common Files\Wise Installation Wizard
[17/09/2008|19:43] D:\Program Files\Common Files\xing shared
--------------------\\ Process
( 76 Processes )
IEXPLORE.EXE ~ [PID:5128]
iexplore.exe ~ [PID:2964]
--------------------\\ Recherche avec S_Lop
D:\ProgramData\Else plan bone.q1s80
D:\ProgramData\Stupid Support Setup.eccsjy
--------------------\\ Recherche de Fichiers / Dossiers Lop
D:\ProgramData\aim rect help creative
D:\ProgramData\Book Slow Axis Web
D:\ProgramData\Book Slow Axis Web\Byte Mfcd.exe
D:\Users\Theo\AppData\Roaming\MICROS~1\Windows\Cookies\theo@adopt.euroclick[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"axis web cake second"="\"D:\\ProgramData\\Else plan bone.q1s80\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-26 20:51:17
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 692
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
D:\Users\Theo\AppData\Roaming\Microsoft\Windows\Recent\BDTS_Keygen___Patch.lnk
[F:81][D:11]-> D:\Users\Theo\AppData\Local\Temp
[F:117][D:1]-> D:\Users\Theo\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1287][D:5]-> D:\Users\Theo\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> D:\$Recycle.Bin
1 - "D:\Lop SD\LopR_1.txt" - 26/09/2008|20:53 - Option : [1]
--------------------\\ Fin du rapport a 20:53:42
[ UAC => 1 ]
le voici:
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3600+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Theo ( Administrator )
BOOT : Normal boot
Firewall : ZoneAlarm Firewall 7.1.254.000 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 108 Go Free : 60 Go
D:\ (Local Disk) - NTFS - Total : 41 Go Free : 1 Go
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total : 232 Go Free : 83 Go
I:\ (USB) - FAT32 - Total : 966 Mo Free : 0 Go
"D:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 26/09/2008|20:51 )
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[25/12/2007|11:45] D:\Users\Theo\AppData\Local\{32A3A4F2-B792-11D6-A78A-00B0D0150110}
[19/09/2008|17:01] D:\Users\Theo\AppData\Local\2BrightSparks
[02/01/2008|00:07] D:\Users\Theo\AppData\Local\ACD Systems
[24/06/2008|09:51] D:\Users\Theo\AppData\Local\Adobe
[27/06/2008|22:38] D:\Users\Theo\AppData\Local\Ahead
[25/12/2007|11:45] D:\Users\Theo\AppData\Local\Apple
[01/07/2008|09:57] D:\Users\Theo\AppData\Local\Apple Computer
[25/12/2007|11:36] D:\Users\Theo\AppData\Local\Application Data
[16/09/2008|19:14] D:\Users\Theo\AppData\Local\BVRP Software
[27/07/2008|14:35] D:\Users\Theo\AppData\Local\Cooliris
[06/07/2008|20:17] D:\Users\Theo\AppData\Local\d3d8caps.dat
[02/09/2008|19:18] D:\Users\Theo\AppData\Local\d3d9caps.dat
[25/09/2008|20:25] D:\Users\Theo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[05/07/2008|14:27] D:\Users\Theo\AppData\Local\Downloaded Installations
[12/05/2008|14:19] D:\Users\Theo\AppData\Local\eMule
[25/12/2007|11:45] D:\Users\Theo\AppData\Local\GameSpy
[26/09/2008|18:35] D:\Users\Theo\AppData\Local\GDIPFONTCACHEV1.DAT
[26/09/2008|19:31] D:\Users\Theo\AppData\Local\Google
[03/12/2007|18:12] D:\Users\Theo\AppData\Local\Help
[25/12/2007|11:36] D:\Users\Theo\AppData\Local\Historique
[26/09/2008|18:44] D:\Users\Theo\AppData\Local\IconCache.db
[26/09/2008|17:27] D:\Users\Theo\AppData\Local\Microsoft
[29/01/2008|17:45] D:\Users\Theo\AppData\Local\Microsoft Game Studios
[15/01/2008|18:33] D:\Users\Theo\AppData\Local\Microsoft Games
[25/12/2007|11:45] D:\Users\Theo\AppData\Local\Mozilla
[16/09/2008|21:07] D:\Users\Theo\AppData\Local\NOS
[31/08/2008|18:43] D:\Users\Theo\AppData\Local\Paint.NET
[16/05/2008|16:25] D:\Users\Theo\AppData\Local\PunkBuster
[31/12/2007|18:48] D:\Users\Theo\AppData\Local\Stardock
[26/09/2008|20:50] D:\Users\Theo\AppData\Local\Temp
[25/12/2007|11:36] D:\Users\Theo\AppData\Local\Temporary Internet Files
[30/12/2007|10:57] D:\Users\Theo\AppData\Local\VirtualStore
[18/03/2008|19:43] D:\Users\Theo\AppData\Local\Xenocode
--------------------\\ Tâches planifiées dans D:\Windows\tasks
[26/09/2008 20:47][--a--c---] D:\Windows\tasks\GoogleUpdateTaskUser.job
[26/09/2008 09:24][--ah-c---] D:\Windows\tasks\User_Feed_Synchronization-{4C83F4FD-21F6-415D-99EA-A0A10388D329}.job
[26/09/2008 18:38][--ah-c---] D:\Windows\tasks\User_Feed_Synchronization-{3C3AE14C-04F2-44DF-9C77-A12CE968AF8A}.job
[26/09/2008 17:36][--a--c---] D:\Windows\tasks\sauvegarde de bit defender.job
[05/08/2004 14:00][-rah-----] D:\Windows\tasks\desktop.ini
[26/09/2008 17:36][--ah-c---] D:\Windows\tasks\SA.DAT
[02/11/2006 15:09][--a--c---] D:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans D:\ProgramData
[19/09/2008|15:58] D:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[02/01/2008|00:03] D:\ProgramData\ACD Systems
[19/01/2008|13:46] D:\ProgramData\Adobe
[29/12/2007|13:18] D:\ProgramData\aim rect help creative
[25/12/2007|11:38] D:\ProgramData\Apple
[25/12/2007|11:38] D:\ProgramData\Apple Computer
[02/11/2006|15:02] D:\ProgramData\Application Data
[19/09/2008|16:45] D:\ProgramData\Avira
[25/12/2007|11:38] D:\ProgramData\Azureus
[25/12/2007|11:38] D:\ProgramData\BitDefender
[30/08/2008|18:08] D:\ProgramData\Book Slow Axis Web
[25/12/2007|12:01] D:\ProgramData\Bureau
[16/09/2008|19:13] D:\ProgramData\BVRP Software
[10/02/2008|21:37] D:\ProgramData\CheckPoint
[02/11/2006|15:02] D:\ProgramData\Desktop
[02/11/2006|15:02] D:\ProgramData\Documents
[25/12/2007|11:38] D:\ProgramData\DRM
[05/07/2008|14:26] D:\ProgramData\Electronic Arts
[30/08/2008|18:08] D:\ProgramData\Else plan bone.q1s80
[12/05/2008|14:19] D:\ProgramData\eMule
[25/12/2007|12:01] D:\ProgramData\Favoris
[02/11/2006|15:02] D:\ProgramData\Favorites
[19/09/2008|18:20] D:\ProgramData\HEART FORK DOG
[16/07/2008|18:47] D:\ProgramData\Lavasoft
[05/07/2008|17:07] D:\ProgramData\Media Center Programs
[25/12/2007|12:01] D:\ProgramData\Menu D‚marrer
[23/09/2008|22:32] D:\ProgramData\Messenger Plus!
[24/06/2008|11:38] D:\ProgramData\Microsoft
[25/12/2007|11:38] D:\ProgramData\Microsoft Corporation
[31/12/2007|15:24] D:\ProgramData\Microsoft Games
[31/12/2007|15:24] D:\ProgramData\Microsoft Gamesÿ
[25/12/2007|12:01] D:\ProgramData\ModŠles
[01/07/2008|14:19] D:\ProgramData\Nero
[20/01/2008|12:46] D:\ProgramData\ntuser.pol
[25/06/2008|14:43] D:\ProgramData\NVIDIA
[14/01/2008|18:55] D:\ProgramData\rect 2 2.034sa1q
[30/08/2008|18:07] D:\ProgramData\rect 2 2.11rr9l
[08/04/2008|19:07] D:\ProgramData\rect 2 2.19b1m1
[08/04/2008|18:45] D:\ProgramData\rect 2 2.2rv8hi
[29/12/2007|13:18] D:\ProgramData\rect 2 2.2ufd7
[14/01/2008|19:40] D:\ProgramData\rect 2 2.3kcfc
[14/01/2008|20:24] D:\ProgramData\rect 2 2.45ijl
[29/03/2008|11:24] D:\ProgramData\rect 2 2.4u6mfk
[14/01/2008|19:18] D:\ProgramData\rect 2 2.7w4qq
[07/01/2008|19:03] D:\ProgramData\rect 2 2.fgd4sre
[14/01/2008|20:02] D:\ProgramData\rect 2 2.gsypw
[30/08/2008|18:07] D:\ProgramData\rect 2 2.i0mu6v
[01/01/2008|22:09] D:\ProgramData\rect 2 2.jsq6t
[15/01/2008|18:06] D:\ProgramData\rect 2 2.vcfecey
[07/01/2008|19:03] D:\ProgramData\rect 2 2.xbm7r
[08/04/2008|18:23] D:\ProgramData\rect 2 2.yzdhhqc
[29/03/2008|11:24] D:\ProgramData\rect 2 2.zck9p
[20/09/2008|15:36] D:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] D:\ProgramData\Start Menu
[29/03/2008|11:25] D:\ProgramData\Stupid Support Setup.eccsjy
[02/11/2006|15:02] D:\ProgramData\Templates
[23/06/2008|22:21] D:\ProgramData\Ubisoft
[13/09/2008|14:36] D:\ProgramData\VadeRetro
[25/12/2007|11:38] D:\ProgramData\Windows Genuine Advantage
[19/07/2008|19:35] D:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans D:\Program Files
[02/01/2008|00:03] D:\Program Files\ACD Systems
[09/06/2008|19:51] D:\Program Files\Adobe
[28/06/2008|10:56] D:\Program Files\Ahead
[25/12/2007|11:38] D:\Program Files\ANI
[19/09/2008|15:46] D:\Program Files\Apple Software Update
[02/01/2008|13:08] D:\Program Files\Audacity 1.3 Beta (Unicode)
[16/09/2008|19:20] D:\Program Files\Avanquest update
[19/09/2008|16:45] D:\Program Files\Avira
[25/12/2007|11:38] D:\Program Files\BitDefender
[19/09/2008|15:48] D:\Program Files\Bonjour
[26/12/2007|22:52] D:\Program Files\CCleaner
[17/09/2008|19:43] D:\Program Files\Common Files
[18/10/2007|19:57] D:\Program Files\ComPlus Applications
[25/12/2007|11:38] D:\Program Files\DIFX
[25/12/2007|11:38] D:\Program Files\DivX
[25/12/2007|11:38] D:\Program Files\D-Link
[05/07/2008|14:27] D:\Program Files\Electronic Arts
[25/12/2007|12:01] D:\Program Files\Fichiers communs [D:\Program Files\Common Files]
[25/12/2007|11:39] D:\Program Files\GameSpy
[04/04/2008|17:29] D:\Program Files\GameSpy Arcade
[03/02/2008|21:42] D:\Program Files\Google
[13/09/2008|14:36] D:\Program Files\Goto Software
[16/09/2008|19:13] D:\Program Files\InstallShield Installation Information
[16/09/2008|21:46] D:\Program Files\Internet Explorer
[19/09/2008|15:58] D:\Program Files\iPod
[14/05/2008|19:41] D:\Program Files\iTunes
[23/03/2008|23:33] D:\Program Files\Java
[07/06/2008|19:24] D:\Program Files\Lavalys
[10/02/2008|21:33] D:\Program Files\Lavasoft
[12/06/2008|16:48] D:\Program Files\LimeWire
[18/01/2008|18:49] D:\Program Files\MagicISO
[23/09/2008|19:55] D:\Program Files\Messenger Plus! Live
[25/12/2007|11:40] D:\Program Files\microsoft frontpage
[04/01/2008|23:29] D:\Program Files\Microsoft Games
[17/05/2008|14:25] D:\Program Files\Microsoft Office
[16/09/2008|21:46] D:\Program Files\Movie Maker
[25/09/2008|10:40] D:\Program Files\Mozilla Firefox
[02/11/2006|14:37] D:\Program Files\MSBuild
[17/05/2008|14:24] D:\Program Files\MSECache
[25/12/2007|11:40] D:\Program Files\MSN
[25/12/2007|11:40] D:\Program Files\MSN Gaming Zone
[30/12/2007|17:55] D:\Program Files\MSXML 4.0
[13/07/2008|23:17] D:\Program Files\NeoTrace Express
[14/07/2008|18:05] D:\Program Files\Nici
[26/09/2008|16:20] D:\Program Files\OpenOffice.org 2.4
[19/09/2008|15:57] D:\Program Files\QuickTime
[25/12/2007|11:40] D:\Program Files\Real
[25/12/2007|11:40] D:\Program Files\Realtek AC97
[02/11/2006|14:37] D:\Program Files\Reference Assemblies
[31/01/2008|23:21] D:\Program Files\RSSoft
[19/09/2008|18:30] D:\Program Files\Sarkophage
[25/12/2007|11:40] D:\Program Files\Services en ligne
[04/01/2008|19:18] D:\Program Files\Spybot - Search & Destroy
[25/06/2008|14:32] D:\Program Files\SystemRequirementsLab
[02/11/2006|15:01] D:\Program Files\Uninstall Information
[07/02/2008|22:43] D:\Program Files\uTorrent
[25/12/2007|11:40] D:\Program Files\VideoLAN
[16/09/2008|21:46] D:\Program Files\Windows Calendar
[16/09/2008|21:46] D:\Program Files\Windows Collaboration
[16/09/2008|21:46] D:\Program Files\Windows Defender
[16/09/2008|21:46] D:\Program Files\Windows Journal
[19/07/2008|19:39] D:\Program Files\Windows Live
[16/09/2008|21:46] D:\Program Files\Windows Mail
[01/11/2007|22:26] D:\Program Files\Windows Media Connect 2
[16/09/2008|21:46] D:\Program Files\Windows Media Player
[25/12/2007|12:01] D:\Program Files\Windows NT
[16/09/2008|21:46] D:\Program Files\Windows Photo Gallery
[16/09/2008|21:46] D:\Program Files\Windows Sidebar
[25/12/2007|11:40] D:\Program Files\WinRAR
[25/12/2007|11:40] D:\Program Files\xerox
[07/09/2008|09:16] D:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans D:\Program Files\Common Files
[02/01/2008|00:03] D:\Program Files\Common Files\ACD Systems
[16/09/2008|21:34] D:\Program Files\Common Files\Adobe
[28/06/2008|10:56] D:\Program Files\Common Files\Ahead
[19/09/2008|15:56] D:\Program Files\Common Files\Apple
[25/12/2007|11:39] D:\Program Files\Common Files\BitDefender
[25/12/2007|11:39] D:\Program Files\Common Files\InstallShield
[25/12/2007|11:39] D:\Program Files\Common Files\Java
[16/09/2008|18:17] D:\Program Files\Common Files\microsoft shared
[25/12/2007|11:39] D:\Program Files\Common Files\MSSoap
[01/07/2008|14:19] D:\Program Files\Common Files\Nero
[25/12/2007|11:39] D:\Program Files\Common Files\ODBC
[17/09/2008|19:43] D:\Program Files\Common Files\Real
[02/11/2006|13:18] D:\Program Files\Common Files\Services
[02/11/2006|13:18] D:\Program Files\Common Files\SpeechEngines
[17/09/2008|11:32] D:\Program Files\Common Files\Steam
[16/09/2008|21:46] D:\Program Files\Common Files\System
[19/07/2008|19:38] D:\Program Files\Common Files\WindowsLiveInstaller
[16/07/2008|18:45] D:\Program Files\Common Files\Wise Installation Wizard
[17/09/2008|19:43] D:\Program Files\Common Files\xing shared
--------------------\\ Process
( 76 Processes )
IEXPLORE.EXE ~ [PID:5128]
iexplore.exe ~ [PID:2964]
--------------------\\ Recherche avec S_Lop
D:\ProgramData\Else plan bone.q1s80
D:\ProgramData\Stupid Support Setup.eccsjy
--------------------\\ Recherche de Fichiers / Dossiers Lop
D:\ProgramData\aim rect help creative
D:\ProgramData\Book Slow Axis Web
D:\ProgramData\Book Slow Axis Web\Byte Mfcd.exe
D:\Users\Theo\AppData\Roaming\MICROS~1\Windows\Cookies\theo@adopt.euroclick[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"axis web cake second"="\"D:\\ProgramData\\Else plan bone.q1s80\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-26 20:51:17
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 692
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
D:\Users\Theo\AppData\Roaming\Microsoft\Windows\Recent\BDTS_Keygen___Patch.lnk
[F:81][D:11]-> D:\Users\Theo\AppData\Local\Temp
[F:117][D:1]-> D:\Users\Theo\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1287][D:5]-> D:\Users\Theo\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> D:\$Recycle.Bin
1 - "D:\Lop SD\LopR_1.txt" - 26/09/2008|20:53 - Option : [1]
--------------------\\ Fin du rapport a 20:53:42
[ UAC => 1 ]
super! sa m'a effacé plein de logiciel malveillant. je n'avais pas essayé Lop car dans un tutoriel il était precisé que ce logiciel n'était pas compatible avec vista! je vous remercie infiniment, je vais enfin pouvoir surfer tranquillement sur internet. Merci, merci merci ^^
ah, bah j'ai fais les trois etapes de Lop mais est ce qu'il faut que je refasses les etapes 2 et 3 et que je envoie les rapport ou ce n'est pas la peine? j'ai parcouru ces rapport et dans SUPPRESSION il y avait pas mal de truc.
donc je vous donne le rapport du scan de hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 11:22:17, on 27/09/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Running processes:
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Goto Software\Vade Retro\Vaderetro_mgr.exe
D:\Windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Windows\ehome\ehtray.exe
G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe
G:\Program Files\Steam\Steam.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.exe
D:\Windows\ehome\ehmsas.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\Windows Sidebar\sidebar.exe
G:\Program Files\uTorrent\uTorrent.exe
D:\Windows\system32\sdclt.exe
G:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\Users\Theo\AppData\Local\Temp\Rar$EX00.609\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VadeRetro Outlook] D:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VadeRetro Desktop] D:\Program Files\Goto Software\Vade Retro\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "G:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - Startup: OpenOffice.org 2.4.lnk = G:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: d:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - D:\Program Files\Windows Live\Mail\mailcomm.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\Windows\system32\wpdshserviceobj.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\ad-aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - D:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - D:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (file missing)
donc je vous donne le rapport du scan de hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 11:22:17, on 27/09/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Running processes:
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Goto Software\Vade Retro\Vaderetro_mgr.exe
D:\Windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Windows\ehome\ehtray.exe
G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe
G:\Program Files\Steam\Steam.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.exe
D:\Windows\ehome\ehmsas.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\Windows Sidebar\sidebar.exe
G:\Program Files\uTorrent\uTorrent.exe
D:\Windows\system32\sdclt.exe
G:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\Users\Theo\AppData\Local\Temp\Rar$EX00.609\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VadeRetro Outlook] D:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VadeRetro Desktop] D:\Program Files\Goto Software\Vade Retro\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "G:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - Startup: OpenOffice.org 2.4.lnk = G:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: d:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - D:\Program Files\Windows Live\Mail\mailcomm.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\Windows\system32\wpdshserviceobj.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\ad-aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - D:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - D:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (file missing)
ta version hijack n est pas bonne...
>Télécharge HiJackThis : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
>Télécharge HiJackThis : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
le revoici avec hijackthis 2.0.2
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:41:10, on 27/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Goto Software\Vade Retro\Vaderetro_mgr.exe
D:\Windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Windows\ehome\ehtray.exe
G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe
G:\Program Files\Steam\Steam.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.exe
D:\Windows\ehome\ehmsas.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\Windows Sidebar\sidebar.exe
G:\Program Files\uTorrent\uTorrent.exe
D:\Windows\system32\sdclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Users\Theo\AppData\Local\Temp\Rar$EX00.609\HijackThis.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\Windows Live\Messenger\msvs.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VadeRetro Outlook] D:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VadeRetro Desktop] D:\Program Files\Goto Software\Vade Retro\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "G:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-527237240-842925246-725345543-1005\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Alexis')
O4 - HKUS\S-1-5-21-527237240-842925246-725345543-1005\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Alexis')
O4 - S-1-5-21-527237240-842925246-725345543-1005 Startup: OpenOffice.org 2.4.lnk = D:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Alexis')
O4 - Startup: OpenOffice.org 2.4.lnk = G:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\ad-aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - D:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - D:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - D:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - D:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:41:10, on 27/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Goto Software\Vade Retro\Vaderetro_mgr.exe
D:\Windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Windows\ehome\ehtray.exe
G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe
G:\Program Files\Steam\Steam.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.exe
D:\Windows\ehome\ehmsas.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\Windows Sidebar\sidebar.exe
G:\Program Files\uTorrent\uTorrent.exe
D:\Windows\system32\sdclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Users\Theo\AppData\Local\Temp\Rar$EX00.609\HijackThis.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\Windows Live\Messenger\msvs.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VadeRetro Outlook] D:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VadeRetro Desktop] D:\Program Files\Goto Software\Vade Retro\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "G:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-527237240-842925246-725345543-1005\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Alexis')
O4 - HKUS\S-1-5-21-527237240-842925246-725345543-1005\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Alexis')
O4 - S-1-5-21-527237240-842925246-725345543-1005 Startup: OpenOffice.org 2.4.lnk = D:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Alexis')
O4 - Startup: OpenOffice.org 2.4.lnk = G:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\xdogcat.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\ad-aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - D:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - D:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - D:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - D:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
bah depuis que 'ai fait les 3etape de LOP SD selon vos instruction je n'ai plus eu une seule pub CID mais depuis quelque temp j'avais aussi remarquer un ralentissement mais je vais faire des analyse avec avira antivir et adaware Ccleaner etc
Bonsoir,
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Bonsoir Archet
Tu peut en occuper ,c'est pas un problème pour moi,car je suis pas trés souvent sur le forum en ce moment,je suis fatiguer et un peu trop pris professionnellement.
Tu peut en occuper ,c'est pas un problème pour moi,car je suis pas trés souvent sur le forum en ce moment,je suis fatiguer et un peu trop pris professionnellement.
Attend c'est pas fini
Tu as pas posté le rapport de l'option 2
et aussi poster un nouveau rapport hijackthis stp
Tu as pas posté le rapport de l'option 2
et aussi poster un nouveau rapport hijackthis stp
Bonjour
peut tu me dire c'est quoi xdogcat, car ton problème de ralentissement pourrai venir peut être de xdogcat.dll .
Pour le supprimer tu télécharge LSPfix
https://www.01net.com/telecharger/windows/Utilitaire/reseau/fiches/33379.html
* Lance LSPfix
* Déconnecte-toi d'Internet et ferme toutes les fenêtres d'Internet Explorer.
* Coche la case "I know what I'm doing"
* Sélectionne toutes les instances des dll suivantes (s'il y en a, sinon ferme LSPfix) :
xdogcat.dll
* fait passer du panneau gauche "keep"
au panneau de droite "Remove"
en sélectionnant la ligne et en cliquant sur le >> (double chevron) qui se trouve entre les deux panneaux.
Clique sur le bouton "Finish".
(Si elles sont déjà dans le panneau "Remove" alors clique directement sur le bouton "Finish"
peut tu me dire c'est quoi xdogcat, car ton problème de ralentissement pourrai venir peut être de xdogcat.dll .
Pour le supprimer tu télécharge LSPfix
https://www.01net.com/telecharger/windows/Utilitaire/reseau/fiches/33379.html
* Lance LSPfix
* Déconnecte-toi d'Internet et ferme toutes les fenêtres d'Internet Explorer.
* Coche la case "I know what I'm doing"
* Sélectionne toutes les instances des dll suivantes (s'il y en a, sinon ferme LSPfix) :
xdogcat.dll
* fait passer du panneau gauche "keep"
au panneau de droite "Remove"
en sélectionnant la ligne et en cliquant sur le >> (double chevron) qui se trouve entre les deux panneaux.
Clique sur le bouton "Finish".
(Si elles sont déjà dans le panneau "Remove" alors clique directement sur le bouton "Finish"
tien
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:32, on 27/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Goto Software\Vade Retro\Vaderetro_mgr.exe
D:\Windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Windows\ehome\ehtray.exe
G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe
G:\Program Files\Steam\Steam.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.exe
D:\Windows\ehome\ehmsas.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\Windows Sidebar\sidebar.exe
G:\Program Files\uTorrent\uTorrent.exe
D:\Windows\system32\sdclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VadeRetro Outlook] D:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VadeRetro Desktop] D:\Program Files\Goto Software\Vade Retro\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "G:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-527237240-842925246-725345543-1005\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Alexis')
O4 - HKUS\S-1-5-21-527237240-842925246-725345543-1005\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Alexis')
O4 - S-1-5-21-527237240-842925246-725345543-1005 Startup: OpenOffice.org 2.4.lnk = D:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Alexis')
O4 - Startup: OpenOffice.org 2.4.lnk = G:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\ad-aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - D:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - D:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - D:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - D:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:32, on 27/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Goto Software\Vade Retro\Vaderetro_mgr.exe
D:\Windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Windows\ehome\ehtray.exe
G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe
G:\Program Files\Steam\Steam.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.exe
D:\Windows\ehome\ehmsas.exe
G:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\Windows Sidebar\sidebar.exe
G:\Program Files\uTorrent\uTorrent.exe
D:\Windows\system32\sdclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VadeRetro Outlook] D:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VadeRetro Desktop] D:\Program Files\Goto Software\Vade Retro\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "D:\Users\Theo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "G:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-527237240-842925246-725345543-1005\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Alexis')
O4 - HKUS\S-1-5-21-527237240-842925246-725345543-1005\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Alexis')
O4 - S-1-5-21-527237240-842925246-725345543-1005 Startup: OpenOffice.org 2.4.lnk = D:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Alexis')
O4 - Startup: OpenOffice.org 2.4.lnk = G:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\ad-aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - D:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - D:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - D:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - D:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
Je vois que tu as bitdefender ,il vaut mieux avoir un seul antivirus par poste,
pour le reste ça a l'air d'aller.
Tu peut supprimer les outils de désinfection et faire un nettoyage avec Ccleaner
je te souhaite un bon week-end
A+
pour le reste ça a l'air d'aller.
Tu peut supprimer les outils de désinfection et faire un nettoyage avec Ccleaner
je te souhaite un bon week-end
A+
j'ai deux antivirus mais seulement avira antivir car depuis que j'ai fait la remise a niveau vers vista(il est ecrit sur la boite que c'est une licence valable pour trois pc normalement. Je l'ai installé que deux fois une premiere fois puis une autre fois apres un reformatage) bitdefender ne marche plus je les ai appelé je leur est envoyé des mails mais il ne m'ont jamais repondu. Vive le service après vente de bitdefender... donc je suis finalement passé a avira antivir la version gratuite.
je vous remercie pour le temp que vous m'avez consacré Gil le fantôme et Archet9 :=)
je vous remercie pour le temp que vous m'avez consacré Gil le fantôme et Archet9 :=)
bien a toi gil
reprend le log LOP s&d
et lance l etape 2
a+