Comment enlever Adware.404

Teseka Messages postés 17 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
Est ce que qn peut m'aider à me débarasser de Adware E404 et Worm .VB.AQT j'ai déjà essayé a-squared et HIJACKTHIS rien ne marche. J'ai toujours une sorte d'alerte en triangle jaune qui indique que mon ordi est infecté par PSW.x-VIR spyware . Désespérée. Voila le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:36, on 29/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\WINDOWS\system32\lxdicoms.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Applications\wcs.exe
C:\Program Files\Applications\wcm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\ABBYY Lingvo 12\Lvagent.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Defenza\pcd-as.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\algg.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Microsoft Encarta\Encarta World English Dictionary 2001\QSHLFED.EXE
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = https://laptopadviser.com/malware-removal/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://laptopadviser.com/malware-removal/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://laptopadviser.com/malware-removal/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://laptopadviser.com/malware-removal/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://laptopadviser.com/malware-removal/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: 768890 helper - {446EF370-1987-49DB-AAFF-8EC680903F7A} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - (no file)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MAgent] C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe -CU
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [wblogon] C:\WINDOWS\system32\algg.exe
O4 - HKLM\..\Policies\Explorer\Run: [smile] C:\Program Files\Applications\wcs.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Applications\iebtm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quick Shelf.lnk = ?
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: Ïîèñê@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/SEARCH.HTM
O8 - Extra context menu item: Ñëîâàðè@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/TRANSLATE.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 18162 bytes
Configuration: Windows XP
Internet Explorer 7.0

18 réponses

  1. Utilisateur anonyme
     
    bonsoir

    Télécharges ToolBar S&D ( de Eric_71 ) :
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

    ( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )

    !! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

    * double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
    * Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
    * Choisis l'option 1 ( "recherche") et tapes "entrée" .
    * Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
    de son contenu dans ta prochaine réponse ...
    ( le rapport est en outre sauvegardé ici -> C:\TB.txt )
    0
    1. Teseka Messages postés 17 Statut Membre
       
      Bonjour, et merci de ta réponse mais je pense que j'ai réussi de me débarassé de tous ces infections en utilisant Malwarebytes et Ccleaner, voila quand meme le rapport , c'est bon?

      -----------\\ ToolBar S&D 1.2.1 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
      X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
      BIOS : Ver 1.00PARTTBL
      USER : Natalia Lyapina ( Administrator )
      BOOT : Normal boot
      Antivirus : Norton Internet Security 2006 2006 (Activated)
      Firewall : Norton Internet Security 2006 2006 (Activated)
      C:\ (Local Disk) - NTFS - Total : 66 Go Free : 38 Go
      D:\ (Local Disk) - FAT32 - Total : 7 Go Free : 1 Go
      E:\ (CD or DVD)

      "C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
      Option : [1] ( 30/09/2008|13:00 )

      -----------\\ Recherche de Fichiers / Dossiers ...

      C:\DOCUME~1\NATALI~1\LOCALS~1\Temp\ICD1.tmp

      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
      "Search Page"="https://laptopadviser.com/malware-removal/"
      "Search Bar"="https://laptopadviser.com/malware-removal/"
      "SearchMigratedDefaultURL"="https://laptopadviser.com/malware-removal/{searchTerms}"
      "Start Page"="https://www.free.fr/freebox/index.html"
      "Default_Search_URL"="https://laptopadviser.com/malware-removal/"
      "Url"="http://www.microsoft.com/athome/community/rss.xml"
      "Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
      "Url"="http://www.microsoft.com/atwork/community/rss.xml"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !


      1 - "C:\ToolBar SD\TB_1.txt" - 30/09/2008|13:02 - Option : [1]

      -----------\\ Fin du rapport a 13:02:27,90
      -1
  2. Utilisateur anonyme
     
    re

    relance ToolBar S&D fait option 2

    poste un nouveau hijackthis stp et si tu avait le rapport de MBAM cela m'intéresse aussi
    0
    1. Teseka Messages postés 17 Statut Membre
       
      Salut, voila les rapports

      -----------\\ ToolBar S&D 1.2.1 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
      X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
      BIOS : Ver 1.00PARTTBL
      USER : Natalia Lyapina ( Administrator )
      BOOT : Normal boot
      Antivirus : Norton Internet Security 2006 2006 (Activated)
      Firewall : Norton Internet Security 2006 2006 (Activated)
      C:\ (Local Disk) - NTFS - Total : 66 Go Free : 38 Go
      D:\ (Local Disk) - FAT32 - Total : 7 Go Free : 1 Go
      E:\ (CD or DVD)

      "C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
      Option : [2] ( 30/09/2008|14:52 )

      -----------\\ SUPPRESSION

      Supprime! - C:\DOCUME~1\NATALI~1\LOCALS~1\Temp\ICD1.tmp

      -----------\\ Recherche de Fichiers / Dossiers ...


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
      "Search Page"="https://laptopadviser.com/malware-removal/"
      "Search Bar"="https://laptopadviser.com/malware-removal/"
      "SearchMigratedDefaultURL"="https://laptopadviser.com/malware-removal/{searchTerms}"
      "Start Page"="https://www.free.fr/freebox/index.html"
      "Default_Search_URL"="https://laptopadviser.com/malware-removal/"
      "Url"="http://www.microsoft.com/athome/community/rss.xml"
      "Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
      "Url"="http://www.microsoft.com/atwork/community/rss.xml"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Start Page"="https://www.msn.com/fr-fr/"


      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !


      1 - "C:\ToolBar SD\TB_1.txt" - 30/09/2008|13:02 - Option : [1]
      2 - "C:\ToolBar SD\TB_2.txt" - 30/09/2008|14:54 - Option : [2]

      -----------\\ Fin du rapport a 14:54:26,54


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 14:57:00, on 30/09/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16705)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\PC Tools Firewall Plus\FWService.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\a-squared Free\a2service.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
      C:\WINDOWS\system32\lxdicoms.exe
      c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\Spyware Doctor\pctsAuxs.exe
      C:\Program Files\Spyware Doctor\pctsSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\HP\QuickPlay\QPService.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\Program Files\ABBYY Lingvo 12\Lvagent.exe
      C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      C:\Program Files\Spyware Doctor\pctsTray.exe
      C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
      C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\Microsoft ActiveSync\wcescomm.exe
      C:\PROGRA~1\MICROS~4\rapimgr.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      C:\Program Files\Microsoft Encarta\Encarta World English Dictionary 2001\QSHLFED.EXE
      C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Skype\Plugin Manager\SkypePM.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\Magent.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://laptopadviser.com/malware-removal/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://laptopadviser.com/malware-removal/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: 768890 helper - {446EF370-1987-49DB-AAFF-8EC680903F7A} - (no file)
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
      O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - (no file)
      O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
      O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
      O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
      O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
      O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
      O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
      O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
      O4 - HKCU\..\Run: [MAgent] C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe -CU
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: Quick Shelf.lnk = ?
      O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O8 - Extra context menu item: Ïîèñê@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/SEARCH.HTM
      O8 - Extra context menu item: Ñëîâàðè@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/TRANSLATE.HTM
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
      O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
      O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
      O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
      O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      -1
    2. Teseka Messages postés 17 Statut Membre
       
      Salut, voila les rapports

      -----------\\ ToolBar S&D 1.2.1 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
      X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
      BIOS : Ver 1.00PARTTBL
      USER : Natalia Lyapina ( Administrator )
      BOOT : Normal boot
      Antivirus : Norton Internet Security 2006 2006 (Activated)
      Firewall : Norton Internet Security 2006 2006 (Activated)
      C:\ (Local Disk) - NTFS - Total : 66 Go Free : 38 Go
      D:\ (Local Disk) - FAT32 - Total : 7 Go Free : 1 Go
      E:\ (CD or DVD)

      "C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
      Option : [2] ( 30/09/2008|14:52 )

      -----------\\ SUPPRESSION

      Supprime! - C:\DOCUME~1\NATALI~1\LOCALS~1\Temp\ICD1.tmp

      -----------\\ Recherche de Fichiers / Dossiers ...


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
      "Search Page"="https://laptopadviser.com/malware-removal/"
      "Search Bar"="https://laptopadviser.com/malware-removal/"
      "SearchMigratedDefaultURL"="https://laptopadviser.com/malware-removal/{searchTerms}"
      "Start Page"="https://www.free.fr/freebox/index.html"
      "Default_Search_URL"="https://laptopadviser.com/malware-removal/"
      "Url"="http://www.microsoft.com/athome/community/rss.xml"
      "Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
      "Url"="http://www.microsoft.com/atwork/community/rss.xml"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Start Page"="https://www.msn.com/fr-fr/"


      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !


      1 - "C:\ToolBar SD\TB_1.txt" - 30/09/2008|13:02 - Option : [1]
      2 - "C:\ToolBar SD\TB_2.txt" - 30/09/2008|14:54 - Option : [2]

      -----------\\ Fin du rapport a 14:54:26,54


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 14:57:00, on 30/09/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16705)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\PC Tools Firewall Plus\FWService.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\a-squared Free\a2service.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
      C:\WINDOWS\system32\lxdicoms.exe
      c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\Spyware Doctor\pctsAuxs.exe
      C:\Program Files\Spyware Doctor\pctsSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\HP\QuickPlay\QPService.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\Program Files\ABBYY Lingvo 12\Lvagent.exe
      C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      C:\Program Files\Spyware Doctor\pctsTray.exe
      C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
      C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\Microsoft ActiveSync\wcescomm.exe
      C:\PROGRA~1\MICROS~4\rapimgr.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      C:\Program Files\Microsoft Encarta\Encarta World English Dictionary 2001\QSHLFED.EXE
      C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Skype\Plugin Manager\SkypePM.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\Magent.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://laptopadviser.com/malware-removal/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://laptopadviser.com/malware-removal/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: 768890 helper - {446EF370-1987-49DB-AAFF-8EC680903F7A} - (no file)
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
      O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - (no file)
      O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
      O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
      O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
      O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
      O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
      O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
      O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
      O4 - HKCU\..\Run: [MAgent] C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe -CU
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: Quick Shelf.lnk = ?
      O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O8 - Extra context menu item: Ïîèñê@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/SEARCH.HTM
      O8 - Extra context menu item: Ñëîâàðè@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/TRANSLATE.HTM
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
      O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
      O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
      O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
      O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      -1
    3. Teseka Messages postés 17 Statut Membre
       
      Concernant MBAM, j'ai fait scan 2fois le premier rapport je ne trouve pas, le deuxieme le voila
      Malwarebytes' Anti-Malware 1.28
      Version de la base de données: 1134
      Windows 5.1.2600 Service Pack 2

      29/09/2008 23:22:54
      mbam-log-2008-09-29 (23-22-48).txt

      Type de recherche: Examen complet (C:\|D:\|)
      Eléments examinés: 131874
      Temps écoulé: 41 minute(s), 24 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 3
      Valeur(s) du Registre infectée(s): 7
      Elément(s) de données du Registre infecté(s): 1
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 14

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> No action taken.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> No action taken.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

      Valeur(s) du Registre infectée(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\magent (Trojan.Downloader) -> No action taken.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> No action taken.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wblogon (Trojan.Zlob) -> No action taken.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\start (Trojan.Zlob) -> No action taken.

      Elément(s) de données du Registre infecté(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      C:\WINDOWS\system32\768890\768890.dll (Trojan.BHO) -> No action taken.
      C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> No action taken.
      C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> No action taken.
      C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> No action taken.
      C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> No action taken.
      C:\Program Files\Applications\ot.ico (Trojan.Zlob) -> No action taken.
      C:\Program Files\Applications\ts.ico (Trojan.Zlob) -> No action taken.
      C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> No action taken.
      C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> No action taken.
      C:\Program Files\Applications\wcu.exe (Trojan.Zlob) -> No action taken.
      C:\WINDOWS\system32\algg.exe (Trojan.Zlob) -> No action taken.
      C:\WINDOWS\system32\MSx.cpl (Rogue.MSAntivirus) -> No action taken.
      C:\Documents and Settings\Natalia Lyapina\Local Settings\Temp\xrg1.exe (Trojan.Zlob) -> No action taken.
      C:\Documents and Settings\Natalia Lyapina\Favoris\Antivirus Scan.url (Rogue.Link) -> No action taken.
      -1
  3. Sloubi76 Messages postés 20 Date d'inscription   Statut Membre Dernière intervention   136
     
    Teseka,

    Fais un clic droit sur ce lien :
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le blocnote.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

    @ +
    -1
  4. Utilisateur anonyme
     
    tu connais ce programme

    O4 - HKCU\..\Run: [MAgent] C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe -CU
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      OUI c'est pour communiquer en russe
      -1
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    pour MBAM va dans quarantaine et supprime tout stp
    -1
  7. stephane_mc2004 Messages postés 807 Statut Membre 96
     
    Ok
    -1
  8. Teseka Messages postés 17 Statut Membre
     
    MBAM quarantaine j'ai déjà supprimé, merci
    -1
  9. Utilisateur anonyme
     
    ok vu

    ensuite

    prend ce lien

    https://sites.google.com/site/eric71mespages/lop.sd.exe

    et fait l'option 1 ensuite poste le rapport
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      Voila le rapport

      --------------------\\ Lop S&D 4.2.4-4 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
      X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
      BIOS : Ver 1.00PARTTBL
      USER : Natalia Lyapina ( Administrator )
      BOOT : Normal boot
      Antivirus : Norton Internet Security 2006 2006 (Activated)
      Firewall : Norton Internet Security 2006 2006 (Not Activated)
      C:\ (Local Disk) - NTFS - Total : 66 Go Free : 38 Go
      D:\ (Local Disk) - FAT32 - Total : 7 Go Free : 1 Go
      E:\ (CD or DVD)

      "C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
      Option : [1] ( 30/09/2008|18:07 )

      --------------------\\ Listing des dossiers dans APPLIC~1

      [19/09/2008|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
      [05/04/2007|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ABBYY
      [27/08/2008|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [13/09/2007|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
      [13/09/2007|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
      [05/03/2007|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
      [25/08/2007|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
      [11/05/2006|02:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
      [15/09/2007|17:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
      [12/01/2007|00:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
      [30/09/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
      [11/05/2006|02:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
      [11/05/2006|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
      [24/03/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
      [29/09/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
      [18/08/2008|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [11/05/2006|02:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
      [11/05/2006|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
      [29/08/2007|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
      [11/05/2006|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
      [31/10/2007|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
      [11/05/2006|03:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
      [30/09/2008|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
      [12/09/2006|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

      [12/06/2008|12:41] C:\DOCUME~1\Bernard\APPLIC~1\Adobe
      [09/09/2006|21:54] C:\DOCUME~1\Bernard\APPLIC~1\AdobeUM
      [05/10/2007|21:41] C:\DOCUME~1\Bernard\APPLIC~1\Apple Computer
      [19/08/2007|17:09] C:\DOCUME~1\Bernard\APPLIC~1\ArcSoft
      [10/12/2006|17:20] C:\DOCUME~1\Bernard\APPLIC~1\CyberLink
      [23/11/2007|17:28] C:\DOCUME~1\Bernard\APPLIC~1\DivX
      [29/09/2007|12:04] C:\DOCUME~1\Bernard\APPLIC~1\FaxCtr
      [29/11/2006|18:44] C:\DOCUME~1\Bernard\APPLIC~1\Google
      [27/11/2006|10:45] C:\DOCUME~1\Bernard\APPLIC~1\HP
      [11/05/2006|10:35] C:\DOCUME~1\Bernard\APPLIC~1\Identities
      [27/03/2008|10:54] C:\DOCUME~1\Bernard\APPLIC~1\Lexmark Productivity Studio
      [08/09/2006|13:50] C:\DOCUME~1\Bernard\APPLIC~1\Macromedia
      [23/11/2007|17:28] C:\DOCUME~1\Bernard\APPLIC~1\Media Player Classic
      [12/08/2008|13:52] C:\DOCUME~1\Bernard\APPLIC~1\Microsoft
      [06/04/2008|22:23] C:\DOCUME~1\Bernard\APPLIC~1\Mra
      [18/03/2008|14:51] C:\DOCUME~1\Bernard\APPLIC~1\PCToolsFirewallPlus
      [06/04/2008|00:22] C:\DOCUME~1\Bernard\APPLIC~1\Skype
      [29/09/2006|12:43] C:\DOCUME~1\Bernard\APPLIC~1\Sonic
      [30/11/2007|23:52] C:\DOCUME~1\Bernard\APPLIC~1\Sony Corporation
      [14/09/2006|00:00] C:\DOCUME~1\Bernard\APPLIC~1\Sun
      [11/05/2006|03:08] C:\DOCUME~1\Bernard\APPLIC~1\Symantec
      [16/05/2007|23:43] C:\DOCUME~1\Bernard\APPLIC~1\Teleca

      [11/05/2006|10:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
      [11/05/2006|02:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
      [11/05/2006|03:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

      [17/12/2007|14:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
      [11/05/2006|02:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

      [29/08/2008|11:20] C:\DOCUME~1\NATALI~1\APPLIC~1\Adobe
      [10/06/2008|11:57] C:\DOCUME~1\NATALI~1\APPLIC~1\AdobeUM
      [07/04/2008|16:51] C:\DOCUME~1\NATALI~1\APPLIC~1\Apple Computer
      [05/03/2007|17:37] C:\DOCUME~1\NATALI~1\APPLIC~1\ArcSoft
      [06/09/2006|16:47] C:\DOCUME~1\NATALI~1\APPLIC~1\CyberLink
      [16/09/2007|10:53] C:\DOCUME~1\NATALI~1\APPLIC~1\FaxCtr
      [27/08/2008|16:02] C:\DOCUME~1\NATALI~1\APPLIC~1\Google
      [14/09/2006|15:50] C:\DOCUME~1\NATALI~1\APPLIC~1\Help
      [06/09/2006|16:47] C:\DOCUME~1\NATALI~1\APPLIC~1\HP
      [11/05/2006|10:35] C:\DOCUME~1\NATALI~1\APPLIC~1\Identities
      [04/09/2006|20:11] C:\DOCUME~1\NATALI~1\APPLIC~1\Leadertech
      [10/06/2008|11:42] C:\DOCUME~1\NATALI~1\APPLIC~1\Lexmark Productivity Studio
      [08/09/2006|14:36] C:\DOCUME~1\NATALI~1\APPLIC~1\Macromedia
      [03/12/2006|22:00] C:\DOCUME~1\NATALI~1\APPLIC~1\Mail.Ru
      [29/09/2008|22:14] C:\DOCUME~1\NATALI~1\APPLIC~1\Malwarebytes
      [11/10/2007|12:07] C:\DOCUME~1\NATALI~1\APPLIC~1\Media Player Classic
      [08/09/2008|22:25] C:\DOCUME~1\NATALI~1\APPLIC~1\Microsoft
      [03/12/2006|22:01] C:\DOCUME~1\NATALI~1\APPLIC~1\Mra
      [17/03/2008|19:43] C:\DOCUME~1\NATALI~1\APPLIC~1\PC Tools
      [18/03/2008|11:28] C:\DOCUME~1\NATALI~1\APPLIC~1\PCToolsFirewallPlus
      [30/09/2008|18:07] C:\DOCUME~1\NATALI~1\APPLIC~1\Skype
      [30/09/2008|16:00] C:\DOCUME~1\NATALI~1\APPLIC~1\skypePM
      [14/09/2006|16:32] C:\DOCUME~1\NATALI~1\APPLIC~1\Sonic
      [31/10/2007|19:39] C:\DOCUME~1\NATALI~1\APPLIC~1\Sony Corporation
      [12/09/2006|20:14] C:\DOCUME~1\NATALI~1\APPLIC~1\Sun
      [11/05/2006|03:08] C:\DOCUME~1\NATALI~1\APPLIC~1\Symantec
      [10/05/2007|16:12] C:\DOCUME~1\NATALI~1\APPLIC~1\Teleca
      [17/12/2006|14:09] C:\DOCUME~1\NATALI~1\APPLIC~1\Template

      [11/07/2007|11:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [28/08/2008 11:38][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
      [05/09/2008 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complŠte du systŠme - Natalia Lyapina.job
      [30/09/2008 09:37][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [05/08/2004 23:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

      --------------------\\ Listing des dossiers dans C:\Program Files

      [15/09/2007|17:00] C:\Program Files\Abbyy FineReader 6.0 Sprint
      [05/04/2007|20:48] C:\Program Files\ABBYY Lingvo 12
      [29/08/2008|11:23] C:\Program Files\Adobe
      [14/09/2006|16:06] C:\Program Files\ahead
      [28/08/2008|11:40] C:\Program Files\Apple Software Update
      [29/09/2008|13:45] C:\Program Files\Applications
      [07/09/2006|18:53] C:\Program Files\ArcSoft
      [29/09/2008|19:55] C:\Program Files\a-squared Free
      [19/09/2008|10:57] C:\Program Files\Bonjour
      [07/09/2006|18:49] C:\Program Files\Canon
      [29/09/2008|21:36] C:\Program Files\CCleaner
      [11/05/2006|03:33] C:\Program Files\CONEXANT
      [29/09/2008|20:07] C:\Program Files\Defenza
      [03/07/2007|18:22] C:\Program Files\Disc2Phone
      [06/02/2008|19:20] C:\Program Files\DVD X Player 4.0 Professionnel
      [29/09/2008|14:58] C:\Program Files\Exterminate It!
      [24/03/2008|00:11] C:\Program Files\Fichiers communs
      [28/02/2008|21:47] C:\Program Files\Free
      [27/08/2008|16:09] C:\Program Files\Google
      [03/03/2007|20:01] C:\Program Files\Hercules
      [11/05/2006|03:18] C:\Program Files\Hewlett-Packard
      [11/05/2006|03:01] C:\Program Files\Hp
      [06/02/2008|19:20] C:\Program Files\HPQ
      [28/09/2008|13:20] C:\Program Files\InstallShield Installation Information
      [11/05/2006|02:45] C:\Program Files\Intel
      [13/08/2008|18:57] C:\Program Files\Internet Explorer
      [19/09/2008|10:58] C:\Program Files\iPod
      [19/09/2008|10:59] C:\Program Files\iTunes
      [25/08/2007|18:11] C:\Program Files\IVT Corporation
      [18/08/2008|21:01] C:\Program Files\Java
      [11/10/2007|12:05] C:\Program Files\K-Lite Codec Pack
      [10/06/2008|11:36] C:\Program Files\Lexmark 3500-4500 Series
      [17/01/2008|17:05] C:\Program Files\Lexmark 3500-4500 Series(2)
      [10/06/2008|12:02] C:\Program Files\Lexmark Fax Solutions
      [10/06/2008|11:46] C:\Program Files\Lexmark Toolbar
      [28/09/2008|02:50] C:\Program Files\Mail.Ru
      [29/09/2008|22:14] C:\Program Files\Malwarebytes' Anti-Malware
      [28/09/2008|01:32] C:\Program Files\Messenger
      [03/08/2008|19:35] C:\Program Files\Microsoft ActiveSync
      [08/09/2008|22:22] C:\Program Files\Microsoft Encarta
      [11/05/2006|10:35] C:\Program Files\microsoft frontpage
      [14/09/2007|15:48] C:\Program Files\Microsoft Interactive Training
      [07/09/2006|17:16] C:\Program Files\Microsoft Office
      [11/05/2006|02:55] C:\Program Files\Microsoft Works
      [28/09/2008|01:28] C:\Program Files\Movie Maker
      [03/12/2006|20:47] C:\Program Files\MP3 Player Utilities 3.11
      [03/12/2006|21:26] C:\Program Files\MP3 Player Utilities 3.68
      [14/09/2006|16:17] C:\Program Files\MSN
      [11/05/2006|10:35] C:\Program Files\MSN Gaming Zone
      [28/09/2008|01:28] C:\Program Files\NetMeeting
      [11/05/2006|03:32] C:\Program Files\NetWaiting
      [08/10/2007|10:33] C:\Program Files\Norton Internet Security
      [11/05/2006|10:35] C:\Program Files\Online Services
      [28/09/2008|01:29] C:\Program Files\Outlook Express
      [08/08/2008|16:53] C:\Program Files\PC Tools Firewall Plus
      [29/10/2007|19:00] C:\Program Files\PhotoBox
      [19/09/2008|10:56] C:\Program Files\QuickTime
      [03/08/2008|19:35] C:\Program Files\Ressources Windows Mobile
      [28/08/2008|11:36] C:\Program Files\Safari
      [11/05/2006|03:09] C:\Program Files\Services en ligne
      [29/08/2007|17:16] C:\Program Files\Skype
      [19/11/2006|15:49] C:\Program Files\Solo8
      [31/10/2007|19:31] C:\Program Files\Sonic
      [31/10/2007|19:26] C:\Program Files\Sony
      [29/09/2008|14:24] C:\Program Files\Spyware Doctor
      [18/08/2008|21:01] C:\Program Files\Sun
      [10/01/2007|18:45] C:\Program Files\Symantec
      [11/05/2006|02:56] C:\Program Files\Synaptics
      [29/09/2008|20:33] C:\Program Files\Trend Micro
      [01/02/2007|18:39] C:\Program Files\TurnTool
      [03/03/2007|19:15] C:\Program Files\WIDCOMM
      [07/12/2006|17:56] C:\Program Files\Windows Media Connect 2
      [28/09/2008|01:29] C:\Program Files\Windows Media Player
      [28/09/2008|01:29] C:\Program Files\Windows NT
      [11/05/2006|10:35] C:\Program Files\xerox

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [27/08/2008|16:42] C:\Program Files\Fichiers communs\Adobe
      [04/09/2006|20:18] C:\Program Files\Fichiers communs\AOL
      [13/09/2007|12:13] C:\Program Files\Fichiers communs\Apple
      [03/03/2007|20:03] C:\Program Files\Fichiers communs\ArcSoft
      [07/09/2006|17:16] C:\Program Files\Fichiers communs\Designer
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\HP
      [11/05/2006|02:52] C:\Program Files\Fichiers communs\InstallShield
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\Java
      [11/05/2006|03:18] C:\Program Files\Fichiers communs\LightScribe
      [08/09/2008|22:22] C:\Program Files\Fichiers communs\Microsoft Shared
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\MSSoap
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\ODBC
      [18/03/2008|11:24] C:\Program Files\Fichiers communs\PC Tools
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\Services
      [28/02/2008|14:12] C:\Program Files\Fichiers communs\Skype
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\Sonic Shared
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\SpeechEngines
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\SureThing Shared
      [30/09/2008|12:51] C:\Program Files\Fichiers communs\Symantec Shared
      [28/09/2008|01:28] C:\Program Files\Fichiers communs\System
      [10/09/2007|18:13] C:\Program Files\Fichiers communs\Teleca Shared
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\TiVo Shared

      --------------------\\ Process

      ( 78 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      C:\DOCUME~1\NATALI~1\LOCALS~1\Temp\NS0S6B2F.emf

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-09-30 18:10:00
      Windows 5.1.2600 Service Pack 2 NTFS
      detected NTDLL code modification:
      ZwClose
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 0

      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !

      [F:2664][D:75]-> C:\DOCUME~1\NATALI~1\LOCALS~1\Temp
      [F:46][D:0]-> C:\DOCUME~1\NATALI~1\Cookies
      [F:1588][D:4]-> C:\DOCUME~1\NATALI~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 30/09/2008|18:11 - Option : [1]

      --------------------\\ Fin du rapport a 18:11:33
      -1
  10. Utilisateur anonyme
     
    relance Lop SD et fait option 2
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      C'est fait

      --------------------\\ Lop S&D 4.2.4-4 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
      BIOS : Ver 1.00PARTTBL
      USER : Natalia Lyapina ( Administrator )
      BOOT : Normal boot
      Antivirus : Norton Internet Security 2006 2006 (Activated)
      Firewall : Norton Internet Security 2006 2006 (Activated)
      C:\ (Local Disk) - NTFS - Total : 66 Go Free : 37 Go
      D:\ (Local Disk) - FAT32 - Total : 7 Go Free : 1 Go
      E:\ (CD or DVD)

      "C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
      Option : [2] ( 01/10/2008|12:10 )


      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

      Supprime! - C:\DOCUME~1\NATALI~1\LOCALS~1\Temp\NS0S6B2F.emf

      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


      --------------------\\ Listing des dossiers dans APPLIC~1

      [19/09/2008|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
      [05/04/2007|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ABBYY
      [27/08/2008|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [13/09/2007|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
      [13/09/2007|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
      [05/03/2007|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
      [25/08/2007|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
      [11/05/2006|02:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
      [15/09/2007|17:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
      [12/01/2007|00:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
      [30/09/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
      [11/05/2006|02:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
      [11/05/2006|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
      [24/03/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
      [29/09/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
      [18/08/2008|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [11/05/2006|02:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
      [11/05/2006|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
      [29/08/2007|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
      [11/05/2006|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
      [31/10/2007|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
      [11/05/2006|03:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
      [01/10/2008|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
      [12/09/2006|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

      [12/06/2008|12:41] C:\DOCUME~1\Bernard\APPLIC~1\Adobe
      [09/09/2006|21:54] C:\DOCUME~1\Bernard\APPLIC~1\AdobeUM
      [05/10/2007|21:41] C:\DOCUME~1\Bernard\APPLIC~1\Apple Computer
      [19/08/2007|17:09] C:\DOCUME~1\Bernard\APPLIC~1\ArcSoft
      [10/12/2006|17:20] C:\DOCUME~1\Bernard\APPLIC~1\CyberLink
      [23/11/2007|17:28] C:\DOCUME~1\Bernard\APPLIC~1\DivX
      [29/09/2007|12:04] C:\DOCUME~1\Bernard\APPLIC~1\FaxCtr
      [29/11/2006|18:44] C:\DOCUME~1\Bernard\APPLIC~1\Google
      [27/11/2006|10:45] C:\DOCUME~1\Bernard\APPLIC~1\HP
      [11/05/2006|10:35] C:\DOCUME~1\Bernard\APPLIC~1\Identities
      [27/03/2008|10:54] C:\DOCUME~1\Bernard\APPLIC~1\Lexmark Productivity Studio
      [08/09/2006|13:50] C:\DOCUME~1\Bernard\APPLIC~1\Macromedia
      [23/11/2007|17:28] C:\DOCUME~1\Bernard\APPLIC~1\Media Player Classic
      [12/08/2008|13:52] C:\DOCUME~1\Bernard\APPLIC~1\Microsoft
      [06/04/2008|22:23] C:\DOCUME~1\Bernard\APPLIC~1\Mra
      [18/03/2008|14:51] C:\DOCUME~1\Bernard\APPLIC~1\PCToolsFirewallPlus
      [06/04/2008|00:22] C:\DOCUME~1\Bernard\APPLIC~1\Skype
      [29/09/2006|12:43] C:\DOCUME~1\Bernard\APPLIC~1\Sonic
      [30/11/2007|23:52] C:\DOCUME~1\Bernard\APPLIC~1\Sony Corporation
      [14/09/2006|00:00] C:\DOCUME~1\Bernard\APPLIC~1\Sun
      [11/05/2006|03:08] C:\DOCUME~1\Bernard\APPLIC~1\Symantec
      [16/05/2007|23:43] C:\DOCUME~1\Bernard\APPLIC~1\Teleca

      [11/05/2006|10:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
      [11/05/2006|02:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
      [11/05/2006|03:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

      [17/12/2007|14:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
      [11/05/2006|02:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

      [29/08/2008|11:20] C:\DOCUME~1\NATALI~1\APPLIC~1\Adobe
      [10/06/2008|11:57] C:\DOCUME~1\NATALI~1\APPLIC~1\AdobeUM
      [07/04/2008|16:51] C:\DOCUME~1\NATALI~1\APPLIC~1\Apple Computer
      [05/03/2007|17:37] C:\DOCUME~1\NATALI~1\APPLIC~1\ArcSoft
      [06/09/2006|16:47] C:\DOCUME~1\NATALI~1\APPLIC~1\CyberLink
      [16/09/2007|10:53] C:\DOCUME~1\NATALI~1\APPLIC~1\FaxCtr
      [27/08/2008|16:02] C:\DOCUME~1\NATALI~1\APPLIC~1\Google
      [14/09/2006|15:50] C:\DOCUME~1\NATALI~1\APPLIC~1\Help
      [06/09/2006|16:47] C:\DOCUME~1\NATALI~1\APPLIC~1\HP
      [11/05/2006|10:35] C:\DOCUME~1\NATALI~1\APPLIC~1\Identities
      [04/09/2006|20:11] C:\DOCUME~1\NATALI~1\APPLIC~1\Leadertech
      [10/06/2008|11:42] C:\DOCUME~1\NATALI~1\APPLIC~1\Lexmark Productivity Studio
      [08/09/2006|14:36] C:\DOCUME~1\NATALI~1\APPLIC~1\Macromedia
      [03/12/2006|22:00] C:\DOCUME~1\NATALI~1\APPLIC~1\Mail.Ru
      [29/09/2008|22:14] C:\DOCUME~1\NATALI~1\APPLIC~1\Malwarebytes
      [11/10/2007|12:07] C:\DOCUME~1\NATALI~1\APPLIC~1\Media Player Classic
      [08/09/2008|22:25] C:\DOCUME~1\NATALI~1\APPLIC~1\Microsoft
      [03/12/2006|22:01] C:\DOCUME~1\NATALI~1\APPLIC~1\Mra
      [17/03/2008|19:43] C:\DOCUME~1\NATALI~1\APPLIC~1\PC Tools
      [18/03/2008|11:28] C:\DOCUME~1\NATALI~1\APPLIC~1\PCToolsFirewallPlus
      [01/10/2008|11:56] C:\DOCUME~1\NATALI~1\APPLIC~1\Skype
      [01/10/2008|11:18] C:\DOCUME~1\NATALI~1\APPLIC~1\skypePM
      [14/09/2006|16:32] C:\DOCUME~1\NATALI~1\APPLIC~1\Sonic
      [31/10/2007|19:39] C:\DOCUME~1\NATALI~1\APPLIC~1\Sony Corporation
      [12/09/2006|20:14] C:\DOCUME~1\NATALI~1\APPLIC~1\Sun
      [11/05/2006|03:08] C:\DOCUME~1\NATALI~1\APPLIC~1\Symantec
      [10/05/2007|16:12] C:\DOCUME~1\NATALI~1\APPLIC~1\Teleca
      [17/12/2006|14:09] C:\DOCUME~1\NATALI~1\APPLIC~1\Template

      [11/07/2007|11:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [28/08/2008 11:38][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
      [05/09/2008 20:00][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complŠte du systŠme - Natalia Lyapina.job
      [01/10/2008 11:54][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [05/08/2004 23:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

      --------------------\\ Listing des dossiers dans C:\Program Files

      [15/09/2007|17:00] C:\Program Files\Abbyy FineReader 6.0 Sprint
      [05/04/2007|20:48] C:\Program Files\ABBYY Lingvo 12
      [29/08/2008|11:23] C:\Program Files\Adobe
      [14/09/2006|16:06] C:\Program Files\ahead
      [28/08/2008|11:40] C:\Program Files\Apple Software Update
      [29/09/2008|13:45] C:\Program Files\Applications
      [07/09/2006|18:53] C:\Program Files\ArcSoft
      [29/09/2008|19:55] C:\Program Files\a-squared Free
      [19/09/2008|10:57] C:\Program Files\Bonjour
      [07/09/2006|18:49] C:\Program Files\Canon
      [29/09/2008|21:36] C:\Program Files\CCleaner
      [11/05/2006|03:33] C:\Program Files\CONEXANT
      [29/09/2008|20:07] C:\Program Files\Defenza
      [03/07/2007|18:22] C:\Program Files\Disc2Phone
      [06/02/2008|19:20] C:\Program Files\DVD X Player 4.0 Professionnel
      [29/09/2008|14:58] C:\Program Files\Exterminate It!
      [24/03/2008|00:11] C:\Program Files\Fichiers communs
      [28/02/2008|21:47] C:\Program Files\Free
      [27/08/2008|16:09] C:\Program Files\Google
      [03/03/2007|20:01] C:\Program Files\Hercules
      [11/05/2006|03:18] C:\Program Files\Hewlett-Packard
      [11/05/2006|03:01] C:\Program Files\Hp
      [06/02/2008|19:20] C:\Program Files\HPQ
      [28/09/2008|13:20] C:\Program Files\InstallShield Installation Information
      [11/05/2006|02:45] C:\Program Files\Intel
      [13/08/2008|18:57] C:\Program Files\Internet Explorer
      [19/09/2008|10:58] C:\Program Files\iPod
      [19/09/2008|10:59] C:\Program Files\iTunes
      [25/08/2007|18:11] C:\Program Files\IVT Corporation
      [18/08/2008|21:01] C:\Program Files\Java
      [11/10/2007|12:05] C:\Program Files\K-Lite Codec Pack
      [10/06/2008|11:36] C:\Program Files\Lexmark 3500-4500 Series
      [17/01/2008|17:05] C:\Program Files\Lexmark 3500-4500 Series(2)
      [10/06/2008|12:02] C:\Program Files\Lexmark Fax Solutions
      [10/06/2008|11:46] C:\Program Files\Lexmark Toolbar
      [28/09/2008|02:50] C:\Program Files\Mail.Ru
      [29/09/2008|22:14] C:\Program Files\Malwarebytes' Anti-Malware
      [01/10/2008|11:53] C:\Program Files\Messenger
      [03/08/2008|19:35] C:\Program Files\Microsoft ActiveSync
      [08/09/2008|22:22] C:\Program Files\Microsoft Encarta
      [11/05/2006|10:35] C:\Program Files\microsoft frontpage
      [14/09/2007|15:48] C:\Program Files\Microsoft Interactive Training
      [07/09/2006|17:16] C:\Program Files\Microsoft Office
      [11/05/2006|02:55] C:\Program Files\Microsoft Works
      [01/10/2008|11:44] C:\Program Files\Movie Maker
      [03/12/2006|20:47] C:\Program Files\MP3 Player Utilities 3.11
      [03/12/2006|21:26] C:\Program Files\MP3 Player Utilities 3.68
      [14/09/2006|16:17] C:\Program Files\MSN
      [11/05/2006|10:35] C:\Program Files\MSN Gaming Zone
      [01/10/2008|11:38] C:\Program Files\NetMeeting
      [11/05/2006|03:32] C:\Program Files\NetWaiting
      [08/10/2007|10:33] C:\Program Files\Norton Internet Security
      [11/05/2006|10:35] C:\Program Files\Online Services
      [01/10/2008|11:53] C:\Program Files\Outlook Express
      [08/08/2008|16:53] C:\Program Files\PC Tools Firewall Plus
      [29/10/2007|19:00] C:\Program Files\PhotoBox
      [19/09/2008|10:56] C:\Program Files\QuickTime
      [03/08/2008|19:35] C:\Program Files\Ressources Windows Mobile
      [28/08/2008|11:36] C:\Program Files\Safari
      [11/05/2006|03:09] C:\Program Files\Services en ligne
      [29/08/2007|17:16] C:\Program Files\Skype
      [19/11/2006|15:49] C:\Program Files\Solo8
      [31/10/2007|19:31] C:\Program Files\Sonic
      [31/10/2007|19:26] C:\Program Files\Sony
      [01/10/2008|11:26] C:\Program Files\Spyware Doctor
      [18/08/2008|21:01] C:\Program Files\Sun
      [10/01/2007|18:45] C:\Program Files\Symantec
      [11/05/2006|02:56] C:\Program Files\Synaptics
      [29/09/2008|20:33] C:\Program Files\Trend Micro
      [01/02/2007|18:39] C:\Program Files\TurnTool
      [03/03/2007|19:15] C:\Program Files\WIDCOMM
      [07/12/2006|17:56] C:\Program Files\Windows Media Connect 2
      [01/10/2008|11:38] C:\Program Files\Windows Media Player
      [01/10/2008|11:38] C:\Program Files\Windows NT
      [11/05/2006|10:35] C:\Program Files\xerox

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [27/08/2008|16:42] C:\Program Files\Fichiers communs\Adobe
      [04/09/2006|20:18] C:\Program Files\Fichiers communs\AOL
      [13/09/2007|12:13] C:\Program Files\Fichiers communs\Apple
      [03/03/2007|20:03] C:\Program Files\Fichiers communs\ArcSoft
      [07/09/2006|17:16] C:\Program Files\Fichiers communs\Designer
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\HP
      [11/05/2006|02:52] C:\Program Files\Fichiers communs\InstallShield
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\Java
      [11/05/2006|03:18] C:\Program Files\Fichiers communs\LightScribe
      [08/09/2008|22:22] C:\Program Files\Fichiers communs\Microsoft Shared
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\MSSoap
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\ODBC
      [18/03/2008|11:24] C:\Program Files\Fichiers communs\PC Tools
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\Services
      [28/02/2008|14:12] C:\Program Files\Fichiers communs\Skype
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\Sonic Shared
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\SpeechEngines
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\SureThing Shared
      [01/10/2008|11:59] C:\Program Files\Fichiers communs\Symantec Shared
      [01/10/2008|11:53] C:\Program Files\Fichiers communs\System
      [10/09/2007|18:13] C:\Program Files\Fichiers communs\Teleca Shared
      [11/05/2006|10:35] C:\Program Files\Fichiers communs\TiVo Shared

      --------------------\\ Process

      ( 76 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-10-01 12:13:18
      Windows 5.1.2600 Service Pack 3 NTFS
      detected NTDLL code modification:
      ZwClose
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 0

      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !

      [F:2666][D:76]-> C:\DOCUME~1\NATALI~1\LOCALS~1\Temp
      [F:56][D:0]-> C:\DOCUME~1\NATALI~1\Cookies
      [F:34][D:4]-> C:\DOCUME~1\NATALI~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 30/09/2008|18:11 - Option : [1]
      2 - "C:\Lop SD\LopR_2.txt" - 01/10/2008|12:14 - Option : [2]

      --------------------\\ Fin du rapport a 12:14:57
      -1
  11. Utilisateur anonyme
     
    reposte un log hijackthis et dit moi comment va ton pc ?
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      Voila
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 13:32:58, on 01/10/2008
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16705)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\PC Tools Firewall Plus\FWService.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\a-squared Free\a2service.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
      C:\WINDOWS\system32\lxdicoms.exe
      C:\WINDOWS\Explorer.EXE
      c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\Spyware Doctor\pctsAuxs.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\HP\QuickPlay\QPService.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\Program Files\ABBYY Lingvo 12\Lvagent.exe
      C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
      C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\Microsoft ActiveSync\wcescomm.exe
      C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      C:\PROGRA~1\MICROS~4\rapimgr.exe
      C:\Program Files\Microsoft Encarta\Encarta World English Dictionary 2001\QSHLFED.EXE
      C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
      C:\Program Files\Skype\Plugin Manager\SkypePM.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
      C:\Program Files\iPod\bin\iPodService.exe
      C:\WINDOWS\System32\alg.exe
      C:\Program Files\Spyware Doctor\pctsSvc.exe
      C:\Program Files\Spyware Doctor\pctsTray.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://laptopadviser.com/malware-removal/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://laptopadviser.com/malware-removal/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: 768890 helper - {446EF370-1987-49DB-AAFF-8EC680903F7A} - (no file)
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
      O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - (no file)
      O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
      O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
      O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
      O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
      O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
      O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
      O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
      O4 - HKCU\..\Run: [MAgent] C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe -CU
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: Quick Shelf.lnk = ?
      O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O8 - Extra context menu item: Ïîèñê@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/SEARCH.HTM
      O8 - Extra context menu item: Ñëîâàðè@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/TRANSLATE.HTM
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
      O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
      O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
      O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
      O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      -1
  12. Utilisateur anonyme
     
    oui vu le nombre de programme qui ce lance au demarrage c'est pas etonnant je regarde et prepare un texte
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      merci
      -1
  13. Utilisateur anonyme
     
    bonjour

    desinstalle Spyware Doctor il ne serre a rien
    -1
  14. Utilisateur anonyme
     
    re

    relance hijackthis et fixe ces lignes

    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Quick Shelf.lnk = ?

    une fois fixé redemarre et reposte un nouveau log stp
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      C'est fait
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 15:13:03, on 02/10/2008
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16705)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\PC Tools Firewall Plus\FWService.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\a-squared Free\a2service.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
      C:\WINDOWS\system32\lxdicoms.exe
      c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\Spyware Doctor\pctsAuxs.exe
      C:\Program Files\Spyware Doctor\pctsSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Spyware Doctor\pctsTray.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\HP\QuickPlay\QPService.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\Program Files\ABBYY Lingvo 12\Lvagent.exe
      C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
      C:\Program Files\Microsoft ActiveSync\wcescomm.exe
      C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe
      C:\PROGRA~1\MICROS~4\rapimgr.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
      C:\Program Files\Skype\Plugin Manager\SkypePM.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://laptopadviser.com/malware-removal/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://laptopadviser.com/malware-removal/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: 768890 helper - {446EF370-1987-49DB-AAFF-8EC680903F7A} - (no file)
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
      O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - (no file)
      O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
      O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
      O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
      O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
      O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
      O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
      O4 - HKCU\..\Run: [MAgent] C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe -CU
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
      O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O8 - Extra context menu item: Ïîèñê@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/SEARCH.HTM
      O8 - Extra context menu item: Ñëîâàðè@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/TRANSLATE.HTM
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
      O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
      O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
      O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
      O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      -1
  15. Utilisateur anonyme
     
    plus d'infection en vu

    par contre il doit toujours etre aussi long au demarrage ?
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      T'as raison, il est assez lent, y a un moyen d' enlever qls programmes au démarrage sans les supprimer?
      Et merci pour ton aide avec les virus
      -1
  16. Utilisateur anonyme
     
    bonjour

    reposte un log hijackthis pour que l'on voit ce qui pourrait le faire mieux fonctionné
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      Bonjour,

      Voila un log
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 14:25:29, on 03/10/2008
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16705)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\PC Tools Firewall Plus\FWService.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\a-squared Free\a2service.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
      C:\WINDOWS\system32\lxdicoms.exe
      c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\Spyware Doctor\pctsAuxs.exe
      C:\Program Files\Spyware Doctor\pctsSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Spyware Doctor\pctsTray.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\HP\QuickPlay\QPService.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\Program Files\ABBYY Lingvo 12\Lvagent.exe
      C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
      C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\Microsoft ActiveSync\wcescomm.exe
      C:\PROGRA~1\MICROS~4\rapimgr.exe
      C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      c:\program files\fichiers communs\installshield\updateservice\isuspm.exe
      C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
      C:\Program Files\Skype\Plugin Manager\SkypePM.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://laptopadviser.com/malware-removal/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://laptopadviser.com/malware-removal/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: 768890 helper - {446EF370-1987-49DB-AAFF-8EC680903F7A} - (no file)
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
      O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - (no file)
      O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
      O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
      O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
      O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
      O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
      O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
      O4 - HKCU\..\Run: [MAgent] C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe -CU
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
      O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
      O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O8 - Extra context menu item: Ïîèñê@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/SEARCH.HTM
      O8 - Extra context menu item: Ñëîâàðè@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/TRANSLATE.HTM
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
      O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
      O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
      O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
      O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      -1
  17. Utilisateur anonyme
     
    re

    relance hijackthis et fixe ces lignes

    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    ensuite relance ton pc et reposte un log je vais voir deux ou trois trucs
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      Je l'ai fait mais ensuite il m'a fallut redemarrer 3fois l'ordi se bloquait au démarrage
      le dernier log
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 18:28:08, on 03/10/2008
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16705)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\PC Tools Firewall Plus\FWService.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\a-squared Free\a2service.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
      C:\WINDOWS\system32\lxdicoms.exe
      c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\Spyware Doctor\pctsAuxs.exe
      C:\Program Files\Spyware Doctor\pctsSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\HP\QuickPlay\QPService.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\Program Files\ABBYY Lingvo 12\Lvagent.exe
      C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
      C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
      C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Spyware Doctor\pctsTray.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Microsoft ActiveSync\wcescomm.exe
      C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\PROGRA~1\MICROS~4\rapimgr.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
      C:\Program Files\Skype\Plugin Manager\SkypePM.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://laptopadviser.com/malware-removal/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://laptopadviser.com/malware-removal/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://laptopadviser.com/malware-removal/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: 768890 helper - {446EF370-1987-49DB-AAFF-8EC680903F7A} - (no file)
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
      O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - (no file)
      O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
      O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
      O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
      O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
      O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
      O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
      O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
      O4 - HKCU\..\Run: [MAgent] C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\MAgent.exe -CU
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
      O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O8 - Extra context menu item: Ïîèñê@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/SEARCH.HTM
      O8 - Extra context menu item: Ñëîâàðè@Mail.Ru - res://C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll/TRANSLATE.HTM
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
      O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Documents and Settings\Natalia Lyapina\Application Data\Mail.Ru\Agent\magent.exe (HKCU)
      O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
      O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
      O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
      O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
      O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      -1
  18. Utilisateur anonyme
     
    et maintenant tout va bien ou pas ?
    -1
    1. Teseka Messages postés 17 Statut Membre
       
      Bonjour,
      Apres troisieme demarrage l'ordi s'est mis en marche normalement
      -1
  19. Utilisateur anonyme
     
    ok parfait

    * pour supprimer les outils/fix utilisés :

    Télécharge ToolsCleaner sur ton bureau.
    -->
    http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

    # Clique sur Recherche et laisse le scan agir ...
    # Clique sur Suppression pour finaliser.
    # Tu peux, si tu le souhaites, te servir des Options facultatives.
    # Clique sur Quitter pour obtenir le rapport.
    # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
    -1