Sujet Précédent Sujet Suivant

Besoin avis d'expert

Fermé
christine - 25 oct. 2008 à 15:06
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 4 nov. 2008 à 20:23
Bonjour, depuis un certain temps, mon PC est lent, j'ai donc suivi les instruction de la méthode préliminaire de désinfection, j'ai désormais besoin de l'avis d'un expert.
Je n'ai pas pu scanner avec bitdefeder, la mise à jours n'as pas pu s'effectuer.
Merci d'avance de vous occuper de moi.

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 14:35:08 25/10/2008

+ Résultat de l'analyse:



HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Adware.Altnet : Nettoyé.
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Adware.Altnet : Nettoyé.
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Adware.Altnet : Nettoyé.
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Adware.Altnet : Nettoyé.
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Nettoyé.
C:\Program Files\Block Checker -> Adware.BlockChecker : Nettoyé.
HKU\S-1-5-21-1844237615-2000478354-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB} -> Adware.Generic : Nettoyé.
HKU\S-1-5-21-1844237615-2000478354-1801674531-1003\Software\egdhtml -> Dialer.Generic : Nettoyé.
C:\Program Files\Instant Access\Multi\20060725230748\instant access.exe -> Dialer.InstantAccess.m : Nettoyé.
C:\WINDOWS\system32\procia.exe -> Dialer.InstantAccess.m : Nettoyé.


Fin du rapport




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:00:26, on 25/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {4D1C4E89-A32A-416B-BCDB-33B3EF3617D3} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] D:\doc\cedric\ANTISP~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\doc\remi\msn\MsgPlus.exe"
O4 - HKLM\..\Run: [SA] C:\Program Files\Logitech\QuickCam\SA3.EXE
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\doc\remi\msn\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm414YYFR
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Transfert par Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {75D2080B-4857-4B96-9B7D-732634FBD01F} - http://activex.microsoft.com/objects/ocget.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\doc\cedric\anti spywar\antivirus\aswUpdSv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\doc\cedric\anti spywar\antivirus\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - D:\doc\cedric\anti spywar\antivirus\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\doc\cedric\anti spywar\antivirus\ashWebSv.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - D:\doc\cedric\anti spywar\Pare-feu\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
A voir également:

39 réponses

Précédent
  • 1
  • 2
Réponse 21 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
28 oct. 2008 à 12:56
Avast est installé ?
0
Réponse 22 / 39
christine
28 oct. 2008 à 14:06
ben je pensais qu'il y était, mais je ne le trouve pas.
Ne vaudrait-il pas mieux que j'installe antivir??
0
Réponse 23 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
28 oct. 2008 à 14:10
Oui puis tu me refais un rapport HijackThis.
0
Réponse 24 / 39
christine
28 oct. 2008 à 14:30
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:29:21, on 28/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {4D1C4E89-A32A-416B-BCDB-33B3EF3617D3} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] D:\doc\cedric\ANTISP~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\doc\remi\msn\MsgPlus.exe"
O4 - HKLM\..\Run: [SA] C:\Program Files\Logitech\QuickCam\SA3.EXE
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\doc\remi\msn\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Transfert par Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {75D2080B-4857-4B96-9B7D-732634FBD01F} - http://activex.microsoft.com/objects/ocget.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\doc\cedric\anti spywar\antivirus\aswUpdSv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\doc\cedric\anti spywar\antivirus\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - D:\doc\cedric\anti spywar\antivirus\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\doc\cedric\anti spywar\antivirus\ashWebSv.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - D:\doc\cedric\anti spywar\Pare-feu\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
28 oct. 2008 à 14:31
---> Mets à jour Internet Explorer :
http://www.microsoft.com/downloads/details.aspx?FamilyId=9AE91EBE-3385-447C-8A30-081805B2F90B&displaylang=fr

---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp

---> Relance HijackThis et choisis Do a system scan only

---> Coche les cases qui sont devant les lignes suivantes :

O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)

O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)

O3 - Toolbar: (no name) - {4D1C4E89-A32A-416B-BCDB-33B3EF3617D3} - (no file)

O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\doc\cedric\anti spywar\antivirus\aswUpdSv.exe (file missing)

O23 - Service: avast! Antivirus - Unknown owner - D:\doc\cedric\anti spywar\antivirus\ashServ.exe (file missing)

O23 - Service: avast! Mail Scanner - Unknown owner - D:\doc\cedric\anti spywar\antivirus\ashMaiSv.exe (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - D:\doc\cedric\anti spywar\antivirus\ashWebSv.exe (file missing)

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - D:\doc\cedric\anti spywar\Pare-feu\Personal Firewall 4\kpf4ss.exe (file missing)

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Redémarre ton PC et poste un nouveau rapport HijackThis.
0
Réponse 26 / 39
christine
29 oct. 2008 à 18:04
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:03:22, on 29/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\system32\HPZipm12.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [avast!] D:\doc\cedric\ANTISP~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\doc\remi\msn\MsgPlus.exe"
O4 - HKLM\..\Run: [SA] C:\Program Files\Logitech\QuickCam\SA3.EXE
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\doc\remi\msn\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Transfert par Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {75D2080B-4857-4B96-9B7D-732634FBD01F} - http://activex.microsoft.com/objects/ocget.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\doc\cedric\anti spywar\antivirus\aswUpdSv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - D:\doc\cedric\anti spywar\Pare-feu\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 27 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 oct. 2008 à 18:09
---> Menu Démarrer > Exécuter > Tape cmd et presse Entrée.

---> Dans la fenêtre noire, tape sc delete aswUpdSv et presse Entrée.

---> Recommence avec sc delete KPF4 et presse Entrée.

---> Poste un nouveau rapport HijackThis.
0
Réponse 28 / 39
christine
29 oct. 2008 à 18:34
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:58, on 29/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [avast!] D:\doc\cedric\ANTISP~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\doc\remi\msn\MsgPlus.exe"
O4 - HKLM\..\Run: [SA] C:\Program Files\Logitech\QuickCam\SA3.EXE
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\doc\remi\msn\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Transfert par Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {75D2080B-4857-4B96-9B7D-732634FBD01F} - http://activex.microsoft.com/objects/ocget.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 29 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 oct. 2008 à 18:40
Ton PC va bien ?

Fais un scan avec AVG Anti-Spyware.
0
Réponse 30 / 39
christine
29 oct. 2008 à 19:51
je suis en train de scanner, antivir vient de trouver TR/Dldr.Swizzor.DV - Trojan, je fait deny access?
0
Réponse 31 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 oct. 2008 à 20:15
Delete et poste le rapport.
0
Réponse 32 / 39
christine
29 oct. 2008 à 21:11
je delete mais il y en as vraiment beaucoup, j'en suis à 30 à peu pret, je continue?
0
Réponse 33 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 oct. 2008 à 21:45
Oui, il faut faire le tri.
0
Réponse 34 / 39
christine
2 nov. 2008 à 19:34
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 19:33:18 02/11/2008

+ Résultat de l'analyse:



C:\Documents and Settings\User\Cookies\user@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\User\Cookies\user@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\User\Cookies\user@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\User\Cookies\user@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\User\Cookies\user@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.


Fin du rapport
0
Réponse 35 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
2 nov. 2008 à 19:55
---> Télécharge Lop S&D sur ton Bureau.
---> Double-clique dessus pour lancer l'installation.
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
---> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
---> Patiente jusqu'à la fin du scan.
---> Poste le rapport généré (C:\lopR.txt).
0
Réponse 36 / 39
christine
4 nov. 2008 à 19:28
--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.66GHz )
BIOS : Default System BIOS
USER : User ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.6.731 [VPS 0546-3] 4.6.731 (Not Activated)
Firewall : Kerio Personal Firewall 4.2.2 T (Not Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:0 Go)
D:\ (USB) - FAT - Total:979 Mo (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
H:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 03/11/2008|20:50 )

--------------------\\ Listing des dossiers dans APPLIC~1

[29/07/2007|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/05/2006|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/01/2007|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[28/10/2008|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[15/12/2006|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[30/08/2005|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[20/10/2006|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[07/04/2007|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[07/04/2007|01:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[29/03/2006|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FOURTHIRDBOWSBOLD
[25/10/2008|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[15/07/2008|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[29/10/2008|23:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[07/04/2007|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[15/04/2006|17:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lovethecoolhide
[18/10/2008|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[25/10/2008|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[18/12/2005|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[14/02/2007|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/02/2007|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[17/01/2007|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
[29/10/2008|23:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[06/05/2005|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[23/11/2005|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[15/07/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[13/02/2006|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[15/02/2007|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[23/11/2005|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[05/03/2006|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/01/2006|07:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[05/05/2005|13:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[05/05/2005|13:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[05/05/2005|13:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[29/03/2006|13:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[13/07/2008|09:40] C:\DOCUME~1\User\APPLIC~1\Adobe
[07/10/2007|14:55] C:\DOCUME~1\User\APPLIC~1\AdobeUM
[28/02/2006|08:21] C:\DOCUME~1\User\APPLIC~1\Ahead
[12/01/2007|16:58] C:\DOCUME~1\User\APPLIC~1\Apple Computer
[18/10/2008|12:58] C:\DOCUME~1\User\APPLIC~1\ATI
[15/11/2006|21:49] C:\DOCUME~1\User\APPLIC~1\Azureus
[08/04/2006|01:02] C:\DOCUME~1\User\APPLIC~1\Block Checker
[07/02/2007|19:32] C:\DOCUME~1\User\APPLIC~1\ConvertTemp
[30/08/2005|18:20] C:\DOCUME~1\User\APPLIC~1\Creative
[20/10/2006|18:40] C:\DOCUME~1\User\APPLIC~1\DassaultSystemes
[10/05/2006|15:11] C:\DOCUME~1\User\APPLIC~1\DeepBurner
[21/12/2006|13:36] C:\DOCUME~1\User\APPLIC~1\Dev-Cpp
[05/05/2006|22:31] C:\DOCUME~1\User\APPLIC~1\Droppix
[14/12/2005|19:39] C:\DOCUME~1\User\APPLIC~1\Google
[08/04/2006|12:13] C:\DOCUME~1\User\APPLIC~1\GreyThatBook
[25/10/2008|12:09] C:\DOCUME~1\User\APPLIC~1\Grisoft
[13/11/2005|22:25] C:\DOCUME~1\User\APPLIC~1\Help
[15/07/2008|18:52] C:\DOCUME~1\User\APPLIC~1\HP
[05/05/2005|14:03] C:\DOCUME~1\User\APPLIC~1\Identities
[05/05/2005|15:06] C:\DOCUME~1\User\APPLIC~1\InterTrust
[14/02/2007|21:24] C:\DOCUME~1\User\APPLIC~1\Lavasoft
[04/02/2006|10:23] C:\DOCUME~1\User\APPLIC~1\Leadertech
[06/05/2005|21:05] C:\DOCUME~1\User\APPLIC~1\Macromedia
[25/10/2008|18:40] C:\DOCUME~1\User\APPLIC~1\Malwarebytes
[15/04/2006|17:08] C:\DOCUME~1\User\APPLIC~1\memodownloadthe
[28/06/2008|11:51] C:\DOCUME~1\User\APPLIC~1\Microgaming
[26/08/2008|20:41] C:\DOCUME~1\User\APPLIC~1\Microsoft
[06/05/2005|07:34] C:\DOCUME~1\User\APPLIC~1\Microsoft Web Folders
[06/04/2006|17:52] C:\DOCUME~1\User\APPLIC~1\Mozilla
[30/10/2008|01:20] C:\DOCUME~1\User\APPLIC~1\Nokia
[30/10/2008|01:30] C:\DOCUME~1\User\APPLIC~1\Nokia Multimedia Player
[30/08/2005|13:25] C:\DOCUME~1\User\APPLIC~1\OD2
[18/02/2007|13:00] C:\DOCUME~1\User\APPLIC~1\OLYMPUS
[25/10/2008|11:55] C:\DOCUME~1\User\APPLIC~1\OpenOffice.org2
[30/10/2008|02:20] C:\DOCUME~1\User\APPLIC~1\PC Suite
[04/06/2006|17:16] C:\DOCUME~1\User\APPLIC~1\Real
[07/02/2007|19:32] C:\DOCUME~1\User\APPLIC~1\Samsung
[09/07/2005|18:42] C:\DOCUME~1\User\APPLIC~1\Shareaza
[13/02/2006|20:12] C:\DOCUME~1\User\APPLIC~1\Sony Corporation
[18/07/2005|17:33] C:\DOCUME~1\User\APPLIC~1\Sun
[15/02/2007|13:05] C:\DOCUME~1\User\APPLIC~1\Symantec
[06/04/2006|17:58] C:\DOCUME~1\User\APPLIC~1\Talkback
[07/02/2007|19:32] C:\DOCUME~1\User\APPLIC~1\Temporary
[07/02/2007|19:32] C:\DOCUME~1\User\APPLIC~1\TransRender
[23/11/2005|18:39] C:\DOCUME~1\User\APPLIC~1\Ulead Systems
[20/10/2006|14:26] C:\DOCUME~1\User\APPLIC~1\vlc

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[03/11/2008 12:01][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ MsgPlus SPONSOR INSTALLED !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"
"SponsorInstalled"=dword:00000001


--------------------\\ Listing des dossiers dans C:\Program Files

[23/01/2006|21:43] C:\Program Files\Adobe
[10/02/2007|21:21] C:\Program Files\Ahead
[02/10/2005|17:51] C:\Program Files\AIPTEK
[06/05/2005|22:37] C:\Program Files\Alsyd
[05/05/2005|15:05] C:\Program Files\Analog Devices
[06/01/2007|12:05] C:\Program Files\Apple Software Update
[03/06/2008|10:39] C:\Program Files\ATI Multimedia
[18/10/2008|12:42] C:\Program Files\ATI Technologies
[28/10/2008|14:15] C:\Program Files\Avira
[19/02/2006|12:08] C:\Program Files\AviSynth 2.5
[29/03/2007|18:04] C:\Program Files\BitTorrent
[15/12/2006|16:52] C:\Program Files\BoontyGames
[25/10/2008|11:55] C:\Program Files\CCleaner
[03/06/2008|09:57] C:\Program Files\C-Media 3D Audio
[11/11/2005|23:36] C:\Program Files\common files
[30/08/2005|11:45] C:\Program Files\Creative
[29/10/2008|23:38] C:\Program Files\DIFX
[08/10/2005|11:27] C:\Program Files\directx
[07/04/2007|01:47] C:\Program Files\Droppix
[07/04/2007|01:42] C:\Program Files\DVD Shrink
[03/01/2007|14:03] C:\Program Files\EuroPoker Tournament Director's Poker Clock
[29/10/2008|23:39] C:\Program Files\Fichiers communs
[28/08/2008|15:24] C:\Program Files\Free.fr
[18/10/2008|12:10] C:\Program Files\Google
[23/03/2006|22:11] C:\Program Files\GreyThatBook
[25/10/2008|12:08] C:\Program Files\Grisoft
[02/11/2008|15:07] C:\Program Files\GV AbsoluCasino
[15/07/2008|18:41] C:\Program Files\Hewlett-Packard
[15/07/2008|18:51] C:\Program Files\HP
[05/05/2006|22:30] C:\Program Files\illiminable
[09/09/2006|16:20] C:\Program Files\INSA
[18/10/2008|12:40] C:\Program Files\InstallShield Installation Information
[05/05/2005|14:08] C:\Program Files\Intel
[29/10/2008|15:50] C:\Program Files\Internet Explorer
[06/01/2007|12:12] C:\Program Files\iPod
[14/01/2007|15:14] C:\Program Files\iTunes
[29/10/2008|17:38] C:\Program Files\Java
[14/08/2005|16:18] C:\Program Files\lecture
[26/12/2006|00:30] C:\Program Files\Livesex6
[24/01/2006|12:26] C:\Program Files\Logitech
[20/09/2005|12:03] C:\Program Files\Ludiclub
[18/10/2008|12:25] C:\Program Files\ma-config.com
[05/01/2006|01:19] C:\Program Files\Macrogaming
[25/10/2008|18:40] C:\Program Files\Malwarebytes' Anti-Malware
[04/08/2005|02:23] C:\Program Files\Matroska Playback Pack
[06/05/2005|07:34] C:\Program Files\microsoft frontpage
[19/02/2007|17:07] C:\Program Files\Microsoft IntelliPoint
[24/01/2006|12:27] C:\Program Files\Microsoft NetShow
[10/12/2006|12:41] C:\Program Files\Microsoft Office
[06/05/2005|07:37] C:\Program Files\Microsoft Visual Studio
[27/11/2005|18:37] C:\Program Files\Movie Maker
[03/11/2008|17:06] C:\Program Files\Mozilla Firefox
[04/10/2006|16:29] C:\Program Files\mrbookmakerfrMPP
[05/05/2005|13:51] C:\Program Files\MSN Gaming Zone
[25/10/2008|17:57] C:\Program Files\MSN Messenger
[30/08/2005|11:53] C:\Program Files\Music Manager
[25/10/2008|17:37] C:\Program Files\Navilog1
[25/01/2006|18:20] C:\Program Files\Nero
[31/05/2006|16:26] C:\Program Files\NetMeeting
[29/10/2008|23:39] C:\Program Files\Nokia
[31/01/2006|22:17] C:\Program Files\Norton AntiVirus
[09/07/2005|19:42] C:\Program Files\Norton AntiVirus 2005 - Fr
[18/02/2007|12:54] C:\Program Files\OLYMPUS
[11/07/2006|14:25] C:\Program Files\OpenOffice.org 2.0
[05/05/2005|15:25] C:\Program Files\Outlook Express
[29/10/2008|23:37] C:\Program Files\PC Connectivity Solution
[06/05/2005|22:38] C:\Program Files\PDF-XChange SDK EndUser
[18/02/2007|12:51] C:\Program Files\PIXELA
[06/01/2007|12:09] C:\Program Files\QuickTime
[05/05/2006|14:15] C:\Program Files\RALINK
[24/09/2005|08:10] C:\Program Files\Real
[07/02/2007|19:23] C:\Program Files\Samsung
[05/05/2005|13:54] C:\Program Files\Services en ligne
[23/11/2005|18:24] C:\Program Files\SmartSound Software
[13/02/2006|20:09] C:\Program Files\Sony
[15/02/2007|13:05] C:\Program Files\Symantec
[23/07/2007|08:44] C:\Program Files\UnibetpokerMPP
[05/05/2005|14:03] C:\Program Files\Uninstall Information
[15/01/2007|19:18] C:\Program Files\VIM
[31/10/2005|14:29] C:\Program Files\vso
[23/11/2005|18:20] C:\Program Files\Windows Media Components
[24/01/2006|12:28] C:\Program Files\Windows Media Player
[05/05/2005|15:25] C:\Program Files\Windows NT
[06/05/2005|17:34] C:\Program Files\WindowsUpdate
[13/09/2005|12:40] C:\Program Files\WinRAR
[22/02/2007|13:28] C:\Program Files\WordBiz
[05/05/2005|13:57] C:\Program Files\xerox
[23/01/2006|21:40] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[23/09/2005|16:20] C:\Program Files\Fichiers communs\3DO Shared
[12/01/2007|17:17] C:\Program Files\Fichiers communs\Adobe
[26/02/2006|14:23] C:\Program Files\Fichiers communs\Ahead
[15/12/2006|16:38] C:\Program Files\Fichiers communs\BOONTY Shared
[20/10/2006|18:43] C:\Program Files\Fichiers communs\Designer
[07/04/2007|01:48] C:\Program Files\Fichiers communs\Droppix
[15/07/2008|18:40] C:\Program Files\Fichiers communs\Hewlett-Packard
[15/07/2008|18:46] C:\Program Files\Fichiers communs\HP
[23/11/2005|18:18] C:\Program Files\Fichiers communs\InstallShield
[07/05/2005|05:47] C:\Program Files\Fichiers communs\Java
[07/04/2007|01:47] C:\Program Files\Fichiers communs\LightScribe
[24/01/2006|12:26] C:\Program Files\Fichiers communs\Logitech
[07/02/2007|16:34] C:\Program Files\Fichiers communs\Microsoft Shared
[05/05/2005|13:52] C:\Program Files\Fichiers communs\MSSoap
[29/10/2008|23:39] C:\Program Files\Fichiers communs\Nokia
[05/05/2005|14:38] C:\Program Files\Fichiers communs\ODBC
[29/10/2008|23:39] C:\Program Files\Fichiers communs\PCSuite
[03/06/2008|10:39] C:\Program Files\Fichiers communs\Ravisent Shared
[24/09/2005|08:10] C:\Program Files\Fichiers communs\Real
[05/05/2005|13:52] C:\Program Files\Fichiers communs\Services
[15/07/2008|18:47] C:\Program Files\Fichiers communs\Sonic Shared
[13/02/2006|20:11] C:\Program Files\Fichiers communs\Sony Shared
[05/05/2005|14:38] C:\Program Files\Fichiers communs\SpeechEngines
[15/02/2007|13:05] C:\Program Files\Fichiers communs\Symantec Shared
[31/05/2006|15:26] C:\Program Files\Fichiers communs\Synacast
[06/05/2005|07:36] C:\Program Files\Fichiers communs\System
[23/11/2005|18:25] C:\Program Files\Fichiers communs\Ulead Systems
[24/09/2005|08:10] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 49 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-03 21:00:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 9

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:91][D:11]-> C:\DOCUME~1\User\LOCALS~1\Temp
[F:27][D:0]-> C:\DOCUME~1\User\Cookies
[F:2147][D:4]-> C:\DOCUME~1\User\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 03/11/2008|21:13 - Option : [1]

--------------------\\ Fin du rapport a 21:13:06
0
Réponse 37 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
4 nov. 2008 à 19:57
Antivir a trouvé TR/Dldr.Swizzor.DV à quel endroit ?
0
Réponse 38 / 39
christine
4 nov. 2008 à 20:21
'C:\System Volume Information\_restore{67646475-FF27-49D7-9370-FCF516C63AFE}\RP756\A0222103.exe.
0
Réponse 39 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
4 nov. 2008 à 20:23
Tu es infecté par Lop, j'ai contacté le créateur de Lop S&D.

J'aurai une réponse dans les prochains jours.
0

Discussions similaires

musique du générique des experts miami
gg44 -
Min -

21 réponses
La chanson du générique des experts miami
Anais -
coco -

3 réponses
Musique de fin Experts Miami Saison 9 épisode 1
Caro1976 -
Caro1976 -

4 réponses
Arnaque ou pas ? Le Spécialiste casino télégram
Noah06 -
bazfile -

4 réponses
Anagramme
Aztek33 -
Tilk54 -

27 réponses