Fenetre CiD qui n'arrete pas de s'ouvrir
Résolu/Fermé
Coco
-
17 août 2008 à 18:49
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 - 1 oct. 2008 à 20:33
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 - 1 oct. 2008 à 20:33
A voir également:
- Fenetre CiD qui n'arrete pas de s'ouvrir
- Ouvrir fichier .bin - Guide
- Comment ouvrir un fichier epub ? - Guide
- Ouvrir fichier rar - Guide
- Comment ouvrir un fichier docx ? - Guide
- Ouvrir winmail.dat - Guide
14 réponses
j'ai supprimé le sponsor et msn et les CiD sont toujours la! donc merci a toi remih78 pour ton aide mais ce n'est pas ca!
Je vais essayer la soluce de jfkpresident pour savoir si c est ca
Je vais essayer la soluce de jfkpresident pour savoir si c est ca
voila le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:13, on 17/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Orange\Player Orange\Orange Player.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Player Orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [1 eq] "C:\ProgramData\warn default default.otzbmc"
O4 - HKCU\..\Run: [warn default inter for] "C:\ProgramData\Bat Mode Hide.mrqzb"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cocotimy0.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:13, on 17/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Orange\Player Orange\Orange Player.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Player Orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [1 eq] "C:\ProgramData\warn default default.otzbmc"
O4 - HKCU\..\Run: [warn default inter for] "C:\ProgramData\Bat Mode Hide.mrqzb"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cocotimy0.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
Je pensais avoir bien désinstallé Norton avant d'installer l'antivirus orange!
Voila le rapport:
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : coco_niro ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 18/08/2008 | 6:40:08 ] [ PC : PC-DE-COCO_NIRO (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[25/11/2007|16:45] C:\Users\COCO_N~1\AppData\Local\Adobe
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Application Data
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\AtStart.txt
[19/04/2008|08:47] C:\Users\COCO_N~1\AppData\Local\Bitmanagement Software
[21/02/2008|15:26] C:\Users\COCO_N~1\AppData\Local\d3d9caps.dat
[28/07/2008|20:51] C:\Users\COCO_N~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\DSwitch.txt
[12/12/2007|23:46] C:\Users\COCO_N~1\AppData\Local\GDIPFONTCACHEV1.DAT
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\Google
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Historique
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\HP
[17/08/2008|22:48] C:\Users\COCO_N~1\AppData\Local\IconCache.db
[29/12/2007|12:43] C:\Users\COCO_N~1\AppData\Local\Iminent
[16/11/2007|09:42] C:\Users\COCO_N~1\AppData\Local\IsolatedStorage
[25/11/2007|03:20] C:\Users\COCO_N~1\AppData\Local\MessLive
[07/07/2008|06:42] C:\Users\COCO_N~1\AppData\Local\Microsoft
[20/11/2007|17:16] C:\Users\COCO_N~1\AppData\Local\Microsoft Games
[19/05/2008|18:04] C:\Users\COCO_N~1\AppData\Local\Mozilla
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\QSwitch.txt
[16/02/2008|13:44] C:\Users\COCO_N~1\AppData\Local\QuickPlay
[18/08/2008|06:37] C:\Users\COCO_N~1\AppData\Local\Temp
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Temporary Internet Files
[28/11/2007|23:30] C:\Users\COCO_N~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[18/08/2008 06:05][--a------] C:\Windows\tasks\Scheduled scanning task.job
[17/08/2008 20:36][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{DF42D40C-224E-4464-956E-761246259D3B}.job
[18/08/2008 06:05][--ah-----] C:\Windows\tasks\SA.DAT
[17/08/2008 22:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[18/05/2007|03:47] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/02/2008|09:48] C:\ProgramData\Adobe
[13/11/2007|17:41] C:\ProgramData\Application Data
[12/02/2008|20:58] C:\ProgramData\Azureus
[13/08/2008|00:16] C:\ProgramData\Bat Mode Hide.mrqzb
[13/11/2007|17:41] C:\ProgramData\Bureau
[26/11/2007|17:11] C:\ProgramData\CyberLink
[13/11/2007|17:41] C:\ProgramData\Documents
[13/11/2007|17:41] C:\ProgramData\Favoris
[15/07/2008|22:10] C:\ProgramData\F-Secure
[15/07/2008|22:07] C:\ProgramData\fssg
[18/05/2007|03:59] C:\ProgramData\Google
[18/05/2007|04:23] C:\ProgramData\Hewlett-Packard
[13/11/2007|19:56] C:\ProgramData\HP
[26/11/2007|18:38] C:\ProgramData\hpzinstall.log
[15/08/2008|04:32] C:\ProgramData\Knob Memo Locks
[13/11/2007|17:41] C:\ProgramData\Menu D‚marrer
[18/08/2008|06:06] C:\ProgramData\Messenger Plus!
[31/12/2007|09:28] C:\ProgramData\Microsoft
[14/08/2008|19:10] C:\ProgramData\Microsoft Help
[13/11/2007|17:41] C:\ProgramData\ModŠles
[18/05/2007|03:28] C:\ProgramData\Roxio
[18/05/2007|03:23] C:\ProgramData\Sonic
[03/01/2008|22:48] C:\ProgramData\Spybot - Search & Destroy
[12/08/2008|23:36] C:\ProgramData\SweetIM
[13/08/2008|00:16] C:\ProgramData\Time Dead Warn Default
[07/01/2008|02:42] C:\ProgramData\warn default default.326u5
[07/01/2008|00:53] C:\ProgramData\warn default default.6bshu4t
[04/01/2008|21:58] C:\ProgramData\warn default default.75czx
[07/01/2008|01:15] C:\ProgramData\warn default default.a5v6pmf
[07/01/2008|01:59] C:\ProgramData\warn default default.cw4k6jm
[26/12/2007|14:16] C:\ProgramData\warn default default.g3pxp1p
[07/01/2008|02:21] C:\ProgramData\warn default default.h1ewx
[07/01/2008|03:04] C:\ProgramData\warn default default.im0u3
[07/01/2008|00:31] C:\ProgramData\warn default default.iq7to
[06/01/2008|23:48] C:\ProgramData\warn default default.lfox83
[07/01/2008|03:26] C:\ProgramData\warn default default.ljyi0w
[04/01/2008|21:58] C:\ProgramData\warn default default.nlmpp
[13/08/2008|00:15] C:\ProgramData\warn default default.otzbmc
[07/01/2008|00:10] C:\ProgramData\warn default default.qjwy40w
[07/01/2008|01:37] C:\ProgramData\warn default default.t8xvij
[13/08/2008|00:15] C:\ProgramData\warn default default.w2vme
[17/08/2008|20:45] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[18/05/2007|03:47] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[01/07/2008|20:36] C:\Program Files\Adobe
[23/05/2008|17:40] C:\Program Files\Azureus
[19/04/2008|08:47] C:\Program Files\Bitmanagement Software
[23/05/2008|18:38] C:\Program Files\BitTyrant
[24/04/2008|10:15] C:\Program Files\Common Files
[02/07/2008|22:31] C:\Program Files\desktop.ini
[20/11/2007|17:49] C:\Program Files\directx
[18/05/2007|03:59] C:\Program Files\EasyBits
[13/11/2007|17:41] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[24/11/2007|17:59] C:\Program Files\Google
[18/05/2007|04:17] C:\Program Files\Hewlett-Packard
[26/11/2007|18:37] C:\Program Files\HP
[18/05/2007|04:06] C:\Program Files\HPQ
[15/11/2007|19:10] C:\Program Files\Illustrate
[13/08/2008|20:19] C:\Program Files\Iminent
[01/03/2008|11:03] C:\Program Files\InstallShield Installation Information
[18/05/2007|03:09] C:\Program Files\Intel
[02/07/2008|22:19] C:\Program Files\Internet Explorer
[20/04/2008|22:45] C:\Program Files\Java
[19/05/2008|19:00] C:\Program Files\LimeWire
[25/11/2007|09:00] C:\Program Files\Live-Prod
[15/11/2007|20:03] C:\Program Files\MatroskaProp
[17/08/2008|17:22] C:\Program Files\Messenger
[17/08/2008|21:19] C:\Program Files\Messenger Plus! Live
[26/11/2007|04:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/05/2007|03:45] C:\Program Files\Microsoft Office
[02/07/2008|19:22] C:\Program Files\Microsoft Silverlight
[29/11/2007|00:20] C:\Program Files\Microsoft SQL Server Compact Edition
[18/05/2007|03:46] C:\Program Files\Microsoft Works
[18/05/2007|03:45] C:\Program Files\Microsoft.NET
[18/05/2007|02:48] C:\Program Files\Motorola
[02/07/2008|22:19] C:\Program Files\Movie Maker
[26/07/2008|20:12] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[26/11/2007|04:04] C:\Program Files\MSXML 4.0
[01/02/2008|17:45] C:\Program Files\Orange
[25/02/2008|21:24] C:\Program Files\QuickTime
[18/02/2008|23:32] C:\Program Files\Real
[18/05/2007|04:04] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/05/2007|03:28] C:\Program Files\Roxio
[01/03/2008|11:03] C:\Program Files\SAGEM
[15/07/2008|22:37] C:\Program Files\Securitoo
[18/05/2007|04:00] C:\Program Files\Services en ligne
[12/12/2007|23:42] C:\Program Files\SP38015
[03/01/2008|22:49] C:\Program Files\Spybot - Search & Destroy
[18/05/2007|02:54] C:\Program Files\Synaptics
[17/08/2008|20:54] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[23/05/2008|21:02] C:\Program Files\uTorrent
[24/04/2008|10:15] C:\Program Files\Vodafone
[26/11/2007|20:28] C:\Program Files\Wanadoo
[02/07/2008|22:19] C:\Program Files\Windows Calendar
[02/07/2008|22:19] C:\Program Files\Windows Collaboration
[02/07/2008|22:19] C:\Program Files\Windows Defender
[02/07/2008|22:19] C:\Program Files\Windows Journal
[27/02/2008|16:47] C:\Program Files\Windows Live
[07/02/2008|22:09] C:\Program Files\Windows Live Toolbar
[14/08/2008|19:13] C:\Program Files\Windows Mail
[02/07/2008|22:19] C:\Program Files\Windows Media Player
[13/11/2007|17:41] C:\Program Files\Windows NT
[02/07/2008|22:19] C:\Program Files\Windows Photo Gallery
[02/07/2008|22:19] C:\Program Files\Windows Sidebar
[24/11/2007|18:22] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[10/02/2008|09:48] C:\Program Files\Common Files\Adobe
[18/05/2007|03:45] C:\Program Files\Common Files\DESIGNER
[26/11/2007|20:42] C:\Program Files\Common Files\France Telecom
[18/05/2007|03:57] C:\Program Files\Common Files\HP
[18/05/2007|04:04] C:\Program Files\Common Files\InstallShield
[18/05/2007|04:22] C:\Program Files\Common Files\Java
[18/05/2007|04:06] C:\Program Files\Common Files\LightScribe
[05/05/2008|17:46] C:\Program Files\Common Files\microsoft shared
[19/02/2008|15:23] C:\Program Files\Common Files\Real
[18/05/2007|03:27] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[18/05/2007|03:27] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/05/2007|03:28] C:\Program Files\Common Files\SureThing Shared
[18/08/2008|06:30] C:\Program Files\Common Files\Symantec Shared
[02/07/2008|22:19] C:\Program Files\Common Files\System
[24/11/2007|18:32] C:\Program Files\Common Files\WindowsLiveInstaller
[24/04/2008|10:15] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 85 Processus )
iexplore.exe ~ [PID:2244] ~ [Threads:14]
iexplore.exe ~ [PID:4428] ~ [Threads:5]
iexplore.exe ~ [PID:4452] ~ [Threads:36]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\Bat Mode Hide.mrqzb
C:\ProgramData\warn default default.326u5
C:\ProgramData\warn default default.75czx
C:\ProgramData\warn default default.h1ewx
C:\ProgramData\warn default default.im0u3
C:\ProgramData\warn default default.iq7to
C:\ProgramData\warn default default.nlmpp
C:\ProgramData\warn default default.w2vme
C:\ProgramData\warn default default.lfox83
C:\ProgramData\warn default default.ljyi0w
C:\ProgramData\warn default default.otzbmc
C:\ProgramData\warn default default.t8xvij
C:\ProgramData\warn default default.6bshu4t
C:\ProgramData\warn default default.a5v6pmf
C:\ProgramData\warn default default.cw4k6jm
C:\ProgramData\warn default default.g3pxp1p
C:\ProgramData\warn default default.qjwy40w
C:\Users\COCO_N~1\AppData\Local\Temp\bis9481.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Time Dead Warn Default
C:\ProgramData\Time Dead Warn Default\stupid third.exe
C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies\coco_niro@adopt.euroclick[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"warn default inter for"="\"C:\\ProgramData\\Bat Mode Hide.mrqzb\""
"1 eq"="\"C:\\ProgramData\\warn default default.otzbmc\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 06:40:51
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1498][D:43]-> C:\Users\COCO_N~1\AppData\Local\Temp
[F:214][D:1]-> C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:145][D:16]-> C:\Users\COCO_N~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:12][D:5]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 6:44:33,84
[ UAC => 1 ]
Voila le rapport:
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : coco_niro ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 18/08/2008 | 6:40:08 ] [ PC : PC-DE-COCO_NIRO (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[25/11/2007|16:45] C:\Users\COCO_N~1\AppData\Local\Adobe
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Application Data
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\AtStart.txt
[19/04/2008|08:47] C:\Users\COCO_N~1\AppData\Local\Bitmanagement Software
[21/02/2008|15:26] C:\Users\COCO_N~1\AppData\Local\d3d9caps.dat
[28/07/2008|20:51] C:\Users\COCO_N~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\DSwitch.txt
[12/12/2007|23:46] C:\Users\COCO_N~1\AppData\Local\GDIPFONTCACHEV1.DAT
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\Google
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Historique
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\HP
[17/08/2008|22:48] C:\Users\COCO_N~1\AppData\Local\IconCache.db
[29/12/2007|12:43] C:\Users\COCO_N~1\AppData\Local\Iminent
[16/11/2007|09:42] C:\Users\COCO_N~1\AppData\Local\IsolatedStorage
[25/11/2007|03:20] C:\Users\COCO_N~1\AppData\Local\MessLive
[07/07/2008|06:42] C:\Users\COCO_N~1\AppData\Local\Microsoft
[20/11/2007|17:16] C:\Users\COCO_N~1\AppData\Local\Microsoft Games
[19/05/2008|18:04] C:\Users\COCO_N~1\AppData\Local\Mozilla
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\QSwitch.txt
[16/02/2008|13:44] C:\Users\COCO_N~1\AppData\Local\QuickPlay
[18/08/2008|06:37] C:\Users\COCO_N~1\AppData\Local\Temp
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Temporary Internet Files
[28/11/2007|23:30] C:\Users\COCO_N~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[18/08/2008 06:05][--a------] C:\Windows\tasks\Scheduled scanning task.job
[17/08/2008 20:36][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{DF42D40C-224E-4464-956E-761246259D3B}.job
[18/08/2008 06:05][--ah-----] C:\Windows\tasks\SA.DAT
[17/08/2008 22:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[18/05/2007|03:47] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/02/2008|09:48] C:\ProgramData\Adobe
[13/11/2007|17:41] C:\ProgramData\Application Data
[12/02/2008|20:58] C:\ProgramData\Azureus
[13/08/2008|00:16] C:\ProgramData\Bat Mode Hide.mrqzb
[13/11/2007|17:41] C:\ProgramData\Bureau
[26/11/2007|17:11] C:\ProgramData\CyberLink
[13/11/2007|17:41] C:\ProgramData\Documents
[13/11/2007|17:41] C:\ProgramData\Favoris
[15/07/2008|22:10] C:\ProgramData\F-Secure
[15/07/2008|22:07] C:\ProgramData\fssg
[18/05/2007|03:59] C:\ProgramData\Google
[18/05/2007|04:23] C:\ProgramData\Hewlett-Packard
[13/11/2007|19:56] C:\ProgramData\HP
[26/11/2007|18:38] C:\ProgramData\hpzinstall.log
[15/08/2008|04:32] C:\ProgramData\Knob Memo Locks
[13/11/2007|17:41] C:\ProgramData\Menu D‚marrer
[18/08/2008|06:06] C:\ProgramData\Messenger Plus!
[31/12/2007|09:28] C:\ProgramData\Microsoft
[14/08/2008|19:10] C:\ProgramData\Microsoft Help
[13/11/2007|17:41] C:\ProgramData\ModŠles
[18/05/2007|03:28] C:\ProgramData\Roxio
[18/05/2007|03:23] C:\ProgramData\Sonic
[03/01/2008|22:48] C:\ProgramData\Spybot - Search & Destroy
[12/08/2008|23:36] C:\ProgramData\SweetIM
[13/08/2008|00:16] C:\ProgramData\Time Dead Warn Default
[07/01/2008|02:42] C:\ProgramData\warn default default.326u5
[07/01/2008|00:53] C:\ProgramData\warn default default.6bshu4t
[04/01/2008|21:58] C:\ProgramData\warn default default.75czx
[07/01/2008|01:15] C:\ProgramData\warn default default.a5v6pmf
[07/01/2008|01:59] C:\ProgramData\warn default default.cw4k6jm
[26/12/2007|14:16] C:\ProgramData\warn default default.g3pxp1p
[07/01/2008|02:21] C:\ProgramData\warn default default.h1ewx
[07/01/2008|03:04] C:\ProgramData\warn default default.im0u3
[07/01/2008|00:31] C:\ProgramData\warn default default.iq7to
[06/01/2008|23:48] C:\ProgramData\warn default default.lfox83
[07/01/2008|03:26] C:\ProgramData\warn default default.ljyi0w
[04/01/2008|21:58] C:\ProgramData\warn default default.nlmpp
[13/08/2008|00:15] C:\ProgramData\warn default default.otzbmc
[07/01/2008|00:10] C:\ProgramData\warn default default.qjwy40w
[07/01/2008|01:37] C:\ProgramData\warn default default.t8xvij
[13/08/2008|00:15] C:\ProgramData\warn default default.w2vme
[17/08/2008|20:45] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[18/05/2007|03:47] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[01/07/2008|20:36] C:\Program Files\Adobe
[23/05/2008|17:40] C:\Program Files\Azureus
[19/04/2008|08:47] C:\Program Files\Bitmanagement Software
[23/05/2008|18:38] C:\Program Files\BitTyrant
[24/04/2008|10:15] C:\Program Files\Common Files
[02/07/2008|22:31] C:\Program Files\desktop.ini
[20/11/2007|17:49] C:\Program Files\directx
[18/05/2007|03:59] C:\Program Files\EasyBits
[13/11/2007|17:41] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[24/11/2007|17:59] C:\Program Files\Google
[18/05/2007|04:17] C:\Program Files\Hewlett-Packard
[26/11/2007|18:37] C:\Program Files\HP
[18/05/2007|04:06] C:\Program Files\HPQ
[15/11/2007|19:10] C:\Program Files\Illustrate
[13/08/2008|20:19] C:\Program Files\Iminent
[01/03/2008|11:03] C:\Program Files\InstallShield Installation Information
[18/05/2007|03:09] C:\Program Files\Intel
[02/07/2008|22:19] C:\Program Files\Internet Explorer
[20/04/2008|22:45] C:\Program Files\Java
[19/05/2008|19:00] C:\Program Files\LimeWire
[25/11/2007|09:00] C:\Program Files\Live-Prod
[15/11/2007|20:03] C:\Program Files\MatroskaProp
[17/08/2008|17:22] C:\Program Files\Messenger
[17/08/2008|21:19] C:\Program Files\Messenger Plus! Live
[26/11/2007|04:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/05/2007|03:45] C:\Program Files\Microsoft Office
[02/07/2008|19:22] C:\Program Files\Microsoft Silverlight
[29/11/2007|00:20] C:\Program Files\Microsoft SQL Server Compact Edition
[18/05/2007|03:46] C:\Program Files\Microsoft Works
[18/05/2007|03:45] C:\Program Files\Microsoft.NET
[18/05/2007|02:48] C:\Program Files\Motorola
[02/07/2008|22:19] C:\Program Files\Movie Maker
[26/07/2008|20:12] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[26/11/2007|04:04] C:\Program Files\MSXML 4.0
[01/02/2008|17:45] C:\Program Files\Orange
[25/02/2008|21:24] C:\Program Files\QuickTime
[18/02/2008|23:32] C:\Program Files\Real
[18/05/2007|04:04] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/05/2007|03:28] C:\Program Files\Roxio
[01/03/2008|11:03] C:\Program Files\SAGEM
[15/07/2008|22:37] C:\Program Files\Securitoo
[18/05/2007|04:00] C:\Program Files\Services en ligne
[12/12/2007|23:42] C:\Program Files\SP38015
[03/01/2008|22:49] C:\Program Files\Spybot - Search & Destroy
[18/05/2007|02:54] C:\Program Files\Synaptics
[17/08/2008|20:54] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[23/05/2008|21:02] C:\Program Files\uTorrent
[24/04/2008|10:15] C:\Program Files\Vodafone
[26/11/2007|20:28] C:\Program Files\Wanadoo
[02/07/2008|22:19] C:\Program Files\Windows Calendar
[02/07/2008|22:19] C:\Program Files\Windows Collaboration
[02/07/2008|22:19] C:\Program Files\Windows Defender
[02/07/2008|22:19] C:\Program Files\Windows Journal
[27/02/2008|16:47] C:\Program Files\Windows Live
[07/02/2008|22:09] C:\Program Files\Windows Live Toolbar
[14/08/2008|19:13] C:\Program Files\Windows Mail
[02/07/2008|22:19] C:\Program Files\Windows Media Player
[13/11/2007|17:41] C:\Program Files\Windows NT
[02/07/2008|22:19] C:\Program Files\Windows Photo Gallery
[02/07/2008|22:19] C:\Program Files\Windows Sidebar
[24/11/2007|18:22] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[10/02/2008|09:48] C:\Program Files\Common Files\Adobe
[18/05/2007|03:45] C:\Program Files\Common Files\DESIGNER
[26/11/2007|20:42] C:\Program Files\Common Files\France Telecom
[18/05/2007|03:57] C:\Program Files\Common Files\HP
[18/05/2007|04:04] C:\Program Files\Common Files\InstallShield
[18/05/2007|04:22] C:\Program Files\Common Files\Java
[18/05/2007|04:06] C:\Program Files\Common Files\LightScribe
[05/05/2008|17:46] C:\Program Files\Common Files\microsoft shared
[19/02/2008|15:23] C:\Program Files\Common Files\Real
[18/05/2007|03:27] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[18/05/2007|03:27] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/05/2007|03:28] C:\Program Files\Common Files\SureThing Shared
[18/08/2008|06:30] C:\Program Files\Common Files\Symantec Shared
[02/07/2008|22:19] C:\Program Files\Common Files\System
[24/11/2007|18:32] C:\Program Files\Common Files\WindowsLiveInstaller
[24/04/2008|10:15] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 85 Processus )
iexplore.exe ~ [PID:2244] ~ [Threads:14]
iexplore.exe ~ [PID:4428] ~ [Threads:5]
iexplore.exe ~ [PID:4452] ~ [Threads:36]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\Bat Mode Hide.mrqzb
C:\ProgramData\warn default default.326u5
C:\ProgramData\warn default default.75czx
C:\ProgramData\warn default default.h1ewx
C:\ProgramData\warn default default.im0u3
C:\ProgramData\warn default default.iq7to
C:\ProgramData\warn default default.nlmpp
C:\ProgramData\warn default default.w2vme
C:\ProgramData\warn default default.lfox83
C:\ProgramData\warn default default.ljyi0w
C:\ProgramData\warn default default.otzbmc
C:\ProgramData\warn default default.t8xvij
C:\ProgramData\warn default default.6bshu4t
C:\ProgramData\warn default default.a5v6pmf
C:\ProgramData\warn default default.cw4k6jm
C:\ProgramData\warn default default.g3pxp1p
C:\ProgramData\warn default default.qjwy40w
C:\Users\COCO_N~1\AppData\Local\Temp\bis9481.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Time Dead Warn Default
C:\ProgramData\Time Dead Warn Default\stupid third.exe
C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies\coco_niro@adopt.euroclick[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"warn default inter for"="\"C:\\ProgramData\\Bat Mode Hide.mrqzb\""
"1 eq"="\"C:\\ProgramData\\warn default default.otzbmc\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 06:40:51
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1498][D:43]-> C:\Users\COCO_N~1\AppData\Local\Temp
[F:214][D:1]-> C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:145][D:16]-> C:\Users\COCO_N~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:12][D:5]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 6:44:33,84
[ UAC => 1 ]
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
dsl de ne pas t'avoir repondu hier gt pa chez mo!
rapport de LopS&D:
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : coco_niro ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 19/08/2008 | 6:47:21 ] [ PC : PC-DE-COCO_NIRO (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\ProgramData\Time Dead Warn Default\stupid third.exe
Supprime! - C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies\coco_niro@adopt.euroclick[2].txt
Supprime! - C:\ProgramData\Bat Mode Hide.mrqzb
Supprime! - C:\ProgramData\warn default default.326u5
Supprime! - C:\ProgramData\warn default default.75czx
Supprime! - C:\ProgramData\warn default default.h1ewx
Supprime! - C:\ProgramData\warn default default.im0u3
Supprime! - C:\ProgramData\warn default default.iq7to
Supprime! - C:\ProgramData\warn default default.nlmpp
Supprime! - C:\ProgramData\warn default default.w2vme
Supprime! - C:\ProgramData\warn default default.lfox83
Supprime! - C:\ProgramData\warn default default.ljyi0w
Supprime! - C:\ProgramData\warn default default.otzbmc
Supprime! - C:\ProgramData\warn default default.t8xvij
Supprime! - C:\ProgramData\warn default default.6bshu4t
Supprime! - C:\ProgramData\warn default default.a5v6pmf
Supprime! - C:\ProgramData\warn default default.cw4k6jm
Supprime! - C:\ProgramData\warn default default.g3pxp1p
Supprime! - C:\ProgramData\warn default default.qjwy40w
Supprime! - C:\Users\COCO_N~1\AppData\Local\Temp\bis9481.exe
Supprime! - C:\ProgramData\Time Dead Warn Default
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[25/11/2007|16:45] C:\Users\COCO_N~1\AppData\Local\Adobe
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Application Data
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\AtStart.txt
[19/04/2008|08:47] C:\Users\COCO_N~1\AppData\Local\Bitmanagement Software
[21/02/2008|15:26] C:\Users\COCO_N~1\AppData\Local\d3d9caps.dat
[28/07/2008|20:51] C:\Users\COCO_N~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\DSwitch.txt
[12/12/2007|23:46] C:\Users\COCO_N~1\AppData\Local\GDIPFONTCACHEV1.DAT
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\Google
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Historique
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\HP
[17/08/2008|22:48] C:\Users\COCO_N~1\AppData\Local\IconCache.db
[29/12/2007|12:43] C:\Users\COCO_N~1\AppData\Local\Iminent
[16/11/2007|09:42] C:\Users\COCO_N~1\AppData\Local\IsolatedStorage
[25/11/2007|03:20] C:\Users\COCO_N~1\AppData\Local\MessLive
[07/07/2008|06:42] C:\Users\COCO_N~1\AppData\Local\Microsoft
[20/11/2007|17:16] C:\Users\COCO_N~1\AppData\Local\Microsoft Games
[19/05/2008|18:04] C:\Users\COCO_N~1\AppData\Local\Mozilla
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\QSwitch.txt
[16/02/2008|13:44] C:\Users\COCO_N~1\AppData\Local\QuickPlay
[19/08/2008|06:47] C:\Users\COCO_N~1\AppData\Local\Temp
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Temporary Internet Files
[28/11/2007|23:30] C:\Users\COCO_N~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[19/08/2008 06:24][--a------] C:\Windows\tasks\Scheduled scanning task.job
[19/08/2008 06:25][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{DF42D40C-224E-4464-956E-761246259D3B}.job
[19/08/2008 06:24][--ah-----] C:\Windows\tasks\SA.DAT
[17/08/2008 22:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[18/05/2007|03:47] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/02/2008|09:48] C:\ProgramData\Adobe
[13/11/2007|17:41] C:\ProgramData\Application Data
[12/02/2008|20:58] C:\ProgramData\Azureus
[13/11/2007|17:41] C:\ProgramData\Bureau
[26/11/2007|17:11] C:\ProgramData\CyberLink
[13/11/2007|17:41] C:\ProgramData\Documents
[13/11/2007|17:41] C:\ProgramData\Favoris
[15/07/2008|22:10] C:\ProgramData\F-Secure
[15/07/2008|22:07] C:\ProgramData\fssg
[18/05/2007|03:59] C:\ProgramData\Google
[18/05/2007|04:23] C:\ProgramData\Hewlett-Packard
[13/11/2007|19:56] C:\ProgramData\HP
[26/11/2007|18:38] C:\ProgramData\hpzinstall.log
[15/08/2008|04:32] C:\ProgramData\Knob Memo Locks
[13/11/2007|17:41] C:\ProgramData\Menu D‚marrer
[18/08/2008|06:06] C:\ProgramData\Messenger Plus!
[31/12/2007|09:28] C:\ProgramData\Microsoft
[14/08/2008|19:10] C:\ProgramData\Microsoft Help
[13/11/2007|17:41] C:\ProgramData\ModŠles
[18/05/2007|03:28] C:\ProgramData\Roxio
[18/05/2007|03:23] C:\ProgramData\Sonic
[03/01/2008|22:48] C:\ProgramData\Spybot - Search & Destroy
[12/08/2008|23:36] C:\ProgramData\SweetIM
[17/08/2008|20:45] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[18/05/2007|03:47] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[01/07/2008|20:36] C:\Program Files\Adobe
[23/05/2008|17:40] C:\Program Files\Azureus
[19/04/2008|08:47] C:\Program Files\Bitmanagement Software
[23/05/2008|18:38] C:\Program Files\BitTyrant
[24/04/2008|10:15] C:\Program Files\Common Files
[02/07/2008|22:31] C:\Program Files\desktop.ini
[20/11/2007|17:49] C:\Program Files\directx
[18/05/2007|03:59] C:\Program Files\EasyBits
[13/11/2007|17:41] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[24/11/2007|17:59] C:\Program Files\Google
[18/05/2007|04:17] C:\Program Files\Hewlett-Packard
[26/11/2007|18:37] C:\Program Files\HP
[18/05/2007|04:06] C:\Program Files\HPQ
[15/11/2007|19:10] C:\Program Files\Illustrate
[13/08/2008|20:19] C:\Program Files\Iminent
[01/03/2008|11:03] C:\Program Files\InstallShield Installation Information
[18/05/2007|03:09] C:\Program Files\Intel
[02/07/2008|22:19] C:\Program Files\Internet Explorer
[20/04/2008|22:45] C:\Program Files\Java
[19/05/2008|19:00] C:\Program Files\LimeWire
[25/11/2007|09:00] C:\Program Files\Live-Prod
[15/11/2007|20:03] C:\Program Files\MatroskaProp
[17/08/2008|17:22] C:\Program Files\Messenger
[17/08/2008|21:19] C:\Program Files\Messenger Plus! Live
[26/11/2007|04:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/05/2007|03:45] C:\Program Files\Microsoft Office
[02/07/2008|19:22] C:\Program Files\Microsoft Silverlight
[29/11/2007|00:20] C:\Program Files\Microsoft SQL Server Compact Edition
[18/05/2007|03:46] C:\Program Files\Microsoft Works
[18/05/2007|03:45] C:\Program Files\Microsoft.NET
[18/05/2007|02:48] C:\Program Files\Motorola
[02/07/2008|22:19] C:\Program Files\Movie Maker
[26/07/2008|20:12] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[26/11/2007|04:04] C:\Program Files\MSXML 4.0
[01/02/2008|17:45] C:\Program Files\Orange
[25/02/2008|21:24] C:\Program Files\QuickTime
[18/02/2008|23:32] C:\Program Files\Real
[18/05/2007|04:04] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/05/2007|03:28] C:\Program Files\Roxio
[01/03/2008|11:03] C:\Program Files\SAGEM
[15/07/2008|22:37] C:\Program Files\Securitoo
[18/05/2007|04:00] C:\Program Files\Services en ligne
[12/12/2007|23:42] C:\Program Files\SP38015
[03/01/2008|22:49] C:\Program Files\Spybot - Search & Destroy
[18/05/2007|02:54] C:\Program Files\Synaptics
[17/08/2008|20:54] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[23/05/2008|21:02] C:\Program Files\uTorrent
[24/04/2008|10:15] C:\Program Files\Vodafone
[26/11/2007|20:28] C:\Program Files\Wanadoo
[02/07/2008|22:19] C:\Program Files\Windows Calendar
[02/07/2008|22:19] C:\Program Files\Windows Collaboration
[02/07/2008|22:19] C:\Program Files\Windows Defender
[02/07/2008|22:19] C:\Program Files\Windows Journal
[27/02/2008|16:47] C:\Program Files\Windows Live
[07/02/2008|22:09] C:\Program Files\Windows Live Toolbar
[14/08/2008|19:13] C:\Program Files\Windows Mail
[02/07/2008|22:19] C:\Program Files\Windows Media Player
[13/11/2007|17:41] C:\Program Files\Windows NT
[02/07/2008|22:19] C:\Program Files\Windows Photo Gallery
[02/07/2008|22:19] C:\Program Files\Windows Sidebar
[24/11/2007|18:22] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[10/02/2008|09:48] C:\Program Files\Common Files\Adobe
[18/05/2007|03:45] C:\Program Files\Common Files\DESIGNER
[26/11/2007|20:42] C:\Program Files\Common Files\France Telecom
[18/05/2007|03:57] C:\Program Files\Common Files\HP
[18/05/2007|04:04] C:\Program Files\Common Files\InstallShield
[18/05/2007|04:22] C:\Program Files\Common Files\Java
[18/05/2007|04:06] C:\Program Files\Common Files\LightScribe
[05/05/2008|17:46] C:\Program Files\Common Files\microsoft shared
[19/02/2008|15:23] C:\Program Files\Common Files\Real
[18/05/2007|03:27] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[18/05/2007|03:27] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/05/2007|03:28] C:\Program Files\Common Files\SureThing Shared
[18/08/2008|06:30] C:\Program Files\Common Files\Symantec Shared
[02/07/2008|22:19] C:\Program Files\Common Files\System
[24/11/2007|18:32] C:\Program Files\Common Files\WindowsLiveInstaller
[24/04/2008|10:15] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 89 Processus )
iexplore.exe ~ [PID:3480] ~ [Threads:9]
iexplore.exe ~ [PID:5732] ~ [Threads:35]
iexplore.exe ~ [PID:4868] ~ [Threads:3]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 06:48:25
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1499][D:43]-> C:\Users\COCO_N~1\AppData\Local\Temp
[F:226][D:1]-> C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:178][D:16]-> C:\Users\COCO_N~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 6:53:22,32
[ UAC => 1 ]
rapport de Hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:57:37, on 19/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Orange\Player Orange\Orange Player.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Windows\system32\conime.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Player Orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cocotimy0.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
rapport de LopS&D:
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : coco_niro ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 19/08/2008 | 6:47:21 ] [ PC : PC-DE-COCO_NIRO (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\ProgramData\Time Dead Warn Default\stupid third.exe
Supprime! - C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies\coco_niro@adopt.euroclick[2].txt
Supprime! - C:\ProgramData\Bat Mode Hide.mrqzb
Supprime! - C:\ProgramData\warn default default.326u5
Supprime! - C:\ProgramData\warn default default.75czx
Supprime! - C:\ProgramData\warn default default.h1ewx
Supprime! - C:\ProgramData\warn default default.im0u3
Supprime! - C:\ProgramData\warn default default.iq7to
Supprime! - C:\ProgramData\warn default default.nlmpp
Supprime! - C:\ProgramData\warn default default.w2vme
Supprime! - C:\ProgramData\warn default default.lfox83
Supprime! - C:\ProgramData\warn default default.ljyi0w
Supprime! - C:\ProgramData\warn default default.otzbmc
Supprime! - C:\ProgramData\warn default default.t8xvij
Supprime! - C:\ProgramData\warn default default.6bshu4t
Supprime! - C:\ProgramData\warn default default.a5v6pmf
Supprime! - C:\ProgramData\warn default default.cw4k6jm
Supprime! - C:\ProgramData\warn default default.g3pxp1p
Supprime! - C:\ProgramData\warn default default.qjwy40w
Supprime! - C:\Users\COCO_N~1\AppData\Local\Temp\bis9481.exe
Supprime! - C:\ProgramData\Time Dead Warn Default
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[25/11/2007|16:45] C:\Users\COCO_N~1\AppData\Local\Adobe
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Application Data
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\AtStart.txt
[19/04/2008|08:47] C:\Users\COCO_N~1\AppData\Local\Bitmanagement Software
[21/02/2008|15:26] C:\Users\COCO_N~1\AppData\Local\d3d9caps.dat
[28/07/2008|20:51] C:\Users\COCO_N~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\DSwitch.txt
[12/12/2007|23:46] C:\Users\COCO_N~1\AppData\Local\GDIPFONTCACHEV1.DAT
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\Google
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Historique
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\HP
[17/08/2008|22:48] C:\Users\COCO_N~1\AppData\Local\IconCache.db
[29/12/2007|12:43] C:\Users\COCO_N~1\AppData\Local\Iminent
[16/11/2007|09:42] C:\Users\COCO_N~1\AppData\Local\IsolatedStorage
[25/11/2007|03:20] C:\Users\COCO_N~1\AppData\Local\MessLive
[07/07/2008|06:42] C:\Users\COCO_N~1\AppData\Local\Microsoft
[20/11/2007|17:16] C:\Users\COCO_N~1\AppData\Local\Microsoft Games
[19/05/2008|18:04] C:\Users\COCO_N~1\AppData\Local\Mozilla
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\QSwitch.txt
[16/02/2008|13:44] C:\Users\COCO_N~1\AppData\Local\QuickPlay
[19/08/2008|06:47] C:\Users\COCO_N~1\AppData\Local\Temp
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Temporary Internet Files
[28/11/2007|23:30] C:\Users\COCO_N~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[19/08/2008 06:24][--a------] C:\Windows\tasks\Scheduled scanning task.job
[19/08/2008 06:25][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{DF42D40C-224E-4464-956E-761246259D3B}.job
[19/08/2008 06:24][--ah-----] C:\Windows\tasks\SA.DAT
[17/08/2008 22:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[18/05/2007|03:47] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/02/2008|09:48] C:\ProgramData\Adobe
[13/11/2007|17:41] C:\ProgramData\Application Data
[12/02/2008|20:58] C:\ProgramData\Azureus
[13/11/2007|17:41] C:\ProgramData\Bureau
[26/11/2007|17:11] C:\ProgramData\CyberLink
[13/11/2007|17:41] C:\ProgramData\Documents
[13/11/2007|17:41] C:\ProgramData\Favoris
[15/07/2008|22:10] C:\ProgramData\F-Secure
[15/07/2008|22:07] C:\ProgramData\fssg
[18/05/2007|03:59] C:\ProgramData\Google
[18/05/2007|04:23] C:\ProgramData\Hewlett-Packard
[13/11/2007|19:56] C:\ProgramData\HP
[26/11/2007|18:38] C:\ProgramData\hpzinstall.log
[15/08/2008|04:32] C:\ProgramData\Knob Memo Locks
[13/11/2007|17:41] C:\ProgramData\Menu D‚marrer
[18/08/2008|06:06] C:\ProgramData\Messenger Plus!
[31/12/2007|09:28] C:\ProgramData\Microsoft
[14/08/2008|19:10] C:\ProgramData\Microsoft Help
[13/11/2007|17:41] C:\ProgramData\ModŠles
[18/05/2007|03:28] C:\ProgramData\Roxio
[18/05/2007|03:23] C:\ProgramData\Sonic
[03/01/2008|22:48] C:\ProgramData\Spybot - Search & Destroy
[12/08/2008|23:36] C:\ProgramData\SweetIM
[17/08/2008|20:45] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[18/05/2007|03:47] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[01/07/2008|20:36] C:\Program Files\Adobe
[23/05/2008|17:40] C:\Program Files\Azureus
[19/04/2008|08:47] C:\Program Files\Bitmanagement Software
[23/05/2008|18:38] C:\Program Files\BitTyrant
[24/04/2008|10:15] C:\Program Files\Common Files
[02/07/2008|22:31] C:\Program Files\desktop.ini
[20/11/2007|17:49] C:\Program Files\directx
[18/05/2007|03:59] C:\Program Files\EasyBits
[13/11/2007|17:41] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[24/11/2007|17:59] C:\Program Files\Google
[18/05/2007|04:17] C:\Program Files\Hewlett-Packard
[26/11/2007|18:37] C:\Program Files\HP
[18/05/2007|04:06] C:\Program Files\HPQ
[15/11/2007|19:10] C:\Program Files\Illustrate
[13/08/2008|20:19] C:\Program Files\Iminent
[01/03/2008|11:03] C:\Program Files\InstallShield Installation Information
[18/05/2007|03:09] C:\Program Files\Intel
[02/07/2008|22:19] C:\Program Files\Internet Explorer
[20/04/2008|22:45] C:\Program Files\Java
[19/05/2008|19:00] C:\Program Files\LimeWire
[25/11/2007|09:00] C:\Program Files\Live-Prod
[15/11/2007|20:03] C:\Program Files\MatroskaProp
[17/08/2008|17:22] C:\Program Files\Messenger
[17/08/2008|21:19] C:\Program Files\Messenger Plus! Live
[26/11/2007|04:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/05/2007|03:45] C:\Program Files\Microsoft Office
[02/07/2008|19:22] C:\Program Files\Microsoft Silverlight
[29/11/2007|00:20] C:\Program Files\Microsoft SQL Server Compact Edition
[18/05/2007|03:46] C:\Program Files\Microsoft Works
[18/05/2007|03:45] C:\Program Files\Microsoft.NET
[18/05/2007|02:48] C:\Program Files\Motorola
[02/07/2008|22:19] C:\Program Files\Movie Maker
[26/07/2008|20:12] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[26/11/2007|04:04] C:\Program Files\MSXML 4.0
[01/02/2008|17:45] C:\Program Files\Orange
[25/02/2008|21:24] C:\Program Files\QuickTime
[18/02/2008|23:32] C:\Program Files\Real
[18/05/2007|04:04] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/05/2007|03:28] C:\Program Files\Roxio
[01/03/2008|11:03] C:\Program Files\SAGEM
[15/07/2008|22:37] C:\Program Files\Securitoo
[18/05/2007|04:00] C:\Program Files\Services en ligne
[12/12/2007|23:42] C:\Program Files\SP38015
[03/01/2008|22:49] C:\Program Files\Spybot - Search & Destroy
[18/05/2007|02:54] C:\Program Files\Synaptics
[17/08/2008|20:54] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[23/05/2008|21:02] C:\Program Files\uTorrent
[24/04/2008|10:15] C:\Program Files\Vodafone
[26/11/2007|20:28] C:\Program Files\Wanadoo
[02/07/2008|22:19] C:\Program Files\Windows Calendar
[02/07/2008|22:19] C:\Program Files\Windows Collaboration
[02/07/2008|22:19] C:\Program Files\Windows Defender
[02/07/2008|22:19] C:\Program Files\Windows Journal
[27/02/2008|16:47] C:\Program Files\Windows Live
[07/02/2008|22:09] C:\Program Files\Windows Live Toolbar
[14/08/2008|19:13] C:\Program Files\Windows Mail
[02/07/2008|22:19] C:\Program Files\Windows Media Player
[13/11/2007|17:41] C:\Program Files\Windows NT
[02/07/2008|22:19] C:\Program Files\Windows Photo Gallery
[02/07/2008|22:19] C:\Program Files\Windows Sidebar
[24/11/2007|18:22] C:\Program Files\WinRAR
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[10/02/2008|09:48] C:\Program Files\Common Files\Adobe
[18/05/2007|03:45] C:\Program Files\Common Files\DESIGNER
[26/11/2007|20:42] C:\Program Files\Common Files\France Telecom
[18/05/2007|03:57] C:\Program Files\Common Files\HP
[18/05/2007|04:04] C:\Program Files\Common Files\InstallShield
[18/05/2007|04:22] C:\Program Files\Common Files\Java
[18/05/2007|04:06] C:\Program Files\Common Files\LightScribe
[05/05/2008|17:46] C:\Program Files\Common Files\microsoft shared
[19/02/2008|15:23] C:\Program Files\Common Files\Real
[18/05/2007|03:27] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[18/05/2007|03:27] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/05/2007|03:28] C:\Program Files\Common Files\SureThing Shared
[18/08/2008|06:30] C:\Program Files\Common Files\Symantec Shared
[02/07/2008|22:19] C:\Program Files\Common Files\System
[24/11/2007|18:32] C:\Program Files\Common Files\WindowsLiveInstaller
[24/04/2008|10:15] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 89 Processus )
iexplore.exe ~ [PID:3480] ~ [Threads:9]
iexplore.exe ~ [PID:5732] ~ [Threads:35]
iexplore.exe ~ [PID:4868] ~ [Threads:3]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 06:48:25
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1499][D:43]-> C:\Users\COCO_N~1\AppData\Local\Temp
[F:226][D:1]-> C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:178][D:16]-> C:\Users\COCO_N~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 6:53:22,32
[ UAC => 1 ]
rapport de Hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:57:37, on 19/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Orange\Player Orange\Orange Player.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Windows\system32\conime.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Player Orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cocotimy0.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
coucou,
bah ecoute j'ai fais exactement ce que tu m'as dis et il n'y a plus rien :)
Plus de pages CiD c'est trop bien :)
je suis trop contente!!!
Mon anti-virus fait aussi anti-spywares! je comprend pas pourquoi tu me dis que je n'en ai pas!
Si je peux faire quoi que se soit pour toi fais moi signe!!
bah ecoute j'ai fais exactement ce que tu m'as dis et il n'y a plus rien :)
Plus de pages CiD c'est trop bien :)
je suis trop contente!!!
Mon anti-virus fait aussi anti-spywares! je comprend pas pourquoi tu me dis que je n'en ai pas!
Si je peux faire quoi que se soit pour toi fais moi signe!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:22:03, on 01/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\documents and settings\luke\local settings\application data\jfhegc.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\PARENTS\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - K:\Outils\Antispy\SPYBOT~1.4BE\SDHelper.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O2 - BHO: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\3.bin\ASKTBAR.DLL
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\3.bin\ASKTBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\PARENTS\APPLIC~1\ELSEPL~1\AXISNEW.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [omeou] "c:\documents and settings\parents\local settings\application data\omeou.exe" omeou
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [book ante] C:\DOCUME~1\LUKE\APPLIC~1\ELSEPL~1\AXISNEW.exe (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [jfhegc] "c:\documents and settings\luke\local settings\application data\jfhegc.exe" jfhegc (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User 'LUKE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?85443627245349d282a14622204ffceb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?85443627245349d282a14622204ffceb
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Acer Media Server - Unknown owner - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe (file missing)
Scan saved at 19:22:03, on 01/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\documents and settings\luke\local settings\application data\jfhegc.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\PARENTS\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - K:\Outils\Antispy\SPYBOT~1.4BE\SDHelper.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O2 - BHO: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\3.bin\ASKTBAR.DLL
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\3.bin\ASKTBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\PARENTS\APPLIC~1\ELSEPL~1\AXISNEW.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [omeou] "c:\documents and settings\parents\local settings\application data\omeou.exe" omeou
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [book ante] C:\DOCUME~1\LUKE\APPLIC~1\ELSEPL~1\AXISNEW.exe (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [jfhegc] "c:\documents and settings\luke\local settings\application data\jfhegc.exe" jfhegc (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User 'LUKE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?85443627245349d282a14622204ffceb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?85443627245349d282a14622204ffceb
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Acer Media Server - Unknown owner - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe (file missing)
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
17 août 2008 à 18:50
17 août 2008 à 18:50
salut;
1) télécharge hijackthis ici:hijackthis
ceci est un outil pour diagnostiquer ton pc .
*.Enregistre HJTInstall.exe sur ton bureau
*. Double-clique sur HJTInstall.exe pour lancer le programme
*. Par défaut, il s'installera là C:\Program Files\Trend Micro\HijackThis
*. Accepte la license en cliquant sur le bouton "I Accept"
*. Choisis l'option "Do a system scan and save a log file"
*. Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
*. Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
*. Colle le rapport que tu viens de copier sur ce forum
*. Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement
tutoriel générer un rapport
1) télécharge hijackthis ici:hijackthis
ceci est un outil pour diagnostiquer ton pc .
*.Enregistre HJTInstall.exe sur ton bureau
*. Double-clique sur HJTInstall.exe pour lancer le programme
*. Par défaut, il s'installera là C:\Program Files\Trend Micro\HijackThis
*. Accepte la license en cliquant sur le bouton "I Accept"
*. Choisis l'option "Do a system scan and save a log file"
*. Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
*. Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
*. Colle le rapport que tu viens de copier sur ce forum
*. Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement
tutoriel générer un rapport
remih78
Messages postés
88
Date d'inscription
mardi 17 avril 2007
Statut
Membre
Dernière intervention
31 janvier 2010
1
17 août 2008 à 18:54
17 août 2008 à 18:54
Bonjour, si c'est ce que je pense c'est que tu a installé les sponsors de msn plus il te suffit de supprimer ces sponsors dans panneau de configuration - ajout/suppression de programme.
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
18 août 2008 à 00:33
18 août 2008 à 00:33
Y aurait-il quelqu'un pour m'aider???
N'as tu pas lu ma signature ?
tu as deux antivirus actifs sur ta machine ! deux antivirus peuvent rentrer en conflits et ralentir ton pc /!\
désinstalle norton avec cet outil : http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
ensuite :
télécharge lopS&D
*double-cliquez dessus pour installer le programme.
* Un raccourci sera créé sur votre bureau , double-cliquez dessus pour lancer l'outil.
*choisis la langue .
*choisis l'option 1 (recherche) .
*copie/colle le rapport sur le forum.
N'as tu pas lu ma signature ?
tu as deux antivirus actifs sur ta machine ! deux antivirus peuvent rentrer en conflits et ralentir ton pc /!\
désinstalle norton avec cet outil : http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
ensuite :
télécharge lopS&D
*double-cliquez dessus pour installer le programme.
* Un raccourci sera créé sur votre bureau , double-cliquez dessus pour lancer l'outil.
*choisis la langue .
*choisis l'option 1 (recherche) .
*copie/colle le rapport sur le forum.
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
18 août 2008 à 09:47
18 août 2008 à 09:47
relance LopS&D et choisis l'option 2 .
ensuite colle le rapport généré .
recolle moi un hijack dans la foulée .
ensuite colle le rapport généré .
recolle moi un hijack dans la foulée .
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
19 août 2008 à 17:36
19 août 2008 à 17:36
salut coco ;
-> Relance HijackThis cliques sur « scanner seulement » ou (« do a scan only »),
coche les cases devant ces lignes :
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
et ensuite ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus,
puis clique "Fix checked"( ou « fixer objet »). Ferme HijackThis!
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
tu n'as pas d'anti-spywares ,installe celui ci et fait un scan avec :
superantispyware : https://www.superantispyware.com/superantispywarefreevspro.html
Dis moi ensuite si tu as encore des soucis ?
-> Relance HijackThis cliques sur « scanner seulement » ou (« do a scan only »),
coche les cases devant ces lignes :
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
et ensuite ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus,
puis clique "Fix checked"( ou « fixer objet »). Ferme HijackThis!
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
tu n'as pas d'anti-spywares ,installe celui ci et fait un scan avec :
superantispyware : https://www.superantispyware.com/superantispywarefreevspro.html
Dis moi ensuite si tu as encore des soucis ?
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
19 août 2008 à 22:39
19 août 2008 à 22:39
pour l'anti-spyware ,désolé mais tu peux quand meme l'installer avec celui que tu as ...A toi de voir .
Si je peux faire quoi que se soit pour toi fais moi signe!!
NE REVIENS JAMAIS :)))
Tch@O
Si je peux faire quoi que se soit pour toi fais moi signe!!
NE REVIENS JAMAIS :)))
Tch@O
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
1 oct. 2008 à 20:33
1 oct. 2008 à 20:33
bonsoir ;
créé ton propre message afin qu'on puisse t'aider STP MERCI !
procede comme suit:http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm
créé ton propre message afin qu'on puisse t'aider STP MERCI !
procede comme suit:http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm