Version anglaiseVersion espagnoleVersion françaiseInscrivez-vous, c'est gratuit ! (mot de passe oublié)
- Jeudi 4 décembre 2008 - 14:29:37
- inscrits : 1093338
- connectés : 52285
- questions/jour : 4683
- Taux de réponse : 76.23%
Plateformes d'assistanceDiscussions & Opinions des Communautés
|
|
|
|
Bonjour,
J'ai des fenêtre publicitaire qui s'active régulièrement dès que je lance internet explorer j'ai beau scanner l'ordinateur avec Antivir et a-squarred anti malware rien ne change. En plus de cela ma connection ralenti ou se déconnecte de manière aléatoire maintenant. Qu'est ce que je dois faire?
J'ai scanné mon ordinateur avec a-squarred anti malware et voilà le rapport:
Version - a-squared Anti-Malware 4.0
Dernière mise à jour : 12/10/2008 21:32:14
Paramètres des balayages :
Éléments : Mémoire, Traces, Cookies, C:\, D:\, F:\
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balaye dans les ADS : Marche
Début du balayage : 12/10/2008 21:32:24
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\db6wrksz.default\cookies.txt:39 Objets détectés : Trace.TrackingCookie.go.com!A2
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\db6wrksz.default\cookies.txt:102 Objets détectés : Trace.TrackingCookie.tracking.publicidees.com!A2
D:\Documents and Settings\krys\Application Data\find flaw media\Defy Phone Wave Setup.exe Objets détectés : Virus.Trojan.Win32.Obfuscated!IK
D:\Documents and Settings\krys\Application Data\find flaw media\file heck.exe Objets détectés : Virus.Win32.Swizzor!IK
D:\Program Files\MessengerPlus! 3\MsgPlus.exe Objets détectés : Generic.Win32.Malware.MessengerPlus!IK
F:\Program Files\MessengerPlus! 3\MsgPlus.exe Objets détectés : Generic.Win32.Malware.MessengerPlus!IK
Analysé
Fichiers : 76755
Traces : 588407
Cookies : 268
Processus : 37
Objets trouvés
Fichiers : 4
Traces : 0
Cookies : 2
Processus : 0
Clés de Registre : 0
Fin du balayage : 12/10/2008 23:26:15
Temps du balayage : 1:53:51
J'ai ensuite effectué un scan avec antivir et voici le rapport:
Avira AntiVir Personal
Report file date: dimanche 12 octobre 2008 22:58
Scanning for 1677110 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PNX
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.7.12 4066816 Bytes 08/10/2008 21:08:48
ANTIVIR3.VDF : 7.0.7.28 120320 Bytes 11/10/2008 21:05:18
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 18/09/2008 19:04:41
AESCN.DLL : 8.1.0.23 119156 Bytes 23/08/2008 16:44:36
AERDL.DLL : 8.1.1.2 438644 Bytes 18/09/2008 19:04:40
AEPACK.DLL : 8.1.2.3 364918 Bytes 24/09/2008 19:04:07
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 18/09/2008 19:04:38
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 18/09/2008 19:04:36
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.36 315764 Bytes 23/08/2008 16:44:27
AEEMU.DLL : 8.1.0.7 430452 Bytes 23/08/2008 16:44:24
AECORE.DLL : 8.1.1.11 172406 Bytes 04/09/2008 16:43:49
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 23/08/2008 16:44:20
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, F:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 12 octobre 2008 22:58
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'SpybotSD.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'a2scan.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'Belkinwcui.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'bittorrent.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'LClock.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'a2guard.exe' - '1' Module(s) have been scanned
Scan process 'pspVideo9.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
41 processes with 41 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '53' files ).
Starting the file scan:
Begin scan in 'C:\' <krys>
Begin scan in 'D:\'
D:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'F:\'
End of the scan: dimanche 12 octobre 2008 23:37
Used time: 38:18 Minute(s)
The scan has been done completely.
4797 Scanning directories
194672 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
194671 Files not concerned
1560 Archives were scanned
2 Warnings
0 Notes
Puis j'ai terminé par un scan avec hijackthis dont voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:21:13, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0013)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\a-squared Anti-Malware\a2service.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\alg.exe
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\pspvideo9\pspVideo9.exe
D:\Program Files\a-squared Anti-Malware\a2guard.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\lclock.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\BitTorrent\bittorrent.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Documents and Settings\krys\Bureau\HiJackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xtremeweb.free.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=3
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - D:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - D:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - D:\Program Files\IsoBuster\tbIsoB.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSPVideo9] D:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [a-squared] "D:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] D:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Comp One] D:\DOCUME~1\krys\Application Data\find flaw media\file heck.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [LClock] lclock.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')
O4 - Global Startup: Belkin Wireless USB Utility.lnk = D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Télécharger avec FlashGet - D:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\PROGRA~1\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
End of file - 9418 bytes
J'ai des fenêtre publicitaire qui s'active régulièrement dès que je lance internet explorer j'ai beau scanner l'ordinateur avec Antivir et a-squarred anti malware rien ne change. En plus de cela ma connection ralenti ou se déconnecte de manière aléatoire maintenant. Qu'est ce que je dois faire?
J'ai scanné mon ordinateur avec a-squarred anti malware et voilà le rapport:
Version - a-squared Anti-Malware 4.0
Dernière mise à jour : 12/10/2008 21:32:14
Paramètres des balayages :
Éléments : Mémoire, Traces, Cookies, C:\, D:\, F:\
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balaye dans les ADS : Marche
Début du balayage : 12/10/2008 21:32:24
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\db6wrksz.default\cookies.txt:39 Objets détectés : Trace.TrackingCookie.go.com!A2
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\db6wrksz.default\cookies.txt:102 Objets détectés : Trace.TrackingCookie.tracking.publicidees.com!A2
D:\Documents and Settings\krys\Application Data\find flaw media\Defy Phone Wave Setup.exe Objets détectés : Virus.Trojan.Win32.Obfuscated!IK
D:\Documents and Settings\krys\Application Data\find flaw media\file heck.exe Objets détectés : Virus.Win32.Swizzor!IK
D:\Program Files\MessengerPlus! 3\MsgPlus.exe Objets détectés : Generic.Win32.Malware.MessengerPlus!IK
F:\Program Files\MessengerPlus! 3\MsgPlus.exe Objets détectés : Generic.Win32.Malware.MessengerPlus!IK
Analysé
Fichiers : 76755
Traces : 588407
Cookies : 268
Processus : 37
Objets trouvés
Fichiers : 4
Traces : 0
Cookies : 2
Processus : 0
Clés de Registre : 0
Fin du balayage : 12/10/2008 23:26:15
Temps du balayage : 1:53:51
J'ai ensuite effectué un scan avec antivir et voici le rapport:
Avira AntiVir Personal
Report file date: dimanche 12 octobre 2008 22:58
Scanning for 1677110 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PNX
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.7.12 4066816 Bytes 08/10/2008 21:08:48
ANTIVIR3.VDF : 7.0.7.28 120320 Bytes 11/10/2008 21:05:18
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 18/09/2008 19:04:41
AESCN.DLL : 8.1.0.23 119156 Bytes 23/08/2008 16:44:36
AERDL.DLL : 8.1.1.2 438644 Bytes 18/09/2008 19:04:40
AEPACK.DLL : 8.1.2.3 364918 Bytes 24/09/2008 19:04:07
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 18/09/2008 19:04:38
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 18/09/2008 19:04:36
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.36 315764 Bytes 23/08/2008 16:44:27
AEEMU.DLL : 8.1.0.7 430452 Bytes 23/08/2008 16:44:24
AECORE.DLL : 8.1.1.11 172406 Bytes 04/09/2008 16:43:49
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 23/08/2008 16:44:20
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, F:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 12 octobre 2008 22:58
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'SpybotSD.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'a2scan.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'Belkinwcui.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'bittorrent.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'LClock.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'a2guard.exe' - '1' Module(s) have been scanned
Scan process 'pspVideo9.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
41 processes with 41 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '53' files ).
Starting the file scan:
Begin scan in 'C:\' <krys>
Begin scan in 'D:\'
D:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'F:\'
End of the scan: dimanche 12 octobre 2008 23:37
Used time: 38:18 Minute(s)
The scan has been done completely.
4797 Scanning directories
194672 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
194671 Files not concerned
1560 Archives were scanned
2 Warnings
0 Notes
Puis j'ai terminé par un scan avec hijackthis dont voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:21:13, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0013)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\a-squared Anti-Malware\a2service.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\alg.exe
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\pspvideo9\pspVideo9.exe
D:\Program Files\a-squared Anti-Malware\a2guard.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\lclock.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\BitTorrent\bittorrent.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Documents and Settings\krys\Bureau\HiJackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xtremeweb.free.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=3
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - D:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - D:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - D:\Program Files\IsoBuster\tbIsoB.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSPVideo9] D:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [a-squared] "D:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] D:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Comp One] D:\DOCUME~1\krys\Application Data\find flaw media\file heck.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [LClock] lclock.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')
O4 - Global Startup: Belkin Wireless USB Utility.lnk = D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Télécharger avec FlashGet - D:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\PROGRA~1\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
End of file - 9418 bytes
Configuration: Windows XP Firefox 2.0.0.17
Salut,
---> Télécharge Lop S&D sur ton Bureau http://eric.71.mespages.googlepages.com/LopSD.exe ---> Double-clique dessus pour lancer l'installation ---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau ---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche) ---> Patiente jusqu'à la fin du scan ---> Poste le rapport généré (C:\lopR.txt) |
Bonjour voici le rapport de LopSD:
--------------------\\ Lop S&D 4.2.4-3 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : krys ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) Firewall : ZoneAlarm Firewall 6.5.737.000 (Activated) C:\ (Local Disk) - NTFS - Total : 149 Go Free : 3 Go D:\ (Local Disk) - NTFS - Total : 117 Go Free : 83 Go E:\ (CD or DVD) F:\ (Local Disk) - NTFS - Total : 115 Go Free : 113 Go G:\ (CD or DVD) I:\ (USB) J:\ (USB) - FAT32 - Total : 3904 Mo Free : 0 Go "D:\Lop SD" ( MAJ : 14-09-2008|22:40 ) Option : [1] ( 13/10/2008|17:50 ) --------------------\\ Listing des dossiers dans Application Data [23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Identities [23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Microsoft [23/08/2008|15:08] D:\DOCUME~1\Administrateur\Application Data\Mozilla [23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Skype [15/09/2008|20:48] D:\DOCUME~1\ALLUSE~1\Application Data\Apple [15/09/2008|20:46] D:\DOCUME~1\ALLUSE~1\Application Data\Apple Computer [23/08/2008|18:42] D:\DOCUME~1\ALLUSE~1\Application Data\Avira [01/10/2008|00:06] D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web [23/08/2008|17:30] D:\DOCUME~1\ALLUSE~1\Application Data\Google [13/09/2008|17:39] D:\DOCUME~1\ALLUSE~1\Application Data\Macrovision [06/10/2008|21:04] D:\DOCUME~1\ALLUSE~1\Application Data\Malwarebytes [16/09/2008|10:28] D:\DOCUME~1\ALLUSE~1\Application Data\Messenger Plus! [11/10/2008|17:56] D:\DOCUME~1\ALLUSE~1\Application Data\Microsoft [23/08/2008|17:04] D:\DOCUME~1\ALLUSE~1\Application Data\SBT [23/08/2008|16:50] D:\DOCUME~1\ALLUSE~1\Application Data\Skype [24/08/2008|04:51] D:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy [23/08/2008|17:54] D:\DOCUME~1\ALLUSE~1\Application Data\Windows Genuine Advantage [25/09/2008|18:10] D:\DOCUME~1\Dani\Application Data\Microsoft [06/10/2008|20:10] D:\DOCUME~1\Dani\Application Data\Mozilla [06/10/2008|18:43] D:\DOCUME~1\Dani\Application Data\Skype [23/08/2008|15:10] D:\DOCUME~1\DEFAUL~1\Application Data\Microsoft [23/08/2008|15:08] D:\DOCUME~1\DEFAUL~1\Application Data\Mozilla [25/09/2008|20:52] D:\DOCUME~1\Invit‚\Application Data\Identities [25/09/2008|18:21] D:\DOCUME~1\Invit‚\Application Data\Microsoft [23/08/2008|15:08] D:\DOCUME~1\Invit‚\Application Data\Mozilla [25/09/2008|20:53] D:\DOCUME~1\Invit‚\Application Data\Skype [13/09/2008|18:00] D:\DOCUME~1\krys\Application Data\Adobe [06/09/2008|22:58] D:\DOCUME~1\krys\Application Data\Apple Computer [10/10/2008|17:08] D:\DOCUME~1\krys\Application Data\BitTorrent [24/08/2008|05:25] D:\DOCUME~1\krys\Application Data\Canneverbe_Limited [13/10/2008|01:18] D:\DOCUME~1\krys\Application Data\find flaw media [30/08/2008|15:26] D:\DOCUME~1\krys\Application Data\Google [14/09/2008|17:12] D:\DOCUME~1\krys\Application Data\HP [23/08/2008|16:50] D:\DOCUME~1\krys\Application Data\Identities [23/08/2008|18:26] D:\DOCUME~1\krys\Application Data\InterTrust [11/10/2008|17:57] D:\DOCUME~1\krys\Application Data\Leadertech [23/08/2008|18:31] D:\DOCUME~1\krys\Application Data\Macromedia [06/10/2008|21:04] D:\DOCUME~1\krys\Application Data\Malwarebytes [27/08/2008|08:45] D:\DOCUME~1\krys\Application Data\Media Player Classic [27/09/2008|18:28] D:\DOCUME~1\krys\Application Data\Microsoft [23/08/2008|16:56] D:\DOCUME~1\krys\Application Data\Microsoft Web Folders [23/08/2008|18:25] D:\DOCUME~1\krys\Application Data\Mozilla [30/08/2008|16:15] D:\DOCUME~1\krys\Application Data\Real [10/10/2008|01:23] D:\DOCUME~1\krys\Application Data\Skype [13/10/2008|17:20] D:\DOCUME~1\krys\Application Data\skypePM [23/08/2008|15:15] D:\DOCUME~1\LocalService\Application Data\Microsoft [23/08/2008|15:15] D:\DOCUME~1\NetworkService\Application Data\Microsoft --------------------\\ Tâches planifiées dans D:\WINDOWS\tasks [10/10/2008 20:52][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job [13/10/2008 17:19][--ah-----] D:\WINDOWS\tasks\SA.DAT [28/08/2001 19:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans D:\Program Files [13/09/2008|17:38] D:\Program Files\Adobe [30/08/2008|16:01] D:\Program Files\aod [15/09/2008|20:48] D:\Program Files\Apple Software Update [13/10/2008|13:09] D:\Program Files\a-squared Anti-Malware [23/08/2008|18:42] D:\Program Files\Avira [05/09/2008|00:30] D:\Program Files\AviSynth 2.5 [23/08/2008|18:38] D:\Program Files\Belkin [23/08/2008|18:10] D:\Program Files\BitTorrent [23/08/2008|14:57] D:\Program Files\BitTorrent++ [23/08/2008|17:37] D:\Program Files\CCleaner [24/08/2008|05:25] D:\Program Files\CDBurnerXP [07/09/2008|04:45] D:\Program Files\CDRWIN [23/08/2008|14:50] D:\Program Files\ComPlus Applications [07/09/2008|04:33] D:\Program Files\Conduit [23/08/2008|15:07] D:\Program Files\D-Tools [11/10/2008|17:48] D:\Program Files\EA Sports [11/10/2008|01:30] D:\Program Files\eMule [15/09/2008|20:46] D:\Program Files\Fichiers communs [01/10/2008|00:06] D:\Program Files\find flaw media [23/08/2008|15:01] D:\Program Files\FlashFXP [23/08/2008|15:07] D:\Program Files\FlashGet [23/08/2008|18:10] D:\Program Files\FLV Player [23/08/2008|17:30] D:\Program Files\Google [13/09/2008|17:38] D:\Program Files\InstallShield Installation Information [13/10/2008|01:33] D:\Program Files\Internet Explorer [09/09/2008|01:47] D:\Program Files\K-Lite Codec Pack [07/09/2008|04:53] D:\Program Files\MagicISO [10/10/2008|10:30] D:\Program Files\Malwarebytes' Anti-Malware [23/08/2008|14:50] D:\Program Files\Messenger [15/09/2008|21:34] D:\Program Files\Messenger Plus! Live [23/08/2008|15:08] D:\Program Files\MessengerPlus! 3 [23/08/2008|17:03] D:\Program Files\Microsoft FrontPage [23/08/2008|17:16] D:\Program Files\Microsoft Office [23/08/2008|16:58] D:\Program Files\Microsoft Visual Studio [13/10/2008|17:33] D:\Program Files\Mozilla Firefox [15/09/2008|21:34] D:\Program Files\MSN Messenger [03/10/2008|20:50] D:\Program Files\Navilog1 [23/08/2008|14:51] D:\Program Files\NetMeeting [23/08/2008|14:51] D:\Program Files\Outlook Express [05/09/2008|00:30] D:\Program Files\pspvideo9 [15/09/2008|20:46] D:\Program Files\QuickTime [30/08/2008|16:01] D:\Program Files\Real [23/08/2008|14:51] D:\Program Files\Services en ligne [23/08/2008|17:30] D:\Program Files\Skype [23/08/2008|17:04] D:\Program Files\Snapshot Viewer [03/10/2008|20:44] D:\Program Files\Spybot - Search & Destroy [23/08/2008|18:15] D:\Program Files\TeaTimer (Spybot - Search & Destroy) [16/09/2008|13:29] D:\Program Files\Trend Micro [23/08/2008|15:15] D:\Program Files\Uninstall Information [23/08/2008|17:53] D:\Program Files\Winamp [15/09/2008|21:34] D:\Program Files\Windows Live [23/08/2008|15:10] D:\Program Files\Windows Media Player [23/08/2008|14:50] D:\Program Files\Windows NT [23/08/2008|14:51] D:\Program Files\WindowsUpdate [23/08/2008|15:09] D:\Program Files\WinRAR [28/08/2008|21:44] D:\Program Files\Xvid [23/08/2008|17:41] D:\Program Files\Zone Labs --------------------\\ Listing des dossiers dans D:\Program Files\Fichiers communs [13/09/2008|17:39] D:\Program Files\Fichiers communs\Adobe [13/09/2008|17:39] D:\Program Files\Fichiers communs\Adobe Systems Shared [15/09/2008|20:46] D:\Program Files\Fichiers communs\Apple [23/08/2008|16:58] D:\Program Files\Fichiers communs\Designer [13/09/2008|17:36] D:\Program Files\Fichiers communs\InstallShield [11/10/2008|17:46] D:\Program Files\Fichiers communs\Microsoft Shared [23/08/2008|14:51] D:\Program Files\Fichiers communs\MSSoap [23/08/2008|16:43] D:\Program Files\Fichiers communs\ODBC [30/08/2008|16:15] D:\Program Files\Fichiers communs\Real [23/08/2008|14:51] D:\Program Files\Fichiers communs\Services [23/08/2008|17:30] D:\Program Files\Fichiers communs\Skype [23/08/2008|17:04] D:\Program Files\Fichiers communs\System --------------------\\ Process ( 43 Processes ) IEXPLORE.EXE ~ [PID:732] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web\File start.exe D:\DOCUME~1\krys\Cookies\krys@www.adserver5[1].txt D:\DOCUME~1\krys\Cookies\krys@bigpoint[1].txt D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[1].txt D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[2].txt D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[3].txt D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[4].txt D:\DOCUME~1\krys\Cookies\krys@banner.cotedazurpalace[2].txt D:\DOCUME~1\krys\Cookies\krys@cotedazurpalace[1].txt D:\DOCUME~1\krys\Cookies\krys@cotedazurpalace[2].txt D:\DOCUME~1\krys\Cookies\krys@adopt.euroclick[2].txt --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-13 17:54:09 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. D:\DOCUME~1\krys\Application Data\Microsoft\Office\R‚cents\keygen.doc.lnk D:\DOCUME~1\krys\Favoris\Cracks - Serials D:\DOCUME~1\krys\Favoris\Cracks - Serials\Astalavista.box.sk.url D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\keygen.doc D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack\FIFA09.exe [F:154][D:0]-> D:\DOCUME~1\krys\Cookies 1 - "D:\Lop SD\LopR_1.txt" - 16/09/2008|14:12 - Option : [1] 2 - "D:\Lop SD\LopR_2.txt" - 16/09/2008|14:26 - Option : [2] 3 - "D:\Lop SD\LopR_3.txt" - 13/10/2008|17:56 - Option : [1] --------------------\\ Fin du rapport a 17:56:17 |
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression) ---> Ne ferme pas la fenêtre lors de la suppression ! ---> Poste le rapport généré (C:\lopR.txt) |
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : krys ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) Firewall : ZoneAlarm Firewall 6.5.737.000 (Activated) C:\ (Local Disk) - NTFS - Total : 149 Go Free : 3 Go D:\ (Local Disk) - NTFS - Total : 117 Go Free : 83 Go E:\ (CD or DVD) F:\ (Local Disk) - NTFS - Total : 115 Go Free : 113 Go G:\ (CD or DVD) I:\ (USB) "D:\Lop SD" ( MAJ : 14-09-2008|22:40 ) Option : [2] ( 13/10/2008|18:11 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web\File start.exe Supprime! - D:\DOCUME~1\krys\Cookies\krys@www.adserver5[1].txt Supprime! - D:\DOCUME~1\krys\Cookies\krys@bigpoint[1].txt Supprime! - D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[1].txt Supprime! - D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[2].txt Supprime! - D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[3].txt Supprime! - D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[4].txt Supprime! - D:\DOCUME~1\krys\Cookies\krys@banner.cotedazurpalace[2].txt Supprime! - D:\DOCUME~1\krys\Cookies\krys@cotedazurpalace[1].txt Supprime! - D:\DOCUME~1\krys\Cookies\krys@cotedazurpalace[2].txt Supprime! - D:\DOCUME~1\krys\Cookies\krys@adopt.euroclick[2].txt Supprime! - D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans Application Data [23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Identities [23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Microsoft [23/08/2008|15:08] D:\DOCUME~1\Administrateur\Application Data\Mozilla [23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Skype [15/09/2008|20:48] D:\DOCUME~1\ALLUSE~1\Application Data\Apple [15/09/2008|20:46] D:\DOCUME~1\ALLUSE~1\Application Data\Apple Computer [23/08/2008|18:42] D:\DOCUME~1\ALLUSE~1\Application Data\Avira [23/08/2008|17:30] D:\DOCUME~1\ALLUSE~1\Application Data\Google [13/09/2008|17:39] D:\DOCUME~1\ALLUSE~1\Application Data\Macrovision [06/10/2008|21:04] D:\DOCUME~1\ALLUSE~1\Application Data\Malwarebytes [16/09/2008|10:28] D:\DOCUME~1\ALLUSE~1\Application Data\Messenger Plus! [11/10/2008|17:56] D:\DOCUME~1\ALLUSE~1\Application Data\Microsoft [23/08/2008|17:04] D:\DOCUME~1\ALLUSE~1\Application Data\SBT [23/08/2008|16:50] D:\DOCUME~1\ALLUSE~1\Application Data\Skype [24/08/2008|04:51] D:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy [23/08/2008|17:54] D:\DOCUME~1\ALLUSE~1\Application Data\Windows Genuine Advantage [25/09/2008|18:10] D:\DOCUME~1\Dani\Application Data\Microsoft [06/10/2008|20:10] D:\DOCUME~1\Dani\Application Data\Mozilla [06/10/2008|18:43] D:\DOCUME~1\Dani\Application Data\Skype [23/08/2008|15:10] D:\DOCUME~1\DEFAUL~1\Application Data\Microsoft [23/08/2008|15:08] D:\DOCUME~1\DEFAUL~1\Application Data\Mozilla [25/09/2008|20:52] D:\DOCUME~1\Invit‚\Application Data\Identities [25/09/2008|18:21] D:\DOCUME~1\Invit‚\Application Data\Microsoft [23/08/2008|15:08] D:\DOCUME~1\Invit‚\Application Data\Mozilla [25/09/2008|20:53] D:\DOCUME~1\Invit‚\Application Data\Skype [13/09/2008|18:00] D:\DOCUME~1\krys\Application Data\Adobe [06/09/2008|22:58] D:\DOCUME~1\krys\Application Data\Apple Computer [13/10/2008|18:05] D:\DOCUME~1\krys\Application Data\BitTorrent [24/08/2008|05:25] D:\DOCUME~1\krys\Application Data\Canneverbe_Limited [13/10/2008|01:18] D:\DOCUME~1\krys\Application Data\find flaw media [30/08/2008|15:26] D:\DOCUME~1\krys\Application Data\Google [14/09/2008|17:12] D:\DOCUME~1\krys\Application Data\HP [23/08/2008|16:50] D:\DOCUME~1\krys\Application Data\Identities [23/08/2008|18:26] D:\DOCUME~1\krys\Application Data\InterTrust [11/10/2008|17:57] D:\DOCUME~1\krys\Application Data\Leadertech [23/08/2008|18:31] D:\DOCUME~1\krys\Application Data\Macromedia [06/10/2008|21:04] D:\DOCUME~1\krys\Application Data\Malwarebytes [27/08/2008|08:45] D:\DOCUME~1\krys\Application Data\Media Player Classic [27/09/2008|18:28] D:\DOCUME~1\krys\Application Data\Microsoft [23/08/2008|16:56] D:\DOCUME~1\krys\Application Data\Microsoft Web Folders [23/08/2008|18:25] D:\DOCUME~1\krys\Application Data\Mozilla [30/08/2008|16:15] D:\DOCUME~1\krys\Application Data\Real [10/10/2008|01:23] D:\DOCUME~1\krys\Application Data\Skype [13/10/2008|17:20] D:\DOCUME~1\krys\Application Data\skypePM [23/08/2008|15:15] D:\DOCUME~1\LocalService\Application Data\Microsoft [23/08/2008|15:15] D:\DOCUME~1\NetworkService\Application Data\Microsoft --------------------\\ Tâches planifiées dans D:\WINDOWS\tasks [10/10/2008 20:52][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job [13/10/2008 17:19][--ah-----] D:\WINDOWS\tasks\SA.DAT [28/08/2001 19:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans D:\Program Files [13/09/2008|17:38] D:\Program Files\Adobe [30/08/2008|16:01] D:\Program Files\aod [15/09/2008|20:48] D:\Program Files\Apple Software Update [13/10/2008|13:09] D:\Program Files\a-squared Anti-Malware [23/08/2008|18:42] D:\Program Files\Avira [05/09/2008|00:30] D:\Program Files\AviSynth 2.5 [23/08/2008|18:38] D:\Program Files\Belkin [23/08/2008|18:10] D:\Program Files\BitTorrent [23/08/2008|14:57] D:\Program Files\BitTorrent++ [23/08/2008|17:37] D:\Program Files\CCleaner [24/08/2008|05:25] D:\Program Files\CDBurnerXP [07/09/2008|04:45] D:\Program Files\CDRWIN [23/08/2008|14:50] D:\Program Files\ComPlus Applications [07/09/2008|04:33] D:\Program Files\Conduit [23/08/2008|15:07] D:\Program Files\D-Tools [11/10/2008|17:48] D:\Program Files\EA Sports [11/10/2008|01:30] D:\Program Files\eMule [15/09/2008|20:46] D:\Program Files\Fichiers communs [01/10/2008|00:06] D:\Program Files\find flaw media [23/08/2008|15:01] D:\Program Files\FlashFXP [23/08/2008|15:07] D:\Program Files\FlashGet [23/08/2008|18:10] D:\Program Files\FLV Player [23/08/2008|17:30] D:\Program Files\Google [13/09/2008|17:38] D:\Program Files\InstallShield Installation Information [13/10/2008|01:33] D:\Program Files\Internet Explorer [09/09/2008|01:47] D:\Program Files\K-Lite Codec Pack [07/09/2008|04:53] D:\Program Files\MagicISO [10/10/2008|10:30] D:\Program Files\Malwarebytes' Anti-Malware [23/08/2008|14:50] D:\Program Files\Messenger [15/09/2008|21:34] D:\Program Files\Messenger Plus! Live [23/08/2008|15:08] D:\Program Files\MessengerPlus! 3 [23/08/2008|17:03] D:\Program Files\Microsoft FrontPage [23/08/2008|17:16] D:\Program Files\Microsoft Office [23/08/2008|16:58] D:\Program Files\Microsoft Visual Studio [13/10/2008|17:33] D:\Program Files\Mozilla Firefox [15/09/2008|21:34] D:\Program Files\MSN Messenger [03/10/2008|20:50] D:\Program Files\Navilog1 [23/08/2008|14:51] D:\Program Files\NetMeeting [23/08/2008|14:51] D:\Program Files\Outlook Express [05/09/2008|00:30] D:\Program Files\pspvideo9 [15/09/2008|20:46] D:\Program Files\QuickTime [30/08/2008|16:01] D:\Program Files\Real [23/08/2008|14:51] D:\Program Files\Services en ligne [23/08/2008|17:30] D:\Program Files\Skype [23/08/2008|17:04] D:\Program Files\Snapshot Viewer [03/10/2008|20:44] D:\Program Files\Spybot - Search & Destroy [23/08/2008|18:15] D:\Program Files\TeaTimer (Spybot - Search & Destroy) [16/09/2008|13:29] D:\Program Files\Trend Micro [23/08/2008|15:15] D:\Program Files\Uninstall Information [23/08/2008|17:53] D:\Program Files\Winamp [15/09/2008|21:34] D:\Program Files\Windows Live [23/08/2008|15:10] D:\Program Files\Windows Media Player [23/08/2008|14:50] D:\Program Files\Windows NT [23/08/2008|14:51] D:\Program Files\WindowsUpdate [23/08/2008|15:09] D:\Program Files\WinRAR [28/08/2008|21:44] D:\Program Files\Xvid [23/08/2008|17:41] D:\Program Files\Zone Labs --------------------\\ Listing des dossiers dans D:\Program Files\Fichiers communs [13/09/2008|17:39] D:\Program Files\Fichiers communs\Adobe [13/09/2008|17:39] D:\Program Files\Fichiers communs\Adobe Systems Shared [15/09/2008|20:46] D:\Program Files\Fichiers communs\Apple [23/08/2008|16:58] D:\Program Files\Fichiers communs\Designer [13/09/2008|17:36] D:\Program Files\Fichiers communs\InstallShield [11/10/2008|17:46] D:\Program Files\Fichiers communs\Microsoft Shared [23/08/2008|14:51] D:\Program Files\Fichiers communs\MSSoap [23/08/2008|16:43] D:\Program Files\Fichiers communs\ODBC [30/08/2008|16:15] D:\Program Files\Fichiers communs\Real [23/08/2008|14:51] D:\Program Files\Fichiers communs\Services [23/08/2008|17:30] D:\Program Files\Fichiers communs\Skype [23/08/2008|17:04] D:\Program Files\Fichiers communs\System --------------------\\ Process ( 41 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-13 18:16:49 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. D:\DOCUME~1\krys\Application Data\Microsoft\Office\R‚cents\keygen.doc.lnk D:\DOCUME~1\krys\Favoris\Cracks - Serials D:\DOCUME~1\krys\Favoris\Cracks - Serials\Astalavista.box.sk.url D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\keygen.doc D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack\FIFA09.exe [F:142][D:0]-> D:\DOCUME~1\krys\Cookies 1 - "D:\Lop SD\LopR_1.txt" - 16/09/2008|14:12 - Option : [1] 2 - "D:\Lop SD\LopR_2.txt" - 16/09/2008|14:26 - Option : [2] 3 - "D:\Lop SD\LopR_3.txt" - 13/10/2008|17:56 - Option : [1] 4 - "D:\Lop SD\LopR_4.txt" - 13/10/2008|18:18 - Option : [2] --------------------\\ Fin du rapport a 18:18:18 |
|
"D:\DOCUME~1\krys\Application Data\Microsoft\Office\R‚cents\keygen.doc.lnk
D:\DOCUME~1\krys\Favoris\Cracks - Serials D:\DOCUME~1\krys\Favoris\Cracks - Serials\Astalavista.box.sk.url D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\keygen.doc D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack\FIFA09.exe" ---> Tu devrais faire le tri pour le bien de ton PC. ---> Supprime Lop S&D et le dossier Lop S&D situé dans C:\ ---> Télécharge OTMoveIt2 à partir du lien ci-dessous : http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe ---> Enregistre le fichier sur le Bureau. ---> Double-clique sur le fichier OTMoveIt2.exe pour lancer l'outil. Assure-toi que la case Unregister Dll's and Ocx's soit bien cochée. ---> Copie l'intégralité du texte ci-dessous et colle-le dans la fenêtre intitulée Paste List Of Files/Folders to Move. D:\DOCUME~1\krys\Application Data\find flaw media\ D:\Program Files\find flaw media\ ---> Clique sur MoveIt! pour lancer la suppression. Lorsqu'un résultat apparaît dans le cadre Results, clique sur Exit. Note : Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES. ---> Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles. |
Bonjour,
excusez moi mais j'ai cliqué sur le lien et a-squarred a reconnu le lien comme étant un trojan j'ai cherché le logiciel sur google mais je n'ai trouvé aucun site où telecharger OTMoveIt2 . |
|
OTMoveIt2 n'est pas un troyen donc désactive a-squared. |
Voici le rapport:
D:\DOCUME~1\krys\Application Data\find flaw media moved successfully. D:\Program Files\find flaw media moved successfully. File/Folder not found. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 10132008_185630 |
- Télécharge HijackThis v2.0.2 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe - Fais un double-clic sur HJTInstall.exe afin de lancer l'installation. - Clique sur Install ensuite sur I Accept. - Clique sur Do a system scan and save a logfile. - Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ton prochain message. |
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:13:32, on 13/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\csrss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\ZoneLabs\vsmon.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe D:\Program Files\a-squared Anti-Malware\a2service.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe D:\Program Files\CDBurnerXP\NMSAccessU.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\alg.exe D:\WINDOWS\Explorer.EXE D:\Program Files\D-Tools\daemon.exe D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe D:\WINDOWS\system32\RUNDLL32.EXE D:\Program Files\pspvideo9\pspVideo9.exe D:\Program Files\a-squared Anti-Malware\a2guard.exe D:\WINDOWS\system32\ctfmon.exe D:\WINDOWS\lclock.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\Program Files\BitTorrent\bittorrent.exe D:\Program Files\MSN Messenger\msnmsgr.exe D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe D:\Program Files\MSN Messenger\usnsvc.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe D:\Program Files\Trend Micro\HijackThis\HijackThis.exe D:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xtremeweb.free.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=3 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PSPVideo9] D:\Program Files\pspvideo9\pspVideo9.exe -t O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [a-squared] "D:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] D:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Comp One] D:\DOCUME~1\krys\Application Data\find flaw media\file heck.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [LClock] lclock.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user') O4 - Global Startup: Belkin Wireless USB Utility.lnk = D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Télécharger avec FlashGet - D:\PROGRA~1\FlashGet\jc_link.htm O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\PROGRA~1\FlashGet\jc_all.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/... O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe End of file - 9629 bytes |
---> Relance HijackThis et choisis Do a system scan only
---> Coche les cases qui sont devant les lignes suivantes : O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [Comp One] D:\DOCUME~1\krys\Application Data\find flaw media\file heck.exe ---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose. ---> Redémarre ton PC et poste un nouveau rapport HijackThis. |
voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:26:39, on 13/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\csrss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\ZoneLabs\vsmon.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe D:\Program Files\a-squared Anti-Malware\a2service.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe D:\Program Files\CDBurnerXP\NMSAccessU.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\alg.exe D:\WINDOWS\Explorer.EXE D:\Program Files\D-Tools\daemon.exe D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe D:\WINDOWS\system32\RUNDLL32.EXE D:\Program Files\pspvideo9\pspVideo9.exe D:\Program Files\a-squared Anti-Malware\a2guard.exe D:\WINDOWS\system32\ctfmon.exe D:\WINDOWS\lclock.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\Program Files\BitTorrent\bittorrent.exe D:\Program Files\MSN Messenger\msnmsgr.exe D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe D:\Program Files\MSN Messenger\usnsvc.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\Program Files\Trend Micro\HijackThis\HijackThis.exe D:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xtremeweb.free.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=3 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PSPVideo9] D:\Program Files\pspvideo9\pspVideo9.exe -t O4 - HKLM\..\Run: [a-squared] "D:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] D:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [LClock] lclock.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user') O4 - Global Startup: Belkin Wireless USB Utility.lnk = D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Télécharger avec FlashGet - D:\PROGRA~1\FlashGet\jc_link.htm O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\PROGRA~1\FlashGet\jc_all.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/... O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe End of file - 9316 bytes |