VIRUS BAGLE ??
Résolu/Fermé
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
-
2 janv. 2009 à 22:19
crapoulou Messages postés 28157 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 9 avril 2024 - 9 janv. 2009 à 00:12
crapoulou Messages postés 28157 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 9 avril 2024 - 9 janv. 2009 à 00:12
A voir également:
- VIRUS BAGLE ??
- Svchost.exe virus - Guide
- Lien virus à envoyer - Forum Virus
- Faux message virus iphone - Forum iPhone
- Vérificateur de lien virus - Guide
- Produkey virus ✓ - Forum Windows 10
30 réponses
crapoulou
Messages postés
28157
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
9 avril 2024
7 989
2 janv. 2009 à 22:21
2 janv. 2009 à 22:21
Salut,
Oui tu as bien une infection bagle attrapée en voulant installer un crack télécharger via le P2P ! (Emule, Limewire, ou autres ...)
Supprime tes cracks afin d'éviter la réinfection.
******************
Télécharge FindyKill (Merci à Chiquitine29 !!)
= = = = >>> En cliquant ici <<< = = = =
Fais un clic droit sur le lien, Enregistrer la cible sous (Internet Explorer) ou Enregistrer la cible du lien sous (Firefox) …
Choisis d’enregistrer le fichier sur le bureau.
Double clique sur FindyKill.exe
Choisis l’option 1 (Recherche)
Un rapport va s’ouvrir, poste le dans ta prochaine réponse.
Note :
Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\FindyKill.txt)
Oui tu as bien une infection bagle attrapée en voulant installer un crack télécharger via le P2P ! (Emule, Limewire, ou autres ...)
Supprime tes cracks afin d'éviter la réinfection.
******************
Télécharge FindyKill (Merci à Chiquitine29 !!)
= = = = >>> En cliquant ici <<< = = = =
Fais un clic droit sur le lien, Enregistrer la cible sous (Internet Explorer) ou Enregistrer la cible du lien sous (Firefox) …
Choisis d’enregistrer le fichier sur le bureau.
Double clique sur FindyKill.exe
Choisis l’option 1 (Recherche)
Un rapport va s’ouvrir, poste le dans ta prochaine réponse.
Note :
Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\FindyKill.txt)
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
3 janv. 2009 à 09:21
3 janv. 2009 à 09:21
Merci pour ton aide, je me mets au boulot et je t'envoie le rapport .....
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
3 janv. 2009 à 09:48
3 janv. 2009 à 09:48
Bonjour je t'envoie le résultat ..... pas brillant je le crains .
----------------- FindyKill V4.710 ------------------
* User : ERIC - DELATTRE
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 9:43:56 le 03/01/2009
* Windows XP - Internet Explorer 8.0.6001.18241
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\AOL Compagnon\COMPANION.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\SYSTEM32\findstr.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [03/01/2009 09:32] - C:\WINDOWS\system32\mdelk.exe
Found ! [03/01/2009 09:32] - C:\WINDOWS\system32\wintems.exe
Found ! [03/01/2009 09:33] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\ERIC\Application Data
Found ! [02/01/2009 21:40] - "C:\Documents and Settings\ERIC\Application Data\m\flec006.exe"
Found ! [03/01/2009 09:32] - "C:\Documents and Settings\ERIC\Application Data\m\list.oct"
Found ! [03/01/2009 09:32] - "C:\Documents and Settings\ERIC\Application Data\m\data.oct"
Found ! [03/01/2009 09:32] - "C:\Documents and Settings\ERIC\Application Data\m\srvlist.oct"
Found ! [03/01/2009 09:34] - "C:\Documents and Settings\ERIC\Application Data\m\shared"
Found ! [02/01/2009 21:41] - "C:\Documents and Settings\ERIC\Application Data\m"
Found ! [02/01/2009 17:35] - "C:\Documents and Settings\ERIC\Application Data\drivers"
Found ! [03/01/2009 09:31] - "C:\Documents and Settings\ERIC\Application Data\drivers\srosa.sys"
Found ! [03/01/2009 09:30] - "C:\Documents and Settings\ERIC\Application Data\drivers\srosa2.sys"
Found ! [24/01/2006 10:06] - "C:\Documents and Settings\ERIC\Application Data\drivers\winupgro.exe"
Found ! [03/01/2009 09:36] - "C:\Documents and Settings\ERIC\Application Data\drivers\downld"
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\117889.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\125240.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\126381.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\126662.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\133812.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\133982.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\135604.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\137377.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\138108.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\138168.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\139039.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\139090.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\139190.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\141643.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\141964.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\142074.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\144607.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\145599.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\145789.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\152088.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\155213.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\155273.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\156765.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\157816.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\160590.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\163164.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\163184.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\163244.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\165087.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\166689.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\166769.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\166779.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\166829.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\167070.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\167520.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\168131.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\168532.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\168742.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\168782.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\169964.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\170495.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\170885.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\171005.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\175512.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\176754.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\183533.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\184305.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\184805.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\187659.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1887864.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1891960.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1892801.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1893102.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\191505.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\191655.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1927842.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1928713.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1928753.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1944556.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1946088.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1946498.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1947209.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1947890.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1948722.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\196823.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1970142.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1970984.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1971384.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\197153.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\197503.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1977253.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1984884.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1985655.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1986376.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\200328.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\201119.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\201189.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\201339.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\201579.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2025903.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2026323.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2026423.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\209240.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\230130.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\233185.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\233846.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\234517.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\235698.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\236029.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\237070.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\237431.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2533883.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2543677.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2543757.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2550998.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\255637.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2581371.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2583534.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2584466.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\313941.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\315413.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\315974.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\321261.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\333469.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\333519.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\336133.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\337234.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\337745.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\337795.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\355961.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\360157.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\361109.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\361219.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\361870.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\362461.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\363052.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\400926.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\401587.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\401647.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\416769.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\418581.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\419423.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\420354.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\421546.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\422197.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\441284.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\442075.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\442516.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\449967.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\457407.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\458038.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\458609.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\477636.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\481392.exe
»»»» Presence des fichiers dans C:\DOCUME~1\ERIC\LOCALS~1\Temp
Found ! - C:\DOCUME~1\ERIC\LOCALS~1\Temp\keygen.exe
»»»» Presence des fichiers dans C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5
Found ! [03/01/2009 09:32] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\3Q0KOIZV\b64_1[1].jpg
Found ! [02/01/2009 18:19] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\3Q0KOIZV\b64_3[1].jpg
Found ! [02/01/2009 21:58] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LLAD4JS7\b64_3[1].jpg
Found ! [03/01/2009 09:34] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LSOHN2WW\b64[1].jpg
Found ! [02/01/2009 21:42] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LSOHN2WW\b64_1[1].jpg
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LSOHN2WW\b64_2[1].jpg
Found ! [02/01/2009 18:04] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LSOHN2WW\b64_3[1].jpg
Found ! [27/12/2008 12:01] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\O01W5VZH\0041540902b647c012466[1].jpg
Found ! [02/01/2009 21:40] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64[1].jpg
Found ! [02/01/2009 17:43] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[1].jpg
Found ! [02/01/2009 19:49] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[2].jpg
Found ! [02/01/2009 20:01] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[3].jpg
Found ! [02/01/2009 21:12] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[4].jpg
Found ! [03/01/2009 09:32] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[5].jpg
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
L08FXLRD_9145800="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
Picasa Media Detector=C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Disc Detector=C:\Program Files\Creative\ShareDLL\CtNotify.exe
KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
AOLDialer=C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
HostManager=C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
VX3000=C:\WINDOWS\vVX3000.exe
LifeCam="C:\Program Files\Microsoft LifeCam\LifeExp.exe"
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
VirtualCloneDrive="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
Lexmark X6100 Series="C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\not active=
LVCOMS=C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=
[HKEY_CURRENT_USER\software\local appwizard-generated applications\keygen]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\TeaTimer]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\Local AppWizard-Generated Applications\keygen
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\Ubisoft
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\keygen
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sK9Ou0s
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
- sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
/!\ Ip6Fw - Type de démarrage = 4
/!\ SharedAccess - Type de démarrage = 4
/!\ wuauserv - Type de démarrage = 4
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3fb976a0-3f8f-11dc-a908-00038a000015}\Shell\AutoRun\command
------------------- ! Fin du rapport ! --------------------
----------------- FindyKill V4.710 ------------------
* User : ERIC - DELATTRE
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 9:43:56 le 03/01/2009
* Windows XP - Internet Explorer 8.0.6001.18241
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\AOL Compagnon\COMPANION.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\SYSTEM32\findstr.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [03/01/2009 09:32] - C:\WINDOWS\system32\mdelk.exe
Found ! [03/01/2009 09:32] - C:\WINDOWS\system32\wintems.exe
Found ! [03/01/2009 09:33] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\ERIC\Application Data
Found ! [02/01/2009 21:40] - "C:\Documents and Settings\ERIC\Application Data\m\flec006.exe"
Found ! [03/01/2009 09:32] - "C:\Documents and Settings\ERIC\Application Data\m\list.oct"
Found ! [03/01/2009 09:32] - "C:\Documents and Settings\ERIC\Application Data\m\data.oct"
Found ! [03/01/2009 09:32] - "C:\Documents and Settings\ERIC\Application Data\m\srvlist.oct"
Found ! [03/01/2009 09:34] - "C:\Documents and Settings\ERIC\Application Data\m\shared"
Found ! [02/01/2009 21:41] - "C:\Documents and Settings\ERIC\Application Data\m"
Found ! [02/01/2009 17:35] - "C:\Documents and Settings\ERIC\Application Data\drivers"
Found ! [03/01/2009 09:31] - "C:\Documents and Settings\ERIC\Application Data\drivers\srosa.sys"
Found ! [03/01/2009 09:30] - "C:\Documents and Settings\ERIC\Application Data\drivers\srosa2.sys"
Found ! [24/01/2006 10:06] - "C:\Documents and Settings\ERIC\Application Data\drivers\winupgro.exe"
Found ! [03/01/2009 09:36] - "C:\Documents and Settings\ERIC\Application Data\drivers\downld"
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\117889.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\125240.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\126381.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\126662.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\133812.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\133982.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\135604.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\137377.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\138108.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\138168.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\139039.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\139090.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\139190.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\141643.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\141964.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\142074.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\144607.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\145599.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\145789.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\152088.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\155213.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\155273.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\156765.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\157816.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\160590.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\163164.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\163184.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\163244.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\165087.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\166689.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\166769.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\166779.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\166829.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\167070.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\167520.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\168131.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\168532.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\168742.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\168782.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\169964.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\170495.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\170885.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\171005.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\175512.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\176754.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\183533.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\184305.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\184805.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\187659.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1887864.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1891960.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1892801.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1893102.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\191505.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\191655.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1927842.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1928713.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1928753.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1944556.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1946088.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1946498.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1947209.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1947890.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1948722.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\196823.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1970142.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1970984.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1971384.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\197153.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\197503.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1977253.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1984884.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1985655.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\1986376.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\200328.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\201119.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\201189.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\201339.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\201579.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2025903.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2026323.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2026423.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\209240.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\230130.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\233185.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\233846.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\234517.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\235698.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\236029.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\237070.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\237431.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2533883.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2543677.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2543757.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2550998.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\255637.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2581371.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2583534.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\2584466.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\313941.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\315413.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\315974.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\321261.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\333469.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\333519.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\336133.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\337234.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\337745.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\337795.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\355961.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\360157.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\361109.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\361219.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\361870.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\362461.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\363052.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\400926.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\401587.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\401647.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\416769.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\418581.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\419423.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\420354.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\421546.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\422197.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\441284.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\442075.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\442516.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\449967.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\457407.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\458038.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\458609.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\477636.exe
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Application Data\drivers\downld\481392.exe
»»»» Presence des fichiers dans C:\DOCUME~1\ERIC\LOCALS~1\Temp
Found ! - C:\DOCUME~1\ERIC\LOCALS~1\Temp\keygen.exe
»»»» Presence des fichiers dans C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5
Found ! [03/01/2009 09:32] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\3Q0KOIZV\b64_1[1].jpg
Found ! [02/01/2009 18:19] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\3Q0KOIZV\b64_3[1].jpg
Found ! [02/01/2009 21:58] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LLAD4JS7\b64_3[1].jpg
Found ! [03/01/2009 09:34] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LSOHN2WW\b64[1].jpg
Found ! [02/01/2009 21:42] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LSOHN2WW\b64_1[1].jpg
Found ! [03/01/2009 09:36] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LSOHN2WW\b64_2[1].jpg
Found ! [02/01/2009 18:04] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\LSOHN2WW\b64_3[1].jpg
Found ! [27/12/2008 12:01] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\O01W5VZH\0041540902b647c012466[1].jpg
Found ! [02/01/2009 21:40] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64[1].jpg
Found ! [02/01/2009 17:43] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[1].jpg
Found ! [02/01/2009 19:49] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[2].jpg
Found ! [02/01/2009 20:01] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[3].jpg
Found ! [02/01/2009 21:12] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[4].jpg
Found ! [03/01/2009 09:32] - C:\Documents and Settings\ERIC\Local Settings\Temporary Internet Files\Content.IE5\XAYTD8RP\b64_3[5].jpg
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
L08FXLRD_9145800="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
Picasa Media Detector=C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Disc Detector=C:\Program Files\Creative\ShareDLL\CtNotify.exe
KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
AOLDialer=C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
HostManager=C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
VX3000=C:\WINDOWS\vVX3000.exe
LifeCam="C:\Program Files\Microsoft LifeCam\LifeExp.exe"
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
VirtualCloneDrive="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
Lexmark X6100 Series="C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\not active=
LVCOMS=C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=
[HKEY_CURRENT_USER\software\local appwizard-generated applications\keygen]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\TeaTimer]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\Local AppWizard-Generated Applications\keygen
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1645522239-789336058-1202660629-1003\Software\Ubisoft
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\keygen
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sK9Ou0s
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
- sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
/!\ Ip6Fw - Type de démarrage = 4
/!\ SharedAccess - Type de démarrage = 4
/!\ wuauserv - Type de démarrage = 4
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3fb976a0-3f8f-11dc-a908-00038a000015}\Shell\AutoRun\command
------------------- ! Fin du rapport ! --------------------
crapoulou
Messages postés
28157
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
9 avril 2024
7 989
3 janv. 2009 à 11:02
3 janv. 2009 à 11:02
Nettoyage :
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal, choisis l’option 2 (Suppression)
/!\ Il y aura deux redémarrages, laisse travailler l’outil jusqu’à l’apparition du message "nettoyage effectué" /!\
/!\ Ne te sert pas du pc durant la suppression, ton bureau ne sera pas accessible, c’est normal ! /!\</gras>
Ensuite poste le rapport FindyKill.txt
Notes :
* Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\ FindyKill.txt)
* Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide
**************************************************
- Télécharge HijackThis Version 2.02 :
= = = = >>> En cliquant ici <<< = = = =
- Enregistre HJTInstall.exe sur ton bureau.
- Fais un double-clic (gauche) sur HJTInstall.exe afin de lancer l’installation
- Clique sur Install ensuite sur « I Accept »
- Clique sur « Do a scan system and save log file »
- Le bloc-notes s’ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
*****
A ce soir.
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal, choisis l’option 2 (Suppression)
/!\ Il y aura deux redémarrages, laisse travailler l’outil jusqu’à l’apparition du message "nettoyage effectué" /!\
/!\ Ne te sert pas du pc durant la suppression, ton bureau ne sera pas accessible, c’est normal ! /!\</gras>
Ensuite poste le rapport FindyKill.txt
Notes :
* Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\ FindyKill.txt)
* Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide
**************************************************
- Télécharge HijackThis Version 2.02 :
= = = = >>> En cliquant ici <<< = = = =
- Enregistre HJTInstall.exe sur ton bureau.
- Fais un double-clic (gauche) sur HJTInstall.exe afin de lancer l’installation
- Clique sur Install ensuite sur « I Accept »
- Clique sur « Do a scan system and save log file »
- Le bloc-notes s’ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
*****
A ce soir.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
3 janv. 2009 à 11:19
3 janv. 2009 à 11:19
Salut Crapoulou, j'ai suivi ton conseil et j'ai pu réinstaller spybot derrière donc apparemment ça serait résolu je te poste mon hijackthis après nettoyage à tout à l'heure ......
Logfile of HijackThis v1.99.1
Scan saved at 11:17:45, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {15c93148-34fe-47e6-88e5-37607a3002f3} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\ERIC\Application Data\drivers\winupgro.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [L08FXLRD_9145800] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\ERIC\Application Data\m\flec006.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.fr
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} - http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a2free - - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDScheduler (PDSched) - Pinnacle Systems - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 11:17:45, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {15c93148-34fe-47e6-88e5-37607a3002f3} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\ERIC\Application Data\drivers\winupgro.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [L08FXLRD_9145800] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\ERIC\Application Data\m\flec006.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.fr
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} - http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a2free - - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDScheduler (PDSched) - Pinnacle Systems - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
crapoulou
Messages postés
28157
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
9 avril 2024
7 989
3 janv. 2009 à 20:07
3 janv. 2009 à 20:07
Télécharge Malwarebytes’ Anti-Malware
= = = = >>> En cliquant ici <<< = = = =
- Sur la page cliques sur Télécharger Malwarebyte’s Anti-Malware
- Enregistres le sur le bureau
- Double cliques sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, met à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-cliques sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Cliques sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu cliques dessus pour l’afficher une fois affiché
- Tu cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu cliques droit dans le cadre de la réponse et coller
Si tu as besoin d’aide regarde ce tutorial ICI
***************************
Télécharge Random’s System Information Tool (RSIT) de random/random et enregistre l’exécutable sur le Bureau.
= = = = >>> En cliquant ici <<< = = = =
* Double-clique sur RSIT.exe pour le lancer.
* Une première fenêtre s’ouvre, clique alors sur Continue (Disclaimer).
* Si la dernière version de HijackThis n’est pas détectée sur ton PC, RSIT le téléchargera et te demandera d’accepter la licence.
* Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront (probablement avec le bloc-notes).
* Poste le contenu de log.txt (c’est celui qui apparaît à l’écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
= = = = >>> En cliquant ici <<< = = = =
- Sur la page cliques sur Télécharger Malwarebyte’s Anti-Malware
- Enregistres le sur le bureau
- Double cliques sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, met à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-cliques sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Cliques sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu cliques dessus pour l’afficher une fois affiché
- Tu cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu cliques droit dans le cadre de la réponse et coller
Si tu as besoin d’aide regarde ce tutorial ICI
***************************
Télécharge Random’s System Information Tool (RSIT) de random/random et enregistre l’exécutable sur le Bureau.
= = = = >>> En cliquant ici <<< = = = =
* Double-clique sur RSIT.exe pour le lancer.
* Une première fenêtre s’ouvre, clique alors sur Continue (Disclaimer).
* Si la dernière version de HijackThis n’est pas détectée sur ton PC, RSIT le téléchargera et te demandera d’accepter la licence.
* Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront (probablement avec le bloc-notes).
* Poste le contenu de log.txt (c’est celui qui apparaît à l’écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
3 janv. 2009 à 20:19
3 janv. 2009 à 20:19
Salut voilà les posts du log et de l'info.txt
Logfile of random's system information tool 1.05 (written by random/random)
Run by ERIC at 2009-01-03 20:12:51
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 30 GB (39%) free of 76 GB
Total RAM: 511 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:45, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AOL Compagnon\COMPANION.EXE
C:\Documents and Settings\ERIC\Bureau\RSIT.exe
C:\Program Files\trend micro\ERIC.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {15c93148-34fe-47e6-88e5-37607a3002f3} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [L08FXLRD_9145800] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=https://fr.yahoo.com/
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} - http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd.dll
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: a2free - - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDScheduler (PDSched) - Pinnacle Systems - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by ERIC at 2009-01-03 20:12:51
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 30 GB (39%) free of 76 GB
Total RAM: 511 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:45, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AOL Compagnon\COMPANION.EXE
C:\Documents and Settings\ERIC\Bureau\RSIT.exe
C:\Program Files\trend micro\ERIC.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {15c93148-34fe-47e6-88e5-37607a3002f3} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [L08FXLRD_9145800] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=https://fr.yahoo.com/
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} - http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd.dll
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: a2free - - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDScheduler (PDSched) - Pinnacle Systems - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
crapoulou
Messages postés
28157
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
9 avril 2024
7 989
3 janv. 2009 à 20:25
3 janv. 2009 à 20:25
Télécharge UsbFix sur ton bureau :
= = = = >>> En cliquant ici <<< = = = =
=> Lance l’installation avec les paramètres par défaut
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d’avoir été infectés sans les ouvrir
=> Double clic sur le raccourci UsbFix sur ton bureau
=> Sélectionne l’option 1 : Nettoyage
=> Le PC va redémarrer
=>Après redémarrage poste le rapport UsbFix.txt
Notes :
* Le rapport UsbFix.txt est sauvegardé a la racine du disque
* Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche", tape explorer.exe et valide.
= = = = >>> En cliquant ici <<< = = = =
=> Lance l’installation avec les paramètres par défaut
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d’avoir été infectés sans les ouvrir
=> Double clic sur le raccourci UsbFix sur ton bureau
=> Sélectionne l’option 1 : Nettoyage
=> Le PC va redémarrer
=>Après redémarrage poste le rapport UsbFix.txt
Notes :
* Le rapport UsbFix.txt est sauvegardé a la racine du disque
* Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche", tape explorer.exe et valide.
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
3 janv. 2009 à 20:59
3 janv. 2009 à 20:59
salut je suis passé sur mon portable. Je crois que j'ai crié victoire trop vite. J'ai téléchargé le dernier logiciel puis l'ordinateur s'est relancé. Seulement windows tourne pendant deux minutes puis se relance à nouveau donc le bios me dit : "during the last boot etc ... Donc j'ai fermé l'ordi et je suis passé sur le portable. Qu'en penses-tu ????
crapoulou
Messages postés
28157
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
9 avril 2024
7 989
3 janv. 2009 à 21:54
3 janv. 2009 à 21:54
Tu ne peux pas redémarrer ton PC ?
Il semble que ce soit un problème matériel ...
Il semble que ce soit un problème matériel ...
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
3 janv. 2009 à 21:58
3 janv. 2009 à 21:58
Oui je pense pas que ce soit du au virus j'ai booté sur le cd d'install et je vais faire réparer on verra bien sinon j'essaierai de démarrer en mode sans échec ..... Après je jette la tour sur la route LOL
crapoulou
Messages postés
28157
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
9 avril 2024
7 989
3 janv. 2009 à 22:00
3 janv. 2009 à 22:00
lol j'allais te conseiller ça (le mode sans chec ... pas le jet de tour sur la route :P)
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
3 janv. 2009 à 22:02
3 janv. 2009 à 22:02
Avec le cd install il me dit à la fin écran bleu BAD_POOL_HEADER alors là j'avoue que je ne connais pas .....
crapoulou
Messages postés
28157
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
9 avril 2024
7 989
3 janv. 2009 à 22:05
3 janv. 2009 à 22:05
Plus d'infos ici :
http://forum.telecharger.01net.com/forum/high-tech/LOGICIELS/Windows-et-Logiciels/bad_pool_header-demarrage-resolu-sujet_75661_1.htm
Sinon, essaye de créer un nouveau topic dans un autre forum que Virus.
Essaye les manips données sur le lien.
http://forum.telecharger.01net.com/forum/high-tech/LOGICIELS/Windows-et-Logiciels/bad_pool_header-demarrage-resolu-sujet_75661_1.htm
Sinon, essaye de créer un nouveau topic dans un autre forum que Virus.
Essaye les manips données sur le lien.
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
3 janv. 2009 à 22:09
3 janv. 2009 à 22:09
ok je te remercie encore je vais voir le topic et je te compte le problème bagle comme résolu a+
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
3 janv. 2009 à 22:10
3 janv. 2009 à 22:10
Tiens toi bien ça vient de redémarrer je pige plus rien MDR
crapoulou
Messages postés
28157
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
9 avril 2024
7 989
3 janv. 2009 à 22:11
3 janv. 2009 à 22:11
Lorsque tu auras résolu ce problème, reviens me voir pour terminer proprement.
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
4 janv. 2009 à 15:50
4 janv. 2009 à 15:50
Salut Crapoulou bon j'ai fait Usbfix et j'ai surtout enlever Kaspersky pour remettre avast. Apparemment mon systémé n'est pas assez performent pour supporter Kaspersky. J'ai tout repassé à la moulinette antivirus, spybot + malwarebytes plus rien de suspect. Windows redémarre en 40 secondes ce qui est très correct pour les perfs de mon ordi. Voilà les dernières nouvelles du front. Merci encore et passe une bonne année.
crapoulou
Messages postés
28157
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
9 avril 2024
7 989
4 janv. 2009 à 15:54
4 janv. 2009 à 15:54
Ok.
Pour information, Antivir d’Avira est meilleur qu’Avast ou autre antivirus gratuit.
Si ça t’intéresse, désinstalle le tien et installe Antivir.
Tout est expliqué sur ce lien, du téléchargement à la configuration.
********************
* Télécharge Ccleaner (N’installe pas la barre d’outil Yahoo):
= = = = >>> En cliquant ici <<< = = = =
* L´installer.
* Choisis l’onglet Nettoyeur
Quitte ton navigateur Internet avant de le lancer, décoche la dernière case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" quand il aura terminé le scan cliques en bas à droite sur "lancer le nettoyage" et accepte par oui.
Attention, il risque de vider ta corbeille : si tu veux récupérer des fichiers effacés par erreur, mieux vaut le faire maintenant.
* Choisis l’onglet Registre
- Clic sur Chercher des erreurs
- Une fois la recherche terminée, clic sur Réparer les erreurs sélectionnées (par défaut, tout est sélectionné, laisse comme ça)
- Au message Voulez-vous sauvegarder les changements faits dans le registre, répond oui et enregistre le fichier « .reg » en le nommant par la date par exemple en le mettant sur le bureau. Puis continue.
- A la fenêtre qui s’ouvre ensuite, clic sur Corriger toutes les erreurs sélectionnées puis OK
- Ferme Ccleaner.
* Tutoriel en image ICI si besoin.
Note : La sauvegarde utilisée permet de remettre tel que la base était avant la manipulation au cas où il y aurait des soucis mais cela ne m’est jamais arrivé ! Il vaut mieux prendre des précautions, c’est tout. ;-)
*********************
Poste un nouveau rapport hijackthis.
Pour information, Antivir d’Avira est meilleur qu’Avast ou autre antivirus gratuit.
Si ça t’intéresse, désinstalle le tien et installe Antivir.
Tout est expliqué sur ce lien, du téléchargement à la configuration.
********************
* Télécharge Ccleaner (N’installe pas la barre d’outil Yahoo):
= = = = >>> En cliquant ici <<< = = = =
* L´installer.
* Choisis l’onglet Nettoyeur
Quitte ton navigateur Internet avant de le lancer, décoche la dernière case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" quand il aura terminé le scan cliques en bas à droite sur "lancer le nettoyage" et accepte par oui.
Attention, il risque de vider ta corbeille : si tu veux récupérer des fichiers effacés par erreur, mieux vaut le faire maintenant.
* Choisis l’onglet Registre
- Clic sur Chercher des erreurs
- Une fois la recherche terminée, clic sur Réparer les erreurs sélectionnées (par défaut, tout est sélectionné, laisse comme ça)
- Au message Voulez-vous sauvegarder les changements faits dans le registre, répond oui et enregistre le fichier « .reg » en le nommant par la date par exemple en le mettant sur le bureau. Puis continue.
- A la fenêtre qui s’ouvre ensuite, clic sur Corriger toutes les erreurs sélectionnées puis OK
- Ferme Ccleaner.
* Tutoriel en image ICI si besoin.
Note : La sauvegarde utilisée permet de remettre tel que la base était avant la manipulation au cas où il y aurait des soucis mais cela ne m’est jamais arrivé ! Il vaut mieux prendre des précautions, c’est tout. ;-)
*********************
Poste un nouveau rapport hijackthis.
footeux63
Messages postés
57
Date d'inscription
jeudi 20 novembre 2003
Statut
Membre
Dernière intervention
8 janvier 2009
9
4 janv. 2009 à 16:23
4 janv. 2009 à 16:23
voilà le dernier rapport hikackthis. Pour antivir je l'ai déjà vu sur le site de MALEKAL je vais l'essayer. Pour ccleaner je partique depuis plusieurs années et la barre YAHOO je ne l'ai jamias téléchargé.
Logfile of HijackThis v1.99.1
Scan saved at 16:10:03, on 04/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AOL Compagnon\COMPANION.EXE
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {15c93148-34fe-47e6-88e5-37607a3002f3} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: START_PAGE_URL=https://fr.yahoo.com/
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} - http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3A51C9BA-CAAE-40B0-9939-CB2851C3A3BA}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a2free - - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDScheduler (PDSched) - Pinnacle Systems - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 16:10:03, on 04/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AOL Compagnon\COMPANION.EXE
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {15c93148-34fe-47e6-88e5-37607a3002f3} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: START_PAGE_URL=https://fr.yahoo.com/
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} - http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3A51C9BA-CAAE-40B0-9939-CB2851C3A3BA}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a2free - - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDScheduler (PDSched) - Pinnacle Systems - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
ok je vais changer l'antivirus j'en avais déjà entedu parler par MALEKAL je crois. Quand à CCLEANER je l'utilise depuis pas mal de temps. La barre YAHOO je ne l'ai jamias mis en place donc ça devrait être correct
Logfile of HijackThis v1.99.1
Scan saved at 16:10:03, on 04/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AOL Compagnon\COMPANION.EXE
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {15c93148-34fe-47e6-88e5-37607a3002f3} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: START_PAGE_URL=https://fr.yahoo.com/
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} - http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3A51C9BA-CAAE-40B0-9939-CB2851C3A3BA}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a2free - - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDScheduler (PDSched) - Pinnacle Systems - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 16:10:03, on 04/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AOL Compagnon\COMPANION.EXE
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {15c93148-34fe-47e6-88e5-37607a3002f3} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1209120604\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: START_PAGE_URL=https://fr.yahoo.com/
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} - http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3A51C9BA-CAAE-40B0-9939-CB2851C3A3BA}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a2free - - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDScheduler (PDSched) - Pinnacle Systems - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
