Aller au contenu

cgombert

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    33

  • Inscription

  • Dernière visite

Contact Methods

  • Website URL
    http://

Autres informations

  • Mes langues
    FRANCAIS

cgombert's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. cgombert
    Mille mercis pour ton aide et tous tes conseilles J'en profite pour saluer l'ensemble de l'équipe du forum de zebulon.
  2. cgombert
    Voici le nouveau rapport hijackthis je te remercie vraiement beaucoup pour ton aide ainsi que tes renseignements. Et chapeau pour ta rapidité. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:01:15, on 07/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\keyhook.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\RAMpage\RAMpage.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\PCHButton.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.defaulthomepage.info R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RAMpage] "C:\Program Files\RAMpage\RAMpage.exe" M=28 T=4 P="C:\Program Files\RAMpage\RAMpageConfig.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\PCHButton.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - Startup: Outil de notification Live Search.lnk = ? O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.03\AMVConverter\grab.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.03\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.3suisses.fr O15 - Trusted Zone: http://www.adobe.com O15 - Trusted Zone: http://abonnement.aliceadsl.fr O15 - Trusted Zone: http://www.bpbfc.banquepopulaire.fr O15 - Trusted Zone: http://www.caisse-epargne.fr O15 - Trusted Zone: http://www.conrad.fr O15 - Trusted Zone: http://www.cybergrattage.com O15 - Trusted Zone: http://www.extrafilm.fr O15 - Trusted Zone: http://www.agence.francetelecom.com O15 - Trusted Zone: http://www.goldsofts.com O15 - Trusted Zone: http://www.impots.gouv.fr O15 - Trusted Zone: http://www.ledemondujeu.com O15 - Trusted Zone: http://www.quelle.fr O15 - Trusted Zone: http://www.sunsilk.fr O15 - Trusted Zone: http://www.viamichelin.fr O15 - Trusted Zone: http://download.zonelabs.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/frame...geUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave.com/content/dinerdash...h2.1.0.0.67.cab O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://webgames.d.tmsrv.com/c=ed2c06a087cb...ash.1.0.0.6.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/...owserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader4.cab O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} (GameHouse Games Player) - http://www.gamehouse.com/realarcade-webgam...houseplayer.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://oceceocece.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurate...countHelper.cab O16 - DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} (Jolly Bear Games Player) - http://www.shockwave.com/content/bigcityad...BGamePlayer.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.gamehouse.com/realarcade-webgam...GamesPlayer.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://www.shockwave.com/content/dinerdash...tg.1.0.0.33.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://www.gamehouse.com/realarcade-webgam...zylomplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...r_v2.1.0.56.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553541000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D40F5876-A494-4124-8161-82625BB28C06} (CPlayFirstChocolatieControl Object) - http://www.gamehouse.com/realarcade-webgam...hocolatier2.cab O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.gamehouse.com/realarcade-webgam...inematycoon.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/online2/MSN_...sh.1.0.0.80.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/layou...IPSUploader.cab O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_...gamesloader.cab O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://www.gamehouse.com/realarcade-webgam...WeddingDash.cab O16 - DPF: {F4EBFE42-D82A-48EB-B70E-7499FFEAFF3F} (CPlayFirstDressShopHControl Object) - http://webgames.d.tmsrv.com/c=ed2c06a087cb...Web.1.0.0.7.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 14506 bytes
  3. cgombert
    7 clés de registre étaient infectés. ci-dessous le rapport MBAM ANTI MALWARE A parement, je n'ai plus de fenetre qui s'ouvrent toute seule. Malwarebytes' Anti-Malware 1.26 Version de la base de données: 1120 Windows 5.1.2600 Service Pack 3 07/09/2008 01:43:59 mbam-log-2008-09-07 (01-43-59).txt Type de recherche: Examen rapide Eléments examinés: 47138 Temps écoulé: 4 minute(s), 2 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 7 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  4. cgombert
    Voici le nouveau rapport navilog1 Clean Navipromo version 3.6.5 commencé le 07/09/2008 à 1:06:34,64 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Compaq_Propriétaire" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\Compaq_Propriétaire\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\L2MFIX\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Compaq_Propriétaire\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Compaq_Propriétaire\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\L2MFIX\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Compaq_Propriétaire\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Compaq_Propri‚taire\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * overaiftgb.da_ trouvé ! Copie overaiftgb.da_ réalisée avec succès ! overaiftgb.da_ supprimé ! overaiftgb_nav.da_ trouvé ! Copie overaiftgb_nav.da_ réalisée avec succès ! overaiftgb_nav.da_ supprimé ! overaiftgb_navps.da_ trouvé ! Copie overaiftgb_navps.da_ réalisée avec succès ! overaiftgb_navps.da_ supprimé ! * Dans "C:\Documents and Settings\Compaq_Propriétaire\locals~1\applic~1" * * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Dans "C:\DOCUME~1\L2MFIX\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 07/09/2008 à 1:11:33,53 ***
  5. cgombert
    Ci dessous rapport Lop S&D avec option 2 et navilog1 option 1 --------------------\\ Lop S&D 4.2.4-1 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Sempron 3000+ ) BIOS : Rev. 3.11 USER : Compaq_Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 080906-0] 4.8.1229 (Activated) Firewall : ZoneAlarm Firewall 7.0.462.000 (Activated) "C:\Lop SD" ( MAJ : 06-09-2008|22:02 ) Option : [2] ( 07/09/2008| 0:33 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\thunk chin.exe Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [02/01/2004|02:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer [01/01/2004|23:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [02/01/2004|01:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intervideo [26/12/2006|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [02/01/2004|02:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView [02/01/2004|01:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun [01/01/2004|22:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec [25/12/2006|22:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Template [03/06/2007|11:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems [13/02/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [20/01/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [12/03/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [26/12/2006|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG7 [05/08/2008|02:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [15/08/2007|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Coktel [10/12/2006|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [27/12/2007|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse [10/04/2008|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GoBit Games [06/09/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [30/07/2007|00:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [02/01/2004|01:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo [25/04/2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin [09/09/2007|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear [26/02/2005|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure [17/07/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier [30/09/2007|13:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [02/01/2004|02:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive [15/04/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [26/02/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames [11/07/2008|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [08/04/2007|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap [22/07/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [13/06/2007|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Recisio [06/01/2007|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm [23/09/2007|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [01/01/2004|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [26/12/2006|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [02/09/2008|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [03/10/2007|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [17/12/2006|00:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [16/12/2006|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [07/07/2008|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [10/08/2007|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [03/06/2007|11:20] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ACD Systems [21/06/2008|15:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe [15/02/2007|22:46] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM [28/07/2007|15:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer [02/12/2007|21:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ArcSoft [15/01/2007|23:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DivX [16/12/2006|22:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google [18/04/2008|14:02] C:\DOCUME~1\COMPAQ~1\APPLIC~1\gtk-2.0 [26/02/2006|15:03] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help [04/09/2008|21:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Htmvcrect [20/04/2008|12:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities [15/02/2005|21:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Intervideo [25/04/2007|12:10] C:\DOCUME~1\COMPAQ~1\APPLIC~1\iWin [02/02/2005|21:56] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech [08/02/2007|11:59] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia [23/06/2008|20:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft [19/09/2006|18:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Motive [11/07/2008|14:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\PlayFirst [02/01/2004|02:38] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SampleView [25/12/2007|22:44] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SecuROM [07/11/2007|21:16] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Snapfish [02/02/2005|21:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic [02/01/2004|01:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun [01/01/2004|22:38] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec [15/02/2005|20:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Template [05/08/2008|02:02] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ViquaSoft [01/05/2007|13:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Vso [03/01/2007|14:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ZapSpot [20/04/2008|12:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Zylom [02/01/2004|02:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer [01/01/2004|23:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [02/01/2004|01:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo [01/01/2004|23:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [02/01/2004|02:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView [02/01/2004|01:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun [01/01/2004|22:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [30/09/2007|11:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [26/12/2006|23:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [26/08/2008 23:01][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini [06/09/2008 23:25][--ah-----] C:\WINDOWS\tasks\SA.DAT --------------------\\ Listing des dossiers dans C:\Program Files [01/06/2007|21:40] C:\Program Files\7-Zip [03/06/2007|11:07] C:\Program Files\ACD Systems [11/08/2008|09:36] C:\Program Files\Adibou,Je lis, je calcule 4-5 [04/07/2008|09:47] C:\Program Files\Adobe [15/12/2006|19:38] C:\Program Files\Alice [15/12/2006|20:03] C:\Program Files\Alwil Software [20/01/2008|13:38] C:\Program Files\Apple Software Update [18/06/2006|13:37] C:\Program Files\Atout Clic CM2 [03/06/2007|12:49] C:\Program Files\Avi2Dvd [03/06/2007|12:50] C:\Program Files\AviSynth 2.5 [17/07/2008|09:42] C:\Program Files\azebon [23/01/2005|15:35] C:\Program Files\BeachVolleyball [05/08/2008|01:59] C:\Program Files\Boonty [05/08/2008|02:01] C:\Program Files\BoontyGames [26/02/2006|14:57] C:\Program Files\Borland [26/10/2006|13:41] C:\Program Files\Bullfrog [27/12/2006|20:16] C:\Program Files\CCleaner [24/06/2007|23:07] C:\Program Files\CD-ROM Diva Starz [23/02/2007|22:26] C:\Program Files\CENEGA [30/01/2007|17:49] C:\Program Files\Clic d'Api Nø26 [01/01/2004|23:49] C:\Program Files\ComPlus Applications [23/01/2005|20:18] C:\Program Files\Digitale Huehnerjagd [19/01/2005|21:27] C:\Program Files\directx [17/07/2008|09:47] C:\Program Files\Disney Interactive [01/09/2008|21:41] C:\Program Files\DivX [03/06/2008|12:59] C:\Program Files\EA GAMES [01/02/2007|19:49] C:\Program Files\Easy Internet signup [22/05/2005|13:46] C:\Program Files\English Fever [02/09/2008|21:27] C:\Program Files\Fichiers communs [15/12/2007|22:15] C:\Program Files\FLV Player [11/07/2008|19:18] C:\Program Files\Gamenext [11/07/2008|14:48] C:\Program Files\GamesBar [23/01/2008|20:24] C:\Program Files\GIMP-2.0 [06/09/2008|09:49] C:\Program Files\Google [10/02/2007|14:00] C:\Program Files\Grisoft [02/01/2004|02:13] C:\Program Files\Help and Support Additions [11/01/2007|20:13] C:\Program Files\Hercules [01/09/2006|12:55] C:\Program Files\HighwayPursuit [06/09/2008|23:36] C:\Program Files\hijackthis [13/02/2005|16:26] C:\Program Files\Hits Collection [02/09/2008|09:21] C:\Program Files\Htmvcrect [29/12/2007|17:09] C:\Program Files\InstallShield Installation Information [13/08/2008|11:41] C:\Program Files\Internet Explorer [15/01/2005|14:50] C:\Program Files\InterVideo [29/07/2008|21:25] C:\Program Files\Java [21/01/2005|20:33] C:\Program Files\jetspeed [13/06/2007|21:21] C:\Program Files\KaraFun [10/10/2007|20:37] C:\Program Files\Lambda [31/01/2007|22:11] C:\Program Files\LaserMedia [10/10/2007|20:34] C:\Program Files\Maxis [20/02/2007|22:48] C:\Program Files\MeowCdMp3 [13/08/2008|11:43] C:\Program Files\Messenger [01/01/2004|23:51] C:\Program Files\microsoft frontpage [05/01/2007|22:29] C:\Program Files\Microsoft Office [30/09/2007|11:41] C:\Program Files\Microsoft SQL Server Compact Edition [24/01/2005|20:21] C:\Program Files\Microsoft Works [28/06/2007|16:40] C:\Program Files\Mindscape [15/05/2008|20:53] C:\Program Files\Movie Maker [14/09/2006|20:40] C:\Program Files\MP3 Player Utilities [25/12/2007|16:48] C:\Program Files\MP3 Player Utilities 4.03 [11/09/2007|19:16] C:\Program Files\MSBuild [13/08/2008|20:22] C:\Program Files\MSN [09/10/2007|20:53] C:\Program Files\MSN Games [01/01/2004|23:48] C:\Program Files\MSN Gaming Zone [12/09/2007|12:54] C:\Program Files\MSXML 6.0 [26/02/2006|14:57] C:\Program Files\Mvm [15/05/2008|20:50] C:\Program Files\NetMeeting [23/02/2008|10:48] C:\Program Files\NRJ [01/01/2004|23:48] C:\Program Files\Online Services [15/05/2008|20:50] C:\Program Files\Outlook Express [15/08/2007|14:54] C:\Program Files\Pac-Manic Worlds [03/09/2008|13:05] C:\Program Files\Panda Security [02/01/2004|02:14] C:\Program Files\PC-Doctor for Windows [11/05/2007|18:31] C:\Program Files\PDFCreator [24/01/2005|20:33] C:\Program Files\Phenomedia AG [04/06/2008|20:46] C:\Program Files\Picasa2 [29/12/2007|17:34] C:\Program Files\QuickTime [09/10/2007|20:59] C:\Program Files\RAMpage [11/09/2007|19:10] C:\Program Files\Reference Assemblies [09/09/2007|19:06] C:\Program Files\RegCleaner [24/07/2008|15:46] C:\Program Files\RoadRoll [14/03/2007|22:02] C:\Program Files\SdLL [11/02/2005|21:16] C:\Program Files\Serpik [02/01/2004|02:20] C:\Program Files\Services en ligne [06/01/2007|20:21] C:\Program Files\Siber Systems [01/01/2004|21:33] C:\Program Files\SiS VGA Utilities V3.59e [24/04/2005|13:04] C:\Program Files\Small Rockets [11/02/2005|21:13] C:\Program Files\Snoopy [02/01/2004|01:53] C:\Program Files\Sonic [02/01/2004|01:53] C:\Program Files\Sonic RecordNow! [01/05/2008|20:19] C:\Program Files\Sun [17/07/2008|10:00] C:\Program Files\SuperMarioPac [15/12/2006|19:38] C:\Program Files\TechCity Solutions [30/01/2005|16:32] C:\Program Files\TLC-Edusoft [31/10/2007|17:01] C:\Program Files\TrackMania Nations ESWC [21/10/2007|17:06] C:\Program Files\Ubisoft [01/01/2004|23:54] C:\Program Files\Uninstall Information [11/10/2007|19:17] C:\Program Files\Windows Desktop Search [07/07/2008|20:42] C:\Program Files\Windows Live [07/07/2008|19:54] C:\Program Files\Windows Live Toolbar [23/02/2008|10:50] C:\Program Files\Windows Media Components [30/12/2006|00:31] C:\Program Files\Windows Media Connect 2 [15/05/2008|20:50] C:\Program Files\Windows Media Player [15/05/2008|20:50] C:\Program Files\Windows NT [01/01/2004|23:50] C:\Program Files\WindowsUpdate [01/01/2004|23:51] C:\Program Files\xerox [26/12/2006|23:41] C:\Program Files\Zone Labs --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [03/06/2007|11:08] C:\Program Files\Fichiers communs\ACD Systems [13/02/2008|21:27] C:\Program Files\Fichiers communs\Adobe [11/01/2007|20:16] C:\Program Files\Fichiers communs\ArcSoft [05/08/2008|02:02] C:\Program Files\Fichiers communs\BOONTY Shared [22/05/2005|13:36] C:\Program Files\Fichiers communs\EverAd Shared [01/01/2004|21:33] C:\Program Files\Fichiers communs\InstallShield [28/12/2006|20:51] C:\Program Files\Fichiers communs\Java [27/01/2008|11:55] C:\Program Files\Fichiers communs\Microsoft Shared [01/01/2004|23:49] C:\Program Files\Fichiers communs\MSSoap [11/07/2008|14:48] C:\Program Files\Fichiers communs\Oberon Media [02/01/2004|00:45] C:\Program Files\Fichiers communs\ODBC [15/12/2004|05:21] C:\Program Files\Fichiers communs\Services [02/01/2004|00:45] C:\Program Files\Fichiers communs\SpeechEngines [02/01/2004|01:53] C:\Program Files\Fichiers communs\SureThing Shared [15/05/2008|20:50] C:\Program Files\Fichiers communs\System [27/01/2008|11:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 43 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-07 00:35:54 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 974 --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk C:\WINDOWS\System32\nvs2.inf C:\WINDOWS\System32\wuhxlnjk.dat.ren C:\WINDOWS\System32\wuhxlnjk_nav.dat.ren C:\WINDOWS\System32\wuhxlnjk_navps.dat.ren ==> EGDACCESS <== [F:1884][D:22]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp [F:46][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies [F:1271][D:4]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008| 0:07 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 07/09/2008| 0:37 - Option : [2] --------------------\\ Fin du rapport a 0:37:57 Search Navipromo version 3.6.5 commencé le 07/09/2008 à 0:43:53,82 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Compaq_Propriétaire" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Compaq_Propriétaire\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Compaq_Propriétaire\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\L2MFIX\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Compaq_Propriétaire\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Compaq_Propriétaire\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\L2MFIX\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : overaiftgb.da_ trouvé ! overaiftgb_nav.da_ trouvé ! overaiftgb_navps.da_ trouvé ! * Dans "C:\Documents and Settings\Compaq_Propriétaire\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : * Dans "C:\DOCUME~1\L2MFIX\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 07/09/2008 à 0:53:08,04 ***
  6. cgombert
    Bonjour Thanos, Je te remercie pour ta réactivité. Tu trouvera ci-dessous le rapport Lop S&D --------------------\\ Lop S&D 4.2.4-1 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Sempron 3000+ ) BIOS : Rev. 3.11 USER : Compaq_Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 080906-0] 4.8.1229 (Not Activated) Firewall : ZoneAlarm Firewall 7.0.462.000 (Activated) "C:\Lop SD" ( MAJ : 06-09-2008|22:02 ) Option : [1] ( 07/09/2008| 0:02 ) --------------------\\ Listing des dossiers dans APPLIC~1 [02/01/2004|02:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer [01/01/2004|23:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [02/01/2004|01:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intervideo [26/12/2006|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [02/01/2004|02:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView [02/01/2004|01:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun [01/01/2004|22:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec [25/12/2006|22:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Template [03/06/2007|11:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems [13/02/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [20/01/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [12/03/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [26/12/2006|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG7 [05/08/2008|02:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [15/08/2007|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Coktel [10/12/2006|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [02/09/2008|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo [27/12/2007|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse [10/04/2008|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GoBit Games [06/09/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [30/07/2007|00:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [02/01/2004|01:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo [25/04/2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin [09/09/2007|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear [26/02/2005|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure [17/07/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier [30/09/2007|13:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [02/01/2004|02:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive [15/04/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [26/02/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames [11/07/2008|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [08/04/2007|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap [22/07/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [13/06/2007|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Recisio [06/01/2007|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm [23/09/2007|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [01/01/2004|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [26/12/2006|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [02/09/2008|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [03/10/2007|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [17/12/2006|00:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [16/12/2006|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [07/07/2008|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [10/08/2007|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [03/06/2007|11:20] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ACD Systems [21/06/2008|15:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe [15/02/2007|22:46] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM [28/07/2007|15:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer [02/12/2007|21:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ArcSoft [15/01/2007|23:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DivX [16/12/2006|22:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google [18/04/2008|14:02] C:\DOCUME~1\COMPAQ~1\APPLIC~1\gtk-2.0 [26/02/2006|15:03] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help [04/09/2008|21:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Htmvcrect [20/04/2008|12:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities [15/02/2005|21:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Intervideo [25/04/2007|12:10] C:\DOCUME~1\COMPAQ~1\APPLIC~1\iWin [02/02/2005|21:56] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech [08/02/2007|11:59] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia [23/06/2008|20:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft [19/09/2006|18:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Motive [11/07/2008|14:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\PlayFirst [02/01/2004|02:38] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SampleView [25/12/2007|22:44] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SecuROM [07/11/2007|21:16] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Snapfish [02/02/2005|21:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic [02/01/2004|01:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun [01/01/2004|22:38] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec [15/02/2005|20:15] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Template [05/08/2008|02:02] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ViquaSoft [01/05/2007|13:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Vso [03/01/2007|14:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ZapSpot [20/04/2008|12:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Zylom [02/01/2004|02:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer [01/01/2004|23:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [02/01/2004|01:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo [01/01/2004|23:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [02/01/2004|02:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView [02/01/2004|01:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun [01/01/2004|22:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [30/09/2007|11:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [26/12/2006|23:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [26/08/2008 23:01][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini [06/09/2008 23:25][--ah-----] C:\WINDOWS\tasks\SA.DAT --------------------\\ Listing des dossiers dans C:\Program Files [01/06/2007|21:40] C:\Program Files\7-Zip [03/06/2007|11:07] C:\Program Files\ACD Systems [11/08/2008|09:36] C:\Program Files\Adibou,Je lis, je calcule 4-5 [04/07/2008|09:47] C:\Program Files\Adobe [15/12/2006|19:38] C:\Program Files\Alice [15/12/2006|20:03] C:\Program Files\Alwil Software [20/01/2008|13:38] C:\Program Files\Apple Software Update [18/06/2006|13:37] C:\Program Files\Atout Clic CM2 [03/06/2007|12:49] C:\Program Files\Avi2Dvd [03/06/2007|12:50] C:\Program Files\AviSynth 2.5 [17/07/2008|09:42] C:\Program Files\azebon [23/01/2005|15:35] C:\Program Files\BeachVolleyball [05/08/2008|01:59] C:\Program Files\Boonty [05/08/2008|02:01] C:\Program Files\BoontyGames [26/02/2006|14:57] C:\Program Files\Borland [26/10/2006|13:41] C:\Program Files\Bullfrog [27/12/2006|20:16] C:\Program Files\CCleaner [24/06/2007|23:07] C:\Program Files\CD-ROM Diva Starz [23/02/2007|22:26] C:\Program Files\CENEGA [30/01/2007|17:49] C:\Program Files\Clic d'Api Nø26 [01/01/2004|23:49] C:\Program Files\ComPlus Applications [23/01/2005|20:18] C:\Program Files\Digitale Huehnerjagd [19/01/2005|21:27] C:\Program Files\directx [17/07/2008|09:47] C:\Program Files\Disney Interactive [01/09/2008|21:41] C:\Program Files\DivX [03/06/2008|12:59] C:\Program Files\EA GAMES [01/02/2007|19:49] C:\Program Files\Easy Internet signup [22/05/2005|13:46] C:\Program Files\English Fever [02/09/2008|21:27] C:\Program Files\Fichiers communs [15/12/2007|22:15] C:\Program Files\FLV Player [11/07/2008|19:18] C:\Program Files\Gamenext [11/07/2008|14:48] C:\Program Files\GamesBar [23/01/2008|20:24] C:\Program Files\GIMP-2.0 [06/09/2008|09:49] C:\Program Files\Google [10/02/2007|14:00] C:\Program Files\Grisoft [02/01/2004|02:13] C:\Program Files\Help and Support Additions [11/01/2007|20:13] C:\Program Files\Hercules [01/09/2006|12:55] C:\Program Files\HighwayPursuit [06/09/2008|23:36] C:\Program Files\hijackthis [13/02/2005|16:26] C:\Program Files\Hits Collection [02/09/2008|09:21] C:\Program Files\Htmvcrect [29/12/2007|17:09] C:\Program Files\InstallShield Installation Information [13/08/2008|11:41] C:\Program Files\Internet Explorer [15/01/2005|14:50] C:\Program Files\InterVideo [29/07/2008|21:25] C:\Program Files\Java [21/01/2005|20:33] C:\Program Files\jetspeed [13/06/2007|21:21] C:\Program Files\KaraFun [10/10/2007|20:37] C:\Program Files\Lambda [31/01/2007|22:11] C:\Program Files\LaserMedia [10/10/2007|20:34] C:\Program Files\Maxis [20/02/2007|22:48] C:\Program Files\MeowCdMp3 [13/08/2008|11:43] C:\Program Files\Messenger [01/01/2004|23:51] C:\Program Files\microsoft frontpage [05/01/2007|22:29] C:\Program Files\Microsoft Office [30/09/2007|11:41] C:\Program Files\Microsoft SQL Server Compact Edition [24/01/2005|20:21] C:\Program Files\Microsoft Works [28/06/2007|16:40] C:\Program Files\Mindscape [15/05/2008|20:53] C:\Program Files\Movie Maker [14/09/2006|20:40] C:\Program Files\MP3 Player Utilities [25/12/2007|16:48] C:\Program Files\MP3 Player Utilities 4.03 [11/09/2007|19:16] C:\Program Files\MSBuild [13/08/2008|20:22] C:\Program Files\MSN [09/10/2007|20:53] C:\Program Files\MSN Games [01/01/2004|23:48] C:\Program Files\MSN Gaming Zone [12/09/2007|12:54] C:\Program Files\MSXML 6.0 [26/02/2006|14:57] C:\Program Files\Mvm [15/05/2008|20:50] C:\Program Files\NetMeeting [23/02/2008|10:48] C:\Program Files\NRJ [01/01/2004|23:48] C:\Program Files\Online Services [15/05/2008|20:50] C:\Program Files\Outlook Express [15/08/2007|14:54] C:\Program Files\Pac-Manic Worlds [03/09/2008|13:05] C:\Program Files\Panda Security [02/01/2004|02:14] C:\Program Files\PC-Doctor for Windows [11/05/2007|18:31] C:\Program Files\PDFCreator [24/01/2005|20:33] C:\Program Files\Phenomedia AG [04/06/2008|20:46] C:\Program Files\Picasa2 [29/12/2007|17:34] C:\Program Files\QuickTime [09/10/2007|20:59] C:\Program Files\RAMpage [11/09/2007|19:10] C:\Program Files\Reference Assemblies [09/09/2007|19:06] C:\Program Files\RegCleaner [24/07/2008|15:46] C:\Program Files\RoadRoll [14/03/2007|22:02] C:\Program Files\SdLL [11/02/2005|21:16] C:\Program Files\Serpik [02/01/2004|02:20] C:\Program Files\Services en ligne [06/01/2007|20:21] C:\Program Files\Siber Systems [01/01/2004|21:33] C:\Program Files\SiS VGA Utilities V3.59e [24/04/2005|13:04] C:\Program Files\Small Rockets [11/02/2005|21:13] C:\Program Files\Snoopy [02/01/2004|01:53] C:\Program Files\Sonic [02/01/2004|01:53] C:\Program Files\Sonic RecordNow! [01/05/2008|20:19] C:\Program Files\Sun [17/07/2008|10:00] C:\Program Files\SuperMarioPac [15/12/2006|19:38] C:\Program Files\TechCity Solutions [30/01/2005|16:32] C:\Program Files\TLC-Edusoft [31/10/2007|17:01] C:\Program Files\TrackMania Nations ESWC [21/10/2007|17:06] C:\Program Files\Ubisoft [01/01/2004|23:54] C:\Program Files\Uninstall Information [11/10/2007|19:17] C:\Program Files\Windows Desktop Search [07/07/2008|20:42] C:\Program Files\Windows Live [07/07/2008|19:54] C:\Program Files\Windows Live Toolbar [23/02/2008|10:50] C:\Program Files\Windows Media Components [30/12/2006|00:31] C:\Program Files\Windows Media Connect 2 [15/05/2008|20:50] C:\Program Files\Windows Media Player [15/05/2008|20:50] C:\Program Files\Windows NT [01/01/2004|23:50] C:\Program Files\WindowsUpdate [01/01/2004|23:51] C:\Program Files\xerox [26/12/2006|23:41] C:\Program Files\Zone Labs --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [03/06/2007|11:08] C:\Program Files\Fichiers communs\ACD Systems [13/02/2008|21:27] C:\Program Files\Fichiers communs\Adobe [11/01/2007|20:16] C:\Program Files\Fichiers communs\ArcSoft [05/08/2008|02:02] C:\Program Files\Fichiers communs\BOONTY Shared [22/05/2005|13:36] C:\Program Files\Fichiers communs\EverAd Shared [01/01/2004|21:33] C:\Program Files\Fichiers communs\InstallShield [28/12/2006|20:51] C:\Program Files\Fichiers communs\Java [27/01/2008|11:55] C:\Program Files\Fichiers communs\Microsoft Shared [01/01/2004|23:49] C:\Program Files\Fichiers communs\MSSoap [11/07/2008|14:48] C:\Program Files\Fichiers communs\Oberon Media [02/01/2004|00:45] C:\Program Files\Fichiers communs\ODBC [15/12/2004|05:21] C:\Program Files\Fichiers communs\Services [02/01/2004|00:45] C:\Program Files\Fichiers communs\SpeechEngines [02/01/2004|01:53] C:\Program Files\Fichiers communs\SureThing Shared [15/05/2008|20:50] C:\Program Files\Fichiers communs\System [27/01/2008|11:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 42 Processes ) IEXPLORE.EXE ~ [PID:3168] iexplore.exe ~ [PID:3532] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\thunk chin.exe --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "bend logo clock film"="C:\\Documents and Settings\\All Users\\Application Data\\Frag great bend logo\\thunk chin.exe" --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-07 00:04:37 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 974 --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk C:\WINDOWS\System32\nvs2.inf C:\WINDOWS\System32\wuhxlnjk.dat.ren C:\WINDOWS\System32\wuhxlnjk_nav.dat.ren C:\WINDOWS\System32\wuhxlnjk_navps.dat.ren ==> EGDACCESS <== [F:1886][D:22]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp [F:30][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies [F:633][D:4]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008| 0:07 - Option : [1] --------------------\\ Fin du rapport a 0:07:34
  7. cgombert
    Bonjour, depuis quelques jour, j'ai des fenetres publicitaires qui s'ouvres toute seules. J'ai procédé au prénettoyage de mon PC comme indiqué sur le post de megapaute avec antivir. Il y avaient des virus et des logiciels espions. (Avast ne les avaient pas trouvé) Le problème continu. Je me permet de vous poster le log hijackthis pour analyse. Merci d'avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:36:06, on 06/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\keyhook.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\RAMpage\RAMpage.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\PCHButton.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.defaulthomepage.info R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RAMpage] "C:\Program Files\RAMpage\RAMpage.exe" M=28 T=4 P="C:\Program Files\RAMpage\RAMpageConfig.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\thunk chin.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\PCHButton.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - Startup: Outil de notification Live Search.lnk = ? O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.03\AMVConverter\grab.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.03\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.3suisses.fr O15 - Trusted Zone: http://www.adobe.com O15 - Trusted Zone: http://abonnement.aliceadsl.fr O15 - Trusted Zone: http://www.bpbfc.banquepopulaire.fr O15 - Trusted Zone: http://www.caisse-epargne.fr O15 - Trusted Zone: http://www.conrad.fr O15 - Trusted Zone: http://www.cybergrattage.com O15 - Trusted Zone: http://www.extrafilm.fr O15 - Trusted Zone: http://www.agence.francetelecom.com O15 - Trusted Zone: http://www.goldsofts.com O15 - Trusted Zone: http://www.impots.gouv.fr O15 - Trusted Zone: http://www.ledemondujeu.com O15 - Trusted Zone: http://www.quelle.fr O15 - Trusted Zone: http://www.sunsilk.fr O15 - Trusted Zone: http://www.viamichelin.fr O15 - Trusted Zone: http://download.zonelabs.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/frame...geUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave.com/content/dinerdash...h2.1.0.0.67.cab O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://webgames.d.tmsrv.com/c=ed2c06a087cb...ash.1.0.0.6.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/...owserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader4.cab O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} (GameHouse Games Player) - http://www.gamehouse.com/realarcade-webgam...houseplayer.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://oceceocece.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurate...countHelper.cab O16 - DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} (Jolly Bear Games Player) - http://www.shockwave.com/content/bigcityad...BGamePlayer.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.gamehouse.com/realarcade-webgam...GamesPlayer.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://www.shockwave.com/content/dinerdash...tg.1.0.0.33.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://www.gamehouse.com/realarcade-webgam...zylomplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...r_v2.1.0.56.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553541000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D40F5876-A494-4124-8161-82625BB28C06} (CPlayFirstChocolatieControl Object) - http://www.gamehouse.com/realarcade-webgam...hocolatier2.cab O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.gamehouse.com/realarcade-webgam...inematycoon.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/online2/MSN_...sh.1.0.0.80.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/layou...IPSUploader.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/chuzzle/s...ploader_v10.cab O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_...gamesloader.cab O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://www.gamehouse.com/realarcade-webgam...WeddingDash.cab O16 - DPF: {F4EBFE42-D82A-48EB-B70E-7499FFEAFF3F} (CPlayFirstDressShopHControl Object) - http://webgames.d.tmsrv.com/c=ed2c06a087cb...Web.1.0.0.7.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 14778 bytes
  8. cgombert
    Bonjour dmicke6, Je te remercie de ta réactivité, Je vais me rapprocher d'ALICE. Je vous recontacte dés que j'ai des nouvelles. Merci
  9. cgombert
    Bonjour, J'ai un abonnement ALICE NU ABONNEMENT TEL INCLUS Jusqu'il y à quelques semaines, tout alait bien, J'avais un débit entre 1,2 et 2 Méga/s aux heures de pointes. Depuis quelques semaines, j'ai remarqué une perte énorme de débit Aux heures de pointes, je dépasse rarement les 300 Kb/s Voici ci-dessous les caractéristiques de ma ligne: Numéro de téléphone : Code NRA : BRA89 NRA (commutateur local) : BRANNAY Distance vous séparant du central : 1477 m (détails) Taux d'atténuation : 22.15 dB Débit ADSL (estimation) : 2 Mbps Débit ADSL2+ (estimation, si disponible) : 2 Mbps Nombre de lignes téléphoniques : 1 500 Type de DSLAM : ALCATEL Votre répartiteur n'est actuellement pas équipé pour l'ADSL. Le raccordement de votre répartiteur en ADSL est prévus pour le le : 05-11-2007 Avez-vous déjà rencontré ce problème? La perte de débit aux heurs de pointes est-elle normale? (J'habite à la campagne) Dois-je contacter ALICE? Que signifie la ligne: Votre répartiteur n'est actuellement pas équipé pour l'ADSL. Le raccordement de votre répartiteur en ADSL est prévus pour le le : 05-11-2007
  10. cgombert
    Bonjour Mykerinos, après plusieurs jour de surveillance, tout à l'air correcte. Je t'en remercie vraiement beaucoup. Peux-tu me conseiller sur ma protection? Actuellement installé sur ma machine: Zone alarme free AVG Anti-spyware free SpywareGuard Avast Suis-je bien protégé ?
  11. cgombert
    Bonjour Mykerinos et bonne année. Ci dessous nouveau rapport Blacklight. Apparemment, je n'ai plus de fenêtres EI qui s'ouvrent toute seule. Suite à ton conseil, j'ai téléchargé ZONE ALARME. C'est une version d'évaluation valable 15 Jours, connais-tu une version gratuite? 01/02/07 20:11:41 [info]: BlackLight Engine 1.0.55 initialized 01/02/07 20:11:41 [info]: OS: 5.1 build 2600 (Service Pack 2) 01/02/07 20:11:42 [Note]: 7019 4 01/02/07 20:11:42 [Note]: 7005 0 01/02/07 20:11:44 [Note]: 7006 0 01/02/07 20:11:44 [Note]: 7011 1472 01/02/07 20:11:44 [Note]: 7026 0 01/02/07 20:11:45 [Note]: 7026 0 01/02/07 20:12:04 [Note]: FSRAW library version 1.7.1021 01/02/07 20:21:26 [Note]: 7007 0
  12. cgombert
    Après BFU, ci dessous nouveaux log Blacklight et HijackThis 12/30/06 22:47:58 [info]: BlackLight Engine 1.0.55 initialized 12/30/06 22:47:58 [info]: OS: 5.1 build 2600 (Service Pack 2) 12/30/06 22:47:58 [Note]: 7019 4 12/30/06 22:47:58 [Note]: 7005 0 12/30/06 22:48:09 [Note]: 7006 0 12/30/06 22:48:09 [Note]: 7011 1460 12/30/06 22:48:10 [Note]: 7026 0 12/30/06 22:48:10 [Note]: 7026 0 12/30/06 22:48:10 [Note]: 7024 3 12/30/06 22:48:10 [info]: Hidden process: C:\windows\system32\vtmxyuio.exe 12/30/06 22:48:24 [Note]: FSRAW library version 1.7.1021 12/30/06 22:52:35 [info]: Hidden file: c:\WINDOWS\system32\vtmxyuio.dat 12/30/06 22:52:35 [Note]: 10002 1 12/30/06 22:52:35 [info]: Hidden file: C:\windows\system32\vtmxyuio.exe 12/30/06 22:52:35 [Note]: 10002 1 12/30/06 22:52:35 [info]: Hidden file: c:\WINDOWS\system32\vtmxyuio_nav.dat 12/30/06 22:52:35 [Note]: 10002 1 12/30/06 22:52:35 [info]: Hidden file: c:\WINDOWS\system32\vtmxyuio_navps.dat 12/30/06 22:52:35 [Note]: 10002 1 12/30/06 22:53:00 [Error]: 6019 0 12/30/06 22:53:00 [Error]: 6017 0 Logfile of HijackThis v1.99.1 Scan saved at 22:55:22, on 30/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\keyhook.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\PCHButton.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\HJT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\PCHButton.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O15 - Trusted Zone: http://www.adobe.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurate...countHelper.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  13. cgombert
    Ci-dessous le rapport BlackLight ainsi que la liste Hijackthis 12/29/06 23:45:27 [info]: BlackLight Engine 1.0.55 initialized 12/29/06 23:45:27 [info]: OS: 5.1 build 2600 (Service Pack 2) 12/29/06 23:45:27 [Note]: 7019 4 12/29/06 23:45:27 [Note]: 7005 0 12/29/06 23:45:35 [Note]: 7006 0 12/29/06 23:45:35 [Note]: 7011 1480 12/29/06 23:45:36 [Note]: 7026 0 12/29/06 23:45:36 [Note]: 7026 0 12/29/06 23:45:36 [Note]: 7024 3 12/29/06 23:45:36 [info]: Hidden process: C:\windows\system32\vtmxyuio.exe 12/29/06 23:45:50 [Note]: FSRAW library version 1.7.1021 12/29/06 23:49:45 [info]: Hidden file: c:\WINDOWS\system32\vtmxyuio.dat 12/29/06 23:49:45 [Note]: 10002 1 12/29/06 23:49:45 [info]: Hidden file: C:\windows\system32\vtmxyuio.exe 12/29/06 23:49:45 [Note]: 10002 1 12/29/06 23:49:45 [info]: Hidden file: c:\WINDOWS\system32\vtmxyuio_nav.dat 12/29/06 23:49:45 [Note]: 10002 1 12/29/06 23:49:45 [info]: Hidden file: c:\WINDOWS\system32\vtmxyuio_navps.dat 12/29/06 23:49:45 [Note]: 10002 1 12/29/06 23:57:01 [Note]: 7007 0 "Je Crée Ma Cuisine Avec Leroy-Merlin" 101 Dalmatiens LAI Absolute Mastermind v1.4 Adobe Flash Player 9 ActiveX Adobe Reader 7.0 - Français Agent Rico II Mission Pack Agere Systems PCI Soft Modem Aladdin Alice Auto-diagnostic Aspirin Protector Atout Clic CM2 avast! Antivirus AVG Anti-Spyware 7.5 AviSynth 2.5 Azebon Installation Beach Volleyball (remove only) BlindWrite 6 Bob le Bricoleur - Bob construit un parc Cake Mania Deluxe CCleaner (remove only) CD-ROM Diva Starz Cédric - Chen a disparu Charlie II (Remove) Clic d'Api N°26 Client Windows Rights Management avec Service Pack 2 Connexion Facile à Internet Correctif pour Windows XP (KB914440) Correctif pour Windows XP (KB928388) Correctif pour Windows XP (KB929120) Correctif Windows XP - KB873339 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Dictee6e Dictées6e Digitale Huehnerjagd Disney Tarzan, Atelier de Jeux DivX Player DivX Pro Trial DMSI - v1.04 DVD Shrink 3.2 DXtris 1.5 ffvfw MPEG-4 Video Codec (uninstall only) Freeride Thrash Funny Camp Google Toolbar for Internet Explorer Happyland Adventures - Xmas Edition v1.3 Help and Support Additions High Definition Audio Driver Package - KB835221 Highway Pursuit v1.1 HijackThis 1.99.1 Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) Iggle Pop Deluxe InterVideo WinDVD Creator 2 InterVideo WinDVD Player iTunes Java SE Runtime Environment 6 Kawasaki ATV PowerSports DEMO KBD Kit de Connexion Alice ADSL Kookabonga La savane en folie Lecteur Windows Media 11 Les Chemins de la Lecture Les MOUZZ 2000 Les Sims : Entre Chiens et Chats Menus intelligents (Windows Live Toolbar) MeowCdMp3 1.00 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Works 7.0 Millie dans la vallée des géants MiniMouzz Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920342) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Monopoli-fr V2 (iltis-jp.com) Moorhuhn 2 V1.1 Moraff's Jiggler 3D 2.0 MP3 Player Utilities NATHAN Vacances CM2 V.1.00 (C:) Norton Internet Security NVIDIA Drivers Package de base Microsoft de service de chiffrement pour cartes à puce Pac-Manic Worlds ver 1.0 PC-Doctor pour Windows PS2 Python 2.2 combined Win32 extensions Python 2.2.1 QuickTime rayman2 Sabrina Scooby-Doo, Panique dans la Ville fantôme Serpik SimCity 3000 SiS VGA Utilities Snoopy 1.0 Sonic RecordNow! SP2 de compatibilité descendante du client Windows Rights Management SpywareBlaster v3.5.1 SpywareGuard v2.2 Street Tennis Super Mario Pac v1.1 Tarzan Jeu D'Action TONICT TrackMania Nations ESWC 0.1.7.5 VirtualDub-MPEG2 v1.6.15 b24458 Fr Voyage au Pays de la Lecture WebMediaPlayer Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live Messenger Windows Live Sign-in Assistant Windows Live Toolbar Windows Live Toolbar Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Format SDK Hotfix - KB891122 Windows Media Player 11 XviD 1.1 final uninstall ZoneAlarm
  14. cgombert
    Après avoir installé la nouvelle console java, doit-je reposter les rapports hijackthis et L2mfix option 2 ? Pour info, toujours le même problème.
  15. cgombert
    Voici les deux rapports. Pour info, j'ai toujours des fenetres Internet Explorer qui s'ouvrent toute seule avec de soi-disant antivirus, voyantes .... L2mfix 032106 Creating Account. La commande s'est termin‚e correctement. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\system32 Killing Processes! Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 [email protected] Killing PID 600 'smss.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 [email protected] Killing PID 692 'winlogon.exe' Killing PID 692 'winlogon.exe' Killing PID 692 'winlogon.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 [email protected] Killing PID 1464 'explorer.exe' Killing PID 1464 'explorer.exe' Killing PID 1464 'explorer.exe' Killing PID 1464 'explorer.exe' Killing PID 1464 'explorer.exe' Killing PID 1464 'explorer.exe' Killing PID 1464 'explorer.exe' Killing PID 1464 'explorer.exe' Killing PID 1464 'explorer.exe' Killing PID 1464 'explorer.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 [email protected] Killing PID 2552 'rundll32.exe' Killing PID 2552 'rundll32.exe' Killing PID 2552 'rundll32.exe' Restoring Sedebugprivilege: Granting SeDebugPrivilege to Administrateurs ... successful Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] @="" "DLLName"="igfxsrvc.dll" "Asynchronous"=dword:00000001 "Impersonate"=dword:00000001 "Unlock"="WinlogonUnlockEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 The following are the files found: **************************************************************************** Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. **************************************************************************** REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "SV1"="" **************************************************************************** Desktop.ini Contents: **************************************************************************** **************************************************************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: zip warning: name not matched: dlls\*.* zip error: Nothing to do! (backup.zip) adding: backregs/notibac.reg (164 bytes security) (deflated 87%) adding: backregs/shell.reg (164 bytes security) (deflated 73%) Logfile of HijackThis v1.99.1 Scan saved at 19:26:06, on 28/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\keyhook.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\PCHButton.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\HJT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\PCHButton.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurate...countHelper.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
×
×
  • Créer...