Aller au contenu

jenaleen

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    7

  • Inscription

  • Dernière visite

À propos de jenaleen

  • Date de naissance 06/09/1973

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Sexe
    Male
  • Localisation
    MONTPELLIER
  • Intérêts
    aquariophilie, poker, débute au piano

Autres informations

  • Mes langues
    anglais (terminal)

jenaleen's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. jenaleen
    ok , merci pour tout j'ai viré antivir, mais j'ai oublié de le trojan trash.Gen qu'il avait detecté. je relancerai G DATA et mbam pour voir si ce dernier est detecté. On se reparlera surement sur d'autres sujets, j'espère seulement que se sera pas sur celui là. à bientot
  2. jenaleen
    Mais là tu as encore des alertes ? depuis janvier non, mais le problème c'est que les fichiers restent en quarantaine.
  3. jenaleen
    Quel est le programme concerné ? Ne vide pas la quarantaine, c'est peut-être un faux positif. ce qui se rapporte à c:/programme files/everestpoker , soit "cstart.temp", "cstart.exe", "everestpoker.exe" , ne sont pas des fichiers infectés mais détectés comme tels par G DATA. mais bon, depuis 01/09 je les ai paramétrés en exception. Au pire je les supprimerai et je réinstallerai everest après. en quarantaine dans G DATA j'ai aussi le trojan zlob.50019, pour le reste en quarantaine dans G DATA, je ne sais pas à quoi ça correspond. Et dans antivir j'avais le trojan trash.gen en quarantaine.
  4. jenaleen
    tout d'abord, merci à vous pour ces réponses ci rapide. J'utilise déjà mbam, lancé pas plus tard qu'avant hier, aucun trojan détecté. ci-joint le rapport smitfaudfix SmitFraudFix v2.396 Rapport fait à 18:23:02,65, 15/02/2009 Executé à partir de C:\Documents and Settings\JMNAT\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe C:\Program Files\G DATA\TotalCare\AVK\AVKService.exe C:\Program Files\G DATA\TotalCare\AVK\AVKWCtl.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\G DATA\TotalCare\Firewall\GDFwSvc.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\G DATA\TotalCare\Firewall\GDFirewallTray.exe C:\Program Files\G DATA\TotalCare\AVKTray\AVKTray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\BitTorrent\bittorrent.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts Fichier hosts corrompu ! 127.0.0.1 www.legal-at-spybot.info 127.0.0.1 legal-at-spybot.info 127.0.0.1 www.spywareinfo.com 127.0.0.1 spywareinfo.com »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\JMNAT »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JMNAT\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\JMNAT\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JMNAT\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,c:\\program files\\g data\\totalcare\\avkkid\\avkcks.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: VIA Rhine II Fast Ethernet Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 212.30.96.108 DNS Server Search Order: 213.203.124.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer=212.30.96.108,213.203.124.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer=212.30.96.108,213.203.124.146 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  5. jenaleen
    Bonjour J'ai acheté G DATA car j'avais lu que c'était le plus performant, résultat; aujourd'hui 2 trojans; un détecté par ANTIVIR, Trash.Gen et L'autre par G DATA, Zlob.50019 de plus j'ai plein de fichiers en quarantaine dans G DATA, certains je ne sais pas ce que c'est d'autres par contre je sais que ce ne sont pas des virus car le chemin d'accès indique des fichiers d'un programme que j'utilise régulièrement (j'ai essayé une fois de supprimé ces soit disant virus, résultat impossible d'ouvrir mon programme). D'un autre côté, il était déjà peut-être là avant ces trojans, pourtant j'utilisais déjà antivir avant G DATA. Le soucis, j'ai suivi votre procédure de désinfection en réinstallant ANTIVIR et en désactivant G DATA et les 2 trojans ci-dessus n'ont pu être nettoyer. De plus je trouve mon système assez lent, même après avoir utilisé certaines optimisations que vous proposer. ci-joint donc mon rapport hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:26:46, on 15/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe C:\Program Files\G DATA\TotalCare\AVK\AVKService.exe C:\Program Files\G DATA\TotalCare\AVK\AVKWCtl.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\G DATA\TotalCare\Firewall\GDFwSvc.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\G DATA\TotalCare\Firewall\GDFirewallTray.exe C:\Program Files\G DATA\TotalCare\AVKTray\AVKTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,c:\program files\g data\totalcare\avkkid\avkcks.exe, O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\TotalCare\Webfilter\AVKWebIE.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\TotalCare\Webfilter\AVKWebIE.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SC0.tmp" /EF "HKLM" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G DATA\TotalCare\Firewall\GDFirewallTray.exe O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G DATA\TotalCare\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB5; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; Media Center PC 4.0; .NET CLR 3.0.04506.30; MSN Optimized;FR; .NET CLR 3.0.04506.648; MSN Optimized;FR)" -"http://www.hotwheels.com/games/crashers/popup.aspx?gameID=27" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-2337560455-2416609959-3648477863-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'postgres') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (KeybHunterWebInterface Class) - https://particuliers.secure.lcl.fr/v_1.0/im...FormProtect.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1172862806343 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.securite.neuf.fr/Ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 212.30.96.108,213.203.124.146 O17 - HKLM\System\CS1\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 212.30.96.108,213.203.124.146 O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe O23 - Service: Planificateur G DATA (AVKService) - G DATA Software AG - C:\Program Files\G DATA\TotalCare\AVK\AVKService.exe O23 - Service: Gardien d'AntiVirus (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA\TotalCare\AVK\AVKWCtl.exe O23 - Service: G DATA Tuner Service - G DATA Software AG - C:\Program Files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe O23 - Service: Pare-feu personnel G DATA (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA\TotalCare\Firewall\GDFwSvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe O23 - Service: Service de sauvegarde G DATA - G DATA Software AG - C:\Program Files\G DATA\TotalCare\AVKBackup\AVKBackupService.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- End of file - 14904 bytes
  6. jenaleen
    ci-joint les deux rapports; hijack; Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:41:07, on 08/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SPAMfighter\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\WINDOWS\explorer.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SC0.tmp" /EF "HKLM" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Windows Update Services] "C:\Documents and Settings\JMNAT\Local Settings\Application Data\Microsoft\Windows Update\services.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-2337560455-2416609959-3648477863-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'postgres') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (KeybHunterWebInterface Class) - https://particuliers.secure.lcl.fr/v_1.0/im...FormProtect.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1172862806343 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.securite.neuf.fr/Ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 212.30.96.108,213.203.124.146 O17 - HKLM\System\CS1\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 212.30.96.108,213.203.124.146 O17 - HKLM\System\CS4\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 212.30.96.108,213.203.124.146 O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- End of file - 11612 bytes LopR; --------------------\\ Lop S&D 4.2.4-1 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU 6300 @ 1.86GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : JMNAT ( Not Administrator ! ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) Firewall : Norton Internet Security 2006 2006 (Activated) "C:\Lop SD" ( MAJ : 06-09-2008|22:02 ) Option : [2] ( 08/09/2008|18:37 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [10/08/2008|14:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [09/08/2008|15:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google [28/10/2006|06:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [09/08/2008|14:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Logitech [28/10/2006|06:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia [19/08/2008|18:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes [09/08/2008|20:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [09/08/2008|15:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\SPAMfighter [12/08/2008|22:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun [28/10/2006|06:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver [06/02/2008|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [17/01/2007|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [14/01/2007|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL [19/08/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [08/08/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [20/01/2007|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [02/08/2008|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [19/08/2008|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp [15/01/2007|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [28/10/2006|06:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [19/08/2008|18:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [22/12/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [19/08/2008|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nikon [14/01/2007|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [28/10/2006|06:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2 [29/07/2007|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [26/05/2007|08:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [14/01/2007|15:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [28/10/2006|06:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc [16/02/2008|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [07/04/2007|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [09/01/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\T6 [08/09/2008|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [18/01/2007|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL [28/10/2006|06:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems [19/08/2008|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15 [15/01/2007|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [14/10/2007|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [02/03/2008|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [02/04/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [17/08/2008|12:52] C:\DOCUME~1\CATCOR\APPLIC~1\Adobe [18/08/2008|18:26] C:\DOCUME~1\CATCOR\APPLIC~1\CyberLink [17/08/2008|12:52] C:\DOCUME~1\CATCOR\APPLIC~1\Google [28/10/2006|06:25] C:\DOCUME~1\CATCOR\APPLIC~1\Identities [17/08/2008|12:52] C:\DOCUME~1\CATCOR\APPLIC~1\Macromedia [17/08/2008|12:52] C:\DOCUME~1\CATCOR\APPLIC~1\Microsoft [17/08/2008|12:50] C:\DOCUME~1\CATCOR\APPLIC~1\SPAMfighter [28/10/2006|06:25] C:\DOCUME~1\CATCOR\APPLIC~1\You've Got Pictures Screensaver [10/08/2008|12:45] C:\DOCUME~1\CATCOR~1.NAJ\APPLIC~1\Macromedia [12/08/2008|22:23] C:\DOCUME~1\CATCOR~1.NAJ\APPLIC~1\Microsoft [12/08/2008|22:23] C:\DOCUME~1\CATCOR~1.NAJ\APPLIC~1\SPAMfighter [28/10/2006|06:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [28/10/2006|06:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [28/10/2006|06:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [28/10/2006|06:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver [30/01/2008|17:22] C:\DOCUME~1\JMNAT\APPLIC~1\Adobe [03/12/2007|20:20] C:\DOCUME~1\JMNAT\APPLIC~1\Ahead [17/03/2007|15:40] C:\DOCUME~1\JMNAT\APPLIC~1\BSplayer [17/03/2007|15:37] C:\DOCUME~1\JMNAT\APPLIC~1\BSplayer Pro [20/01/2007|12:47] C:\DOCUME~1\JMNAT\APPLIC~1\CyberLink [07/09/2008|14:52] C:\DOCUME~1\JMNAT\APPLIC~1\EPSON [14/01/2007|17:40] C:\DOCUME~1\JMNAT\APPLIC~1\FotoWire [15/01/2007|21:51] C:\DOCUME~1\JMNAT\APPLIC~1\Google [08/02/2007|00:25] C:\DOCUME~1\JMNAT\APPLIC~1\Help [18/06/2008|13:22] C:\DOCUME~1\JMNAT\APPLIC~1\Identities [22/07/2007|10:03] C:\DOCUME~1\JMNAT\APPLIC~1\IDS_COMPANY [14/01/2007|17:28] C:\DOCUME~1\JMNAT\APPLIC~1\Logitech [14/01/2007|21:05] C:\DOCUME~1\JMNAT\APPLIC~1\Macromedia [19/08/2008|18:04] C:\DOCUME~1\JMNAT\APPLIC~1\Malwarebytes [02/10/2007|20:08] C:\DOCUME~1\JMNAT\APPLIC~1\Microsoft [19/08/2008|11:04] C:\DOCUME~1\JMNAT\APPLIC~1\Nikon [14/01/2007|17:51] C:\DOCUME~1\JMNAT\APPLIC~1\Norman [24/01/2007|22:06] C:\DOCUME~1\JMNAT\APPLIC~1\OD2 [18/06/2008|13:33] C:\DOCUME~1\JMNAT\APPLIC~1\PlayFirst [14/01/2007|15:50] C:\DOCUME~1\JMNAT\APPLIC~1\Skype [15/05/2007|19:37] C:\DOCUME~1\JMNAT\APPLIC~1\SPAMfighter [14/01/2007|15:53] C:\DOCUME~1\JMNAT\APPLIC~1\Sun [09/04/2007|09:35] C:\DOCUME~1\JMNAT\APPLIC~1\Ulead Systems [14/01/2007|17:00] C:\DOCUME~1\JMNAT\APPLIC~1\VadeRetro [10/07/2007|12:27] C:\DOCUME~1\JMNAT\APPLIC~1\vlc [02/12/2007|17:37] C:\DOCUME~1\JMNAT\APPLIC~1\Vso [29/06/2008|18:26] C:\DOCUME~1\JMNAT\APPLIC~1\XnView [28/10/2006|06:25] C:\DOCUME~1\JMNAT\APPLIC~1\You've Got Pictures Screensaver [18/06/2008|13:22] C:\DOCUME~1\JMNAT\APPLIC~1\Zylom [28/10/2006|06:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [02/10/2007|19:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities [02/10/2007|19:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [28/10/2006|06:25] C:\DOCUME~1\postgres\APPLIC~1\Identities [28/10/2006|06:25] C:\DOCUME~1\postgres\APPLIC~1\Macromedia [28/10/2006|06:25] C:\DOCUME~1\postgres\APPLIC~1\Microsoft [28/10/2006|06:25] C:\DOCUME~1\postgres\APPLIC~1\You've Got Pictures Screensaver --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [08/09/2008 18:30][--a------] C:\WINDOWS\tasks\Configurer mon PC.job [05/09/2008 18:00][--a------] C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [08/09/2008 09:05][--ah-----] C:\WINDOWS\tasks\SA.DAT [10/08/2004 14:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [28/07/2007|16:26] C:\Program Files\ABBYY FineReader 6.0 Sprint [29/06/2008|12:24] C:\Program Files\Adobe [17/01/2007|14:56] C:\Program Files\Ahead [27/04/2007|18:35] C:\Program Files\Alwil Software [19/08/2008|10:57] C:\Program Files\ArcSoft [08/08/2008|14:19] C:\Program Files\Avira [28/10/2006|06:25] C:\Program Files\ComPlus Applications [28/10/2006|06:25] C:\Program Files\CyberLink [06/09/2008|17:02] C:\Program Files\Diablo II [22/12/2007|21:31] C:\Program Files\directx [31/07/2008|17:08] C:\Program Files\Disney Interactive [17/01/2007|14:17] C:\Program Files\DVD Shrink [11/08/2007|11:27] C:\Program Files\DVDFab HD Decrypter 3 [09/08/2008|11:26] C:\Program Files\eMule [18/01/2007|15:15] C:\Program Files\epson [08/09/2008|12:19] C:\Program Files\Everest Poker [20/08/2008|13:21] C:\Program Files\Fichiers communs [28/07/2007|16:26] C:\Program Files\GOA [01/02/2007|18:08] C:\Program Files\Google [08/09/2008|18:34] C:\Program Files\HijackThis [19/08/2008|10:57] C:\Program Files\InstallShield Installation Information [14/08/2008|12:01] C:\Program Files\Internet Explorer [20/07/2008|11:16] C:\Program Files\Java [13/08/2008|18:23] C:\Program Files\JkDefrag [14/01/2007|16:43] C:\Program Files\Kit ADSL [11/08/2008|20:08] C:\Program Files\Lavalys [14/01/2007|17:40] C:\Program Files\Logitech [19/08/2008|18:04] C:\Program Files\Malwarebytes' Anti-Malware [23/08/2008|11:09] C:\Program Files\Messenger [11/07/2007|20:43] C:\Program Files\Micro Application [09/05/2007|17:27] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [28/10/2006|06:25] C:\Program Files\microsoft frontpage [14/08/2007|13:22] C:\Program Files\Microsoft Office [02/10/2007|19:21] C:\Program Files\Microsoft SQL Server Compact Edition [23/08/2008|11:06] C:\Program Files\Movie Maker [08/12/2007|10:36] C:\Program Files\MSBuild [11/03/2007|20:00] C:\Program Files\MSECache [28/10/2006|06:25] C:\Program Files\MSN [28/10/2006|06:25] C:\Program Files\MSN Gaming Zone [02/03/2007|20:03] C:\Program Files\MSXML 4.0 [09/12/2007|11:48] C:\Program Files\MSXML 6.0 [23/08/2008|11:04] C:\Program Files\NetMeeting [19/08/2008|11:00] C:\Program Files\Nikon [28/10/2006|06:28] C:\Program Files\Online Services [23/08/2008|11:04] C:\Program Files\Outlook Express [26/06/2008|19:48] C:\Program Files\Picasa2 [12/08/2008|22:23] C:\Program Files\PokerStars [24/07/2008|18:10] C:\Program Files\PokerTracker 3 [24/07/2008|17:46] C:\Program Files\PostgreSQL [19/08/2008|10:58] C:\Program Files\QuickTime [12/08/2008|22:16] C:\Program Files\QuickZip4 [28/10/2006|06:25] C:\Program Files\Real [28/10/2006|06:25] C:\Program Files\Realtek [08/12/2007|10:33] C:\Program Files\Reference Assemblies [29/09/2007|10:58] C:\Program Files\RocketDock [28/10/2006|06:28] C:\Program Files\Services en ligne [28/10/2006|06:25] C:\Program Files\SmartSound Software [28/10/2006|06:25] C:\Program Files\Sonic [08/09/2008|09:09] C:\Program Files\SPAMfighter [16/02/2008|09:20] C:\Program Files\Spybot - Search & Destroy [17/01/2008|22:34] C:\Program Files\SystemRequirementsLab [06/09/2008|20:00] C:\Program Files\Tarobot [28/10/2006|06:25] C:\Program Files\Ulead Systems [28/10/2006|06:25] C:\Program Files\Uninstall Information [10/07/2007|12:26] C:\Program Files\VideoLAN [11/08/2007|12:14] C:\Program Files\VirtualDubMOD [17/03/2007|15:40] C:\Program Files\Webteh [12/08/2008|22:23] C:\Program Files\Windows Desktop Search [03/10/2007|11:36] C:\Program Files\Windows Live [12/08/2008|22:23] C:\Program Files\Windows Live Toolbar [28/10/2006|06:25] C:\Program Files\Windows Media Components [03/03/2007|09:12] C:\Program Files\Windows Media Connect 2 [03/03/2007|09:12] C:\Program Files\Windows Media Player [23/08/2008|11:04] C:\Program Files\Windows NT [28/10/2006|06:25] C:\Program Files\Windows Plus [28/10/2006|06:25] C:\Program Files\WindowsUpdate [28/10/2006|06:25] C:\Program Files\xerox [29/06/2008|16:42] C:\Program Files\XnView [12/08/2008|22:23] C:\Program Files\Yahoo! [13/08/2008|18:21] C:\Program Files\Zeb-Utility [18/06/2008|13:24] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [06/02/2008|18:03] C:\Program Files\Fichiers communs\Adobe [17/01/2007|14:52] C:\Program Files\Fichiers communs\Ahead [20/08/2008|13:21] C:\Program Files\Fichiers communs\Ankiro [28/10/2006|06:27] C:\Program Files\Fichiers communs\AOL [28/10/2006|06:27] C:\Program Files\Fichiers communs\aolshare [20/08/2008|13:21] C:\Program Files\Fichiers communs\Application [14/01/2007|17:40] C:\Program Files\Fichiers communs\FotoWire [28/10/2006|06:25] C:\Program Files\Fichiers communs\InstallShield [28/10/2006|06:25] C:\Program Files\Fichiers communs\Java [14/01/2007|17:38] C:\Program Files\Fichiers communs\Logitech [19/08/2008|10:58] C:\Program Files\Fichiers communs\Microsoft Shared [28/10/2006|06:25] C:\Program Files\Fichiers communs\MSSoap [19/08/2008|11:00] C:\Program Files\Fichiers communs\muvee Technologies [19/08/2008|11:00] C:\Program Files\Fichiers communs\Nikon [28/10/2006|06:25] C:\Program Files\Fichiers communs\Nullsoft [28/10/2006|06:25] C:\Program Files\Fichiers communs\ODBC [28/10/2006|06:25] C:\Program Files\Fichiers communs\Real [28/10/2006|06:27] C:\Program Files\Fichiers communs\Services [28/10/2006|06:27] C:\Program Files\Fichiers communs\Sonic Shared [28/10/2006|06:25] C:\Program Files\Fichiers communs\SpeechEngines [28/10/2006|06:27] C:\Program Files\Fichiers communs\SureThing Shared [23/08/2008|11:04] C:\Program Files\Fichiers communs\System [28/10/2006|06:25] C:\Program Files\Fichiers communs\TiVo Shared [28/10/2006|06:27] C:\Program Files\Fichiers communs\Ulead Systems [02/03/2008|15:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 52 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-08 18:36:13 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-08 18:39:02 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 208 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:1274][D:92]-> C:\DOCUME~1\JMNAT\LOCALS~1\Temp [F:2218][D:0]-> C:\DOCUME~1\JMNAT\Cookies [F:4656][D:10]-> C:\DOCUME~1\JMNAT\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 08/09/2008|18:32 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 08/09/2008|18:40 - Option : [2] --------------------\\ Fin du rapport a 18:40:12 Merci d'avance pour votre aide
  7. jenaleen
    Bonsoir Merci déjà pour l'aide que j'ai trouvé sur le forum afin d'éradiquer un virus, assez ancien pourtant, qu'avast n'avait pas détecté. le fameux virus qui générait les doubles ponctuations, style ¨¨ ^^, apparemment hijack.gen. J'ai donc téléchargé antivir qui l'a trouvé et supprimé. Petite question: j'aimerais conserver antivir mais ce dernier ne fait pas, dans sa version free, tout ce que fait avast à savoir, anti-spam, anti-spyware, pare-feu. Puis-je donc conserver les deux, ou sinon pouvez-vous me conseiller les bons logiciels en complément d'antivir. ci-joint mon rapport, pour lequel je m'excuse d'avance car il y a beaucoup de lignes, et pour lequel je vous demande de bien vouloir m'aider à faire le ménage; Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:10:52, on 08/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\SPAMfighter\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SC0.tmp" /EF "HKLM" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Windows Update Services] "C:\Documents and Settings\JMNAT\Local Settings\Application Data\Microsoft\Windows Update\services.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-2337560455-2416609959-3648477863-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'postgres') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (KeybHunterWebInterface Class) - https://particuliers.secure.lcl.fr/v_1.0/im...FormProtect.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1172862806343 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.securite.neuf.fr/Ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 212.30.96.108,213.203.124.146 O17 - HKLM\System\CS1\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 212.30.96.108,213.203.124.146 O17 - HKLM\System\CS3\Services\Tcpip\..\{014B83D3-9B5F-4966-A432-F7B16BCB9B03}: NameServer = 212.30.96.108,213.203.124.146 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe (file missing) O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- End of file - 12111 bytes Sincères salutations jean michel
×
×
  • Créer...