Aller au contenu

Superludi

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    19

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Superludi

  1. Superludi
    Merci pour ton aide. En voyant le rapport, peux tu me dire si mon pc est infecté ou non? Bonne année 2009
  2. Superludi
    Bonjour la communauté, je souhaiterais un peu d'aide pour évaluer mon rapport hijackthis et éventuellement m'aider à supprimer ce qu'il faut pour optimiser mon pc. Merci. Voici le rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:12:52, on 31/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\htpatch.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe C:\WINDOWS\System32\G-VGA.exe C:\Program Files\Prolific\USB Flash Disk Utility\PLBkMon.exe C:\WINDOWS\System32\HotfixQ0306270.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\ASUS\WLAN Card Utilities\Center.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Documents and Settings\Mélanie\Bureau\JavaRa\JavaRa.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Téléchargements\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.actu24.be/page/homepage/Dis/1.aspx R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe O4 - HKLM\..\Run: [HydraVisionViewport] C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe O4 - HKLM\..\Run: [VGAUtil] C:\WINDOWS\System32\G-VGA.exe O4 - HKLM\..\Run: [Prolific_PLUtil] C:\Program Files\Prolific\USB Flash Disk Utility\PLBkMon.exe O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\System32\HotfixQ0306270.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://belgacom.extrafilm.be/ImageUploader4.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/...ash/swflash.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\System32\ASWLSVC.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe -- End of file - 8593 bytes
  3. Superludi
    Bonne et mauvaise nouvelle. La bonne, le problème est résolu. La mauvaise c'est que mon lecteur dvd est out. D'ou le problème rencontré. J'ai essayé de lancer CoD par l'autre lecteur présent sur mon pc et ça fonctionne. Merci pour votre aide.
  4. Superludi

    Configuration clavier

    Superludi a répondu à un(e) sujet de Superludi dans Hardware

    Je suis de retour. J'ai tenté la manip en mode sans écec, mais ça n'a rien changé.
  5. Superludi

    Configuration clavier

    Superludi a répondu à un(e) sujet de Superludi dans Hardware

    Bon j'ai désinstaller et redémarrer, mais le problème persiste. Concernant une éventuelle config qwerty, je confirme que les "lettres" correspondent tout à fait au clavier azerty. Dans les réglages de la barre de langues, j'étais réglé sur français (France). J'ai bien tenté français (Belgique).... et oui nul n'est parfait ...... mais ça ne change rien. please help me.
  6. Superludi

    Configuration clavier

    Superludi a posté un sujet dans Hardware

    Bonjour, toutes les touches de mon pc ne correspondent pas exactement. Exemples: pour obtenir @ (Alt Gr + @) j'obtiens ~ la touche - juste à gauche du backspace me donne = pour obtenir ! je dois pousser sur le + juste à droite du shift droit Je sais qu'il n'y a pas grand chose à faire, mais je ne sais plus quoi exactement. MERCI POUR VOS CONSEILS
  7. Superludi
    OS? BdR? Je suis un peu comme qui dirait novice....
  8. Superludi
    J'avais bien Deamon tools avant. C'est maintenant qu'il est désinstaller, que le problème apparaît. C'est pourtant une version originale de CoD.
  9. Superludi
    Salut. Aucune idée? Je vois même pas pourquoi devrais-je avoir un système d'émulation pour CoD.... Du temps ou il fonctionnait, j'avais Deamon tools installé sur mon pc. Voilà tout ce quq je sais dire.
  10. Superludi
    Bonjour, je rencontre ce message au lancement de call of duty. http://www.hiboox.fr/go/images/informatiqu...102316.jpg.html Ce jeu fonctionnait très bien il y a quelques mois. Maintenant il ne veut plus se lancer. Quelqu'un peut-il m'aider? Merci
  11. Superludi
    Voilà, le scan MBAM est effectué. il m'a encore touvé une infection. Je te remercie mille fois pour le temps consacré à mon problème. Je tiens zébulon à l'oeil.... c'est extrêmement pratique. J'ai également une autre machine, qui fonctionne presque bien. Si j'ai un peu de temps, je vous sonderai une nouvelle fois. Euh au fait, comment indique t on résolu? Ludo
  12. Superludi
    Mon pc est déjà nettement plus fonctionnel. Il démarre au qurt de tour. Dois=je encore effectuer l'une ou l'autre manip (suite au rapport antivir et java) ou puis je mettre résolu dans le titre? Merci, Ludo
  13. Superludi
    Et voilà le rapport après scan par antivir: Avira AntiVir Personal Report file date: mercredi 10 septembre 2008 13:57 Scanning for 1607897 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: GRAND-CRU Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 31/08/2008 10:02:01 ANTIVIR3.VDF : 7.0.6.140 308736 Bytes 10/09/2008 11:57:09 Engineversion : 8.1.1.28 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.70 319866 Bytes 10/09/2008 10:02:07 AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49 AERDL.DLL : 8.1.1.1 397683 Bytes 10/09/2008 10:02:06 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35 AEOFFICE.DLL : 8.1.0.23 196987 Bytes 10/09/2008 10:02:05 AEHEUR.DLL : 8.1.0.51 1397111 Bytes 10/09/2008 10:02:05 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48 AEGEN.DLL : 8.1.0.36 315764 Bytes 10/09/2008 10:02:03 AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21 AECORE.DLL : 8.1.1.11 172406 Bytes 10/09/2008 10:02:03 AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 10/09/2008 10:02:02 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: mercredi 10 septembre 2008 13:57 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned Scan process 'Center.exe' - '1' Module(s) have been scanned Scan process 'ipoint.exe' - '1' Module(s) have been scanned Scan process 'type32.exe' - '1' Module(s) have been scanned Scan process 'hpotdd01.exe' - '1' Module(s) have been scanned Scan process 'hpztsb09.exe' - '1' Module(s) have been scanned Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd.exe' - '1' Module(s) have been scanned Scan process 'G-vga.exe' - '1' Module(s) have been scanned Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned Scan process 'ALCWZRD.EXE' - '1' Module(s) have been scanned Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned Scan process 'guard.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 40 processes with 40 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '54' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Program Files\eMule\Temp\001.part [0] Archive type: RAR --> lc5setup.exe [1] Archive type: CAB SFX (self extracting) --> \Disk1\CVS\Repository [WARNING] No further files can be extracted from this archive. The archive will be closed C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091117.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091117.exe [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091118.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091118.exe [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091119.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091119.exe [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091120.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091120.exe [DETECTION] Is the TR/Obfuscated.EN.383 Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091121.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091121.exe [DETECTION] Is the TR/Obfuscated.EN.209 Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091123.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091123.exe [DETECTION] Is the TR/Obfuscated.EN.383 Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091124.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091124.exe [DETECTION] Is the TR/Obfuscated.EN.146 Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091126.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP221\A0091126.exe [DETECTION] Is the TR/Dldr.IstBar.32000 Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP229\A0093861.cpl [DETECTION] Contains recognition pattern of the PHISH/FraudTool.MSAntivirus.X phishing file/email [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP229\A0093862.exe [DETECTION] Is the TR/Fake.UltimaAV.bh Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093978.exe [0] Archive type: RAR SFX (self extracting) --> MSA.cpl [DETECTION] Contains recognition pattern of the PHISH/FraudTool.MSAntivirus.X phishing file/email --> MSA.exe [DETECTION] Is the TR/Fake.UltimaAV.bh Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093982.exe [DETECTION] Is the TR/Spy.Frauder.dk Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093983.dll [DETECTION] Is the TR/Vundo.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093984.dll [DETECTION] Is the TR/Vundo.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093985.dll [DETECTION] Is the TR/Vundo.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093986.dll [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093987.dll [DETECTION] Is the TR/Vundo.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093988.dll [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093989.dll [DETECTION] Is the TR/Vundo.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093990.dll [DETECTION] Is the TR/Vundo.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093991.dll [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP230\A0093992.dll [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{D828316C-1C6B-4A4C-BF12-2841A558EEB4}\RP233\A0094448.cpl [DETECTION] Contains recognition pattern of the PHISH/FraudTool.MSAntivirus.X phishing file/email [NOTE] The file was deleted! End of the scan: mercredi 10 septembre 2008 14:46 Used time: 48:48 Minute(s) The scan has been done completely. 4521 Scanning directories 143321 Files were scanned 24 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 23 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 143296 Files not concerned 781 Archives were scanned 2 Warnings 23 Notes
  14. Superludi
    Merci. J'ai voulu vérifier si les anciennes versions java était bien désinstaller dans ajout/sup dans le panneau de config. Je n'y suis pas arriver car antivir a détecté une menace: http://www.hiboox.fr/go/images/informatiqu...4999bb.jpg.html Quelle option dois-je cocher? sup? quarantaine? Sinon voici le rapport java: JavaRa 1.11 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Wed Sep 10 12:44:57 2008 Could not delete: C:\Program Files\Java\jre1.5.0_11 Found and removed: Software\JavaSoft\Java2D\1.5.0_03 Found and removed: Software\JavaSoft\Java2D\1.5.0_11 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Classes\JavaPlugin.150_11 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\ Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting.
  15. Superludi
    J'ai un petit problème. Lorsque j'arrive à cette étape: * Décompresse le fichier sur ton bureau (clic droit > Extraire tout) * Double-clique sur le répertoire JavaRa obtenu * Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher) * Clique sur Search For Updates * Sélectionne Update Using jucheck.exe puis clique sur Search Le processus se bloque. Voir ci contre: http://www.hiboox.fr/go/images/informatiqu...7853f7.jpg.html Merci pour ton aide
  16. Superludi
    Voilà, j'ai bien effectuer les étapes 1 et 2. Voici le rapport Combofix: ComboFix 08-09-05.14 - Ludovic 2008-09-10 11:46:48.2 - NTFSx86 Endroit: C:\Documents and Settings\Ludovic\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Ludovic\Bureau\CFScript.txt AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller\Logs\9-10-2008-09h01m00s\SymNRT-9-10-2008-09h01m00s.log C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller\Logs\9-10-2008-09h01m00s\SymNRT.1.mft.7z C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec\Shared\MyProfile.UserProfile C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec\Shared\MyProfile.UserProfile C:\Lop SD C:\Lop SD\App-Prog.lsd C:\Lop SD\AuDoss.lsd C:\Lop SD\AutrInf.cmd C:\Lop SD\AWF.cmd C:\Lop SD\Back.cmd C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\APPLIC~1\BitDownload\URLs.ini C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Bureau\BitDownload Downloads.lnk C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Bureau\BitDownload.lnk C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Cookies\ludovic@32vegas[2].txt C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Cookies\ludovic@888[2].txt C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Cookies\ludovic@adin.bigpoint[2].txt C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Cookies\ludovic@adopt.euroclick[1].txt C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Cookies\ludovic@adultfriendfinder[1].txt C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Cookies\ludovic@advertising[1].txt C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Cookies\ludovic@bigpoint[2].txt C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Cookies\ludovic@fr1.seafight.bigpoint[2].txt C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\Cookies\ludovic@www.vegasaffiliates[1].txt C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\LOCALS~1\Temp\MachineKey.dll C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\LOCALS~1\Temp\md5dll.dll C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\LOCALS~1\Temp\Mutex.dll C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\LOCALS~1\Temp\rc4hex.dll C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\LOCALS~1\Temp\System.dll C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\MENUDM~1\PROGRA~1\BitDownload\BitDownload Downloads.lnk C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\MENUDM~1\PROGRA~1\BitDownload\BitDownload Uninstall.lnk C:\Lop SD\Backup-Lop\DOCUME~1\Ludovic\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk C:\Lop SD\Backup-Lop\Hosts\hosts C:\Lop SD\Backup-Lop\Program Files\BitDownload\Aqua.skn C:\Lop SD\Backup-Lop\Program Files\BitDownload\asoc.ini C:\Lop SD\Backup-Lop\Program Files\BitDownload\BitDownload.exe C:\Lop SD\Backup-Lop\Program Files\BitDownload\BitDownload.ico C:\Lop SD\Backup-Lop\Program Files\BitDownload\CDBurningPlugin.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\CDRipper.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\ClosestSearch.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\Default.skn C:\Lop SD\Backup-Lop\Program Files\BitDownload\Desert.skn C:\Lop SD\Backup-Lop\Program Files\BitDownload\EndProg.exe C:\Lop SD\Backup-Lop\Program Files\BitDownload\English.lng C:\Lop SD\Backup-Lop\Program Files\BitDownload\FileComplete.wav C:\Lop SD\Backup-Lop\Program Files\BitDownload\Forest.skn C:\Lop SD\Backup-Lop\Program Files\BitDownload\iphox_downloader_p.exe C:\Lop SD\Backup-Lop\Program Files\BitDownload\Notification.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\PeerInfoSearch.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\player.dll C:\Lop SD\Backup-Lop\Program Files\BitDownload\RegExt.exe C:\Lop SD\Backup-Lop\Program Files\BitDownload\rtl70.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\Russian.lng C:\Lop SD\Backup-Lop\Program Files\BitDownload\Sea.skn C:\Lop SD\Backup-Lop\Program Files\BitDownload\Search.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\tcpip_patcher.sys C:\Lop SD\Backup-Lop\Program Files\BitDownload\Uninstall.exe C:\Lop SD\Backup-Lop\Program Files\BitDownload\Units.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\vcl70.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\vclshlctrls70.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\vclx70.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\VersionChecker.exe C:\Lop SD\Backup-Lop\Program Files\BitDownload\VirtualTracker.bpl C:\Lop SD\Backup-Lop\Program Files\BitDownload\WinSkinD7R.bpl C:\Lop SD\Backup-Lop\Reg\HKCU_Run.reg C:\Lop SD\Backup-Lop\Reg\HKLM_Run.reg C:\Lop SD\Backup-Lop\Reg\HKLM_Uninstall.reg C:\Lop SD\Backup-Lop\WINDOWS\Tasks\A4846C0D918FE75D.job C:\Lop SD\Boo.reg C:\Lop SD\BooFix.cmd C:\Lop SD\catchme.exe C:\Lop SD\catchme.log C:\Lop SD\Changelog Lop SD.txt C:\Lop SD\Crack.txt C:\Lop SD\DirectFix.cmd C:\Lop SD\Discl_en.vbs C:\Lop SD\Discl_fr.vbs C:\Lop SD\Discl_ne.vbs C:\Lop SD\Discl_sp.vbs C:\Lop SD\Discl_su.vbs C:\Lop SD\Doss.lsd C:\Lop SD\exist.txt C:\Lop SD\FichRK.txt C:\Lop SD\Icon_Lop.ico C:\Lop SD\KILL.cmd C:\Lop SD\Langues.cmd C:\Lop SD\LopR_1.txt C:\Lop SD\LopR_2.txt C:\Lop SD\LopScript.cmd C:\Lop SD\LopSD.cmd C:\Lop SD\lsTasks.exe C:\Lop SD\Orph.egd C:\Lop SD\OS_v.vbs C:\Lop SD\paths.bat C:\Lop SD\Proc.txt C:\Lop SD\pv.exe C:\Lop SD\RegLop.reg C:\Lop SD\RK.txt C:\Lop SD\RKit.lsd C:\Lop SD\RoGUeS.lsd C:\Lop SD\RunTool.txt C:\Lop SD\S_LopV.cmd C:\Lop SD\S_LopX.cmd C:\Lop SD\sed.exe C:\Lop SD\setpath.exe C:\Lop SD\task.txt C:\Lop SD\Uninstal.exe C:\Lop SD\VUN.txt C:\Program Files\Alwil Software C:\Program Files\Alwil Software\Avast4\DATA\log\Error.log C:\Program Files\LimeWire C:\Program Files\LimeWire\.NetworkShare\LimeWirePackedJars4.8.1.7z C:\Program Files\LimeWire\.NetworkShare\LimeWireWin4.8.1.exe C:\Program Files\LimeWire\clink.jar C:\Program Files\LimeWire\commons-httpclient.jar C:\Program Files\LimeWire\commons-logging.jar C:\Program Files\LimeWire\COPYING C:\Program Files\LimeWire\daap.jar C:\Program Files\LimeWire\data.ser C:\Program Files\LimeWire\donotremove.htm C:\Program Files\LimeWire\GenericWindowsUtils.dll C:\Program Files\LimeWire\hashes C:\Program Files\LimeWire\hs_err_pid2792.log C:\Program Files\LimeWire\i18n.jar C:\Program Files\LimeWire\icu4j.jar C:\Program Files\LimeWire\id3v2.jar C:\Program Files\LimeWire\install.log C:\Program Files\LimeWire\jcraft.jar C:\Program Files\LimeWire\jl011.jar C:\Program Files\LimeWire\jmdns.jar C:\Program Files\LimeWire\language.prop C:\Program Files\LimeWire\LimeWire On Startup.lnk C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\LimeWire\LimeWire.ico C:\Program Files\LimeWire\LimeWire.jar C:\Program Files\LimeWire\LimeWire20.dll C:\Program Files\LimeWire\logicrypto.jar C:\Program Files\LimeWire\looks.jar C:\Program Files\LimeWire\MessagesBundle.properties C:\Program Files\LimeWire\MessagesBundles.jar C:\Program Files\LimeWire\mp3sp14.jar C:\Program Files\LimeWire\pmf.ico C:\Program Files\LimeWire\ProgressTabs.jar C:\Program Files\LimeWire\root\magnet10\badge.img C:\Program Files\LimeWire\root\magnet10\canHandle.img C:\Program Files\LimeWire\root\magnet10\limewire.gif C:\Program Files\LimeWire\root\magnet10\options.js C:\Program Files\LimeWire\root\magnet10\silentdetect.js C:\Program Files\LimeWire\SOURCE C:\Program Files\LimeWire\spacer.gif C:\Program Files\LimeWire\themes.jar C:\Program Files\LimeWire\tritonus.jar C:\Program Files\LimeWire\uninstall.exe C:\Program Files\LimeWire\unpack.log C:\Program Files\LimeWire\update.ver C:\Program Files\LimeWire\vorbis.jar C:\Program Files\LimeWire\WindowsV5PlusUtils.dll C:\Program Files\LimeWire\xerces.jar C:\Program Files\LimeWire\xml-apis.jar C:\Program Files\LimeWire\xml.war C:\Program Files\PCHealthCenter C:\WINDOWS\system32\1.ico C:\WINDOWS\system32\2.ico C:\WINDOWS\system32\casino1.ico C:\WINDOWS\system32\casino2.ico C:\WINDOWS\system32\casino3.ico C:\WINDOWS\system32\tdsspopup.dll C:\WINDOWS\system32\tdsspopup1.url C:\WINDOWS\system32\tdsspopup2.url C:\WINDOWS\system32\tdsspopup3.url . ((((((((((((((((((((((((((((( Fichiers créés 2008-08-10 to 2008-09-10 )))))))))))))))))))))))))))))))))))) . 2008-09-09 17:00 . 2008-09-09 17:00 <REP> d-------- C:\Program Files\Lavalys 2008-09-09 16:48 . 2008-09-09 16:48 <REP> d-------- C:\Program Files\Trend Micro 2008-09-08 16:22 . 2008-09-07 08:49 167,936 --a------ C:\WINDOWS\system32\MSa.cpl . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-10 09:19 23,524 ----a-w C:\WINDOWS\system32\drivers\GVTDrv.sys 2008-09-09 14:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-09-08 15:56 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-07-28 08:07 --------- d-----w C:\Documents and Settings\Ludovic\Application Data\Nokia Multimedia Player 2008-07-21 09:54 --------- d-----w C:\Program Files\Windows Defender 2008-07-21 09:54 --------- d-----w C:\Program Files\Microsoft AntiSpyware 2004-08-05 12:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll 2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll 2004-08-05 12:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll 2004-08-05 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll 2004-08-05 12:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll 2004-08-05 12:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll 2004-08-05 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll 2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll 2004-08-05 12:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll 2004-08-05 12:00 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll . ((((((((((((((((((((((((((((( snapshot@2008-09-10_ 9.51.05.25 ))))))))))))))))))))))))))))))))))))))))) . + 2008-09-10 09:16:22 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SonicFocus"="C:\Program Files\Sonic Focus\SFIGUI\\SFIGUI.EXE" [2004-06-13 1224704] "NVRTCLK"="C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe" [2003-12-30 24576] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-30 4603904] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-09-30 86016] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768] "VGAUtil"="C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe" [2004-09-17 552960] "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "DeviceDiscovery"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 75520] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648] "type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032] "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-09-22 817976] "Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2006-09-18 1696768] "Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe" [2006-06-22 192512] "CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344] "Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe] "SoundMan"="SOUNDMAN.EXE" [2004-09-23 C:\WINDOWS\SOUNDMAN.EXE] "AlcWzrd"="ALCWZRD.EXE" [2004-09-24 C:\WINDOWS\ALCWZRD.EXE] "nwiz"="nwiz.exe" [2004-09-30 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Shareaza\\Shareaza.exe"= "C:\\Program Files\\GigaByte\\VGA Utility Manager\\G-vga.exe"= "C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"= . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-10 11:48:29 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-09-10 11:49:15 ComboFix-quarantined-files.txt 2008-09-10 09:49:12 ComboFix2.txt 2008-09-10 07:51:34 Pre-Run: 85,708,722,176 octets libres Post-Run: 85,691,056,128 octets libres 269 --- E O F --- 2008-06-20 20:24:41
  17. Superludi
    Bonjour et merci pour tous ces conseils avisés. J'ai bien effectué toute les étapes. Voici donc le rapport LOP S&D: --------------------\\ Lop S&D 4.2.4-2 XP/Vista ( : ) USER : Ludovic ( Administrator ) "C:\Lop SD" ( MAJ : 08-09-2008|21:40 ) Option : [2] ( 10/09/2008| 9:26 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\Ludovic\LOCALS~1\Temp\nso3C.tmp Supprime! - C:\DOCUME~1\Ludovic\APPLIC~1\BitDownload\Storage Supprime! - C:\DOCUME~1\Ludovic\APPLIC~1\BitDownload\URLs.ini Supprime! - C:\DOCUME~1\Ludovic\MENUDM~1\PROGRA~1\BitDownload\BitDownload Downloads.lnk Supprime! - C:\DOCUME~1\Ludovic\MENUDM~1\PROGRA~1\BitDownload\BitDownload Uninstall.lnk Supprime! - C:\DOCUME~1\Ludovic\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk Supprime! - C:\Program Files\BitDownload\asoc.ini Supprime! - C:\Program Files\BitDownload\BitDownload.exe Supprime! - C:\Program Files\BitDownload\BitDownload.ico Supprime! - C:\Program Files\BitDownload\EndProg.exe Supprime! - C:\Program Files\BitDownload\iphox_downloader_p.exe Supprime! - C:\Program Files\BitDownload\Lang Supprime! - C:\Program Files\BitDownload\Media Supprime! - C:\Program Files\BitDownload\player.dll Supprime! - C:\Program Files\BitDownload\plug-ins Supprime! - C:\Program Files\BitDownload\RegExt.exe Supprime! - C:\Program Files\BitDownload\rtl70.bpl Supprime! - C:\Program Files\BitDownload\Skin Supprime! - C:\Program Files\BitDownload\tcpip_patcher.sys Supprime! - C:\Program Files\BitDownload\Uninstall.exe Supprime! - C:\Program Files\BitDownload\Units.bpl Supprime! - C:\Program Files\BitDownload\vcl70.bpl Supprime! - C:\Program Files\BitDownload\vclshlctrls70.bpl Supprime! - C:\Program Files\BitDownload\vclx70.bpl Supprime! - C:\Program Files\BitDownload\VersionChecker.exe Supprime! - C:\Program Files\BitDownload\WinSkinD7R.bpl Supprime! - C:\DOCUME~1\Ludovic\Bureau\BitDownload Downloads.lnk Supprime! - C:\DOCUME~1\Ludovic\Bureau\BitDownload.lnk Supprime! - C:\DOCUME~1\Ludovic\Cookies\ludovic@adultfriendfinder[1].txt Supprime! - C:\DOCUME~1\Ludovic\Cookies\ludovic@advertising[1].txt Supprime! - C:\DOCUME~1\Ludovic\Cookies\ludovic@adin.bigpoint[2].txt Supprime! - C:\DOCUME~1\Ludovic\Cookies\ludovic@bigpoint[2].txt Supprime! - C:\DOCUME~1\Ludovic\Cookies\ludovic@fr1.seafight.bigpoint[2].txt Supprime! - C:\DOCUME~1\Ludovic\Cookies\ludovic@adopt.euroclick[1].txt Supprime! - C:\DOCUME~1\Ludovic\Cookies\ludovic@32vegas[2].txt Supprime! - C:\DOCUME~1\Ludovic\Cookies\ludovic@www.vegasaffiliates[1].txt Supprime! - C:\DOCUME~1\Ludovic\Cookies\ludovic@888[2].txt Supprime! - C:\WINDOWS\Tasks\A4846C0D918FE75D.job Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default Supprime! - C:\DOCUME~1\Ludovic\APPLIC~1\stupid~1 Supprime! - C:\DOCUME~1\Ludovic\APPLIC~1\BitDownload Supprime! - C:\DOCUME~1\Ludovic\MENUDM~1\PROGRA~1\BitDownload Supprime! - C:\Program Files\BitDownload - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [19/03/2007|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [19/03/2007|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [20/04/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [16/06/2008|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [09/09/2008|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [08/07/2008|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations [21/07/2008|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [10/09/2008|09:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller [19/03/2007|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [08/07/2008|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [23/02/2008|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [07/02/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SupportSoft [21/07/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [12/04/2007|23:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [15/04/2007|10:59] C:\DOCUME~1\Autres\APPLIC~1\Google [15/04/2007|10:58] C:\DOCUME~1\Autres\APPLIC~1\Identities [15/04/2007|10:59] C:\DOCUME~1\Autres\APPLIC~1\Macromedia [26/08/2007|09:43] C:\DOCUME~1\Autres\APPLIC~1\Microsoft [30/06/2007|21:21] C:\DOCUME~1\Autres\APPLIC~1\Sun [19/03/2007|20:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [20/03/2007|20:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [20/03/2007|23:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec [13/06/2008|22:03] C:\DOCUME~1\Ludovic\APPLIC~1\Adobe [20/04/2007|17:11] C:\DOCUME~1\Ludovic\APPLIC~1\Ahead [21/03/2007|01:23] C:\DOCUME~1\Ludovic\APPLIC~1\CyberLink [19/03/2007|23:28] C:\DOCUME~1\Ludovic\APPLIC~1\Google [06/04/2007|00:09] C:\DOCUME~1\Ludovic\APPLIC~1\Help [19/03/2007|21:00] C:\DOCUME~1\Ludovic\APPLIC~1\Identities [19/03/2007|21:16] C:\DOCUME~1\Ludovic\APPLIC~1\InterTrust [19/03/2007|23:51] C:\DOCUME~1\Ludovic\APPLIC~1\Macromedia [12/04/2007|18:51] C:\DOCUME~1\Ludovic\APPLIC~1\Microsoft [08/07/2008|21:37] C:\DOCUME~1\Ludovic\APPLIC~1\Nokia [28/07/2008|10:07] C:\DOCUME~1\Ludovic\APPLIC~1\Nokia Multimedia Player [08/07/2008|21:21] C:\DOCUME~1\Ludovic\APPLIC~1\PC Suite [14/12/2007|17:50] C:\DOCUME~1\Ludovic\APPLIC~1\SecuROM [19/03/2008|23:18] C:\DOCUME~1\Ludovic\APPLIC~1\Shareaza [14/12/2007|17:50] C:\DOCUME~1\Ludovic\APPLIC~1\Sports Interactive [19/03/2007|22:59] C:\DOCUME~1\Ludovic\APPLIC~1\Sun [20/03/2007|00:14] C:\DOCUME~1\Ludovic\APPLIC~1\vlc [13/04/2007|22:30] C:\DOCUME~1\Ludovic\APPLIC~1\WinRAR [30/07/2008|18:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [19/03/2007|21:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [10/09/2008 09:07][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job [10/09/2008 09:04][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [30/08/2007|18:32] C:\Program Files\@stake [30/04/2007|20:10] C:\Program Files\7-Zip [24/05/2007|18:15] C:\Program Files\Adesign [19/03/2007|21:16] C:\Program Files\Adobe [19/03/2007|23:39] C:\Program Files\Ahead [18/07/2008|23:36] C:\Program Files\Alwil Software [03/11/2007|16:38] C:\Program Files\ASUS [19/03/2007|23:15] C:\Program Files\AtomixMP3 [06/06/2008|19:10] C:\Program Files\Belgacom [16/01/2008|23:19] C:\Program Files\Call of Duty [09/10/2007|18:51] C:\Program Files\Common Files [19/03/2007|20:52] C:\Program Files\ComPlus Applications [19/03/2007|22:02] C:\Program Files\CyberLink [08/07/2008|21:26] C:\Program Files\DIFX [10/08/2007|12:37] C:\Program Files\DivX [02/05/2007|23:41] C:\Program Files\D-Tools [19/03/2007|23:29] C:\Program Files\DVD Shrink [30/08/2007|18:31] C:\Program Files\eMule [17/04/2007|18:24] C:\Program Files\ewido anti-spyware 4.0 [18/07/2008|23:33] C:\Program Files\Fichiers communs [19/03/2007|22:03] C:\Program Files\GigaByte [06/05/2007|13:25] C:\Program Files\GOA [16/06/2008|19:48] C:\Program Files\Google [19/03/2007|22:25] C:\Program Files\Hewlett-Packard [19/03/2007|22:22] C:\Program Files\HP [03/11/2007|15:43] C:\Program Files\InstallShield Installation Information [19/03/2007|21:09] C:\Program Files\Intel [12/06/2008|00:03] C:\Program Files\Internet Explorer [19/03/2007|22:58] C:\Program Files\Java [09/09/2008|17:00] C:\Program Files\Lavalys [21/05/2008|22:26] C:\Program Files\LimeWire [01/07/2007|01:45] C:\Program Files\Messenger [12/05/2008|15:03] C:\Program Files\Micro Application [21/07/2008|11:54] C:\Program Files\Microsoft AntiSpyware [16/04/2007|17:23] C:\Program Files\microsoft frontpage [01/06/2007|19:36] C:\Program Files\Microsoft IntelliPoint [01/06/2007|19:35] C:\Program Files\Microsoft IntelliPoint 6.02 [03/07/2007|18:10] C:\Program Files\Microsoft IntelliType Pro [30/03/2007|17:36] C:\Program Files\Microsoft IntelliType Pro 5.2 [19/03/2007|20:53] C:\Program Files\Movie Maker [19/03/2007|20:33] C:\Program Files\MSN [19/03/2007|20:33] C:\Program Files\MSN Gaming Zone [12/04/2007|18:50] C:\Program Files\MSN Messenger [19/03/2007|20:53] C:\Program Files\NetMeeting [19/03/2007|21:17] C:\Program Files\NewTech Infosystems [08/07/2008|21:22] C:\Program Files\Nokia [19/03/2007|20:34] C:\Program Files\Online Services [01/07/2007|01:43] C:\Program Files\Outlook Express [08/07/2008|21:20] C:\Program Files\PC Connectivity Solution [08/09/2008|17:01] C:\Program Files\PCHealthCenter [30/04/2007|20:26] C:\Program Files\Project64 1.6 [19/03/2007|21:14] C:\Program Files\Realtek [19/03/2007|20:54] C:\Program Files\Services en ligne [19/03/2008|23:18] C:\Program Files\Shareaza [14/06/2008|17:22] C:\Program Files\SlySoft [19/03/2007|21:19] C:\Program Files\Sonic Focus [14/12/2007|17:45] C:\Program Files\Sports Interactive [08/09/2008|17:56] C:\Program Files\Spybot - Search & Destroy [07/02/2008|18:38] C:\Program Files\SupportSoft [09/09/2008|16:48] C:\Program Files\Trend Micro [19/03/2007|21:00] C:\Program Files\Uninstall Information [19/03/2007|22:52] C:\Program Files\VideoLAN [21/07/2008|11:54] C:\Program Files\Windows Defender [01/07/2007|01:44] C:\Program Files\Windows Media Player [19/03/2007|20:33] C:\Program Files\Windows NT [19/03/2007|20:54] C:\Program Files\WindowsUpdate [07/06/2007|17:40] C:\Program Files\WinRAR [19/03/2007|20:55] C:\Program Files\xerox [14/12/2007|17:50] C:\Program Files\Zero G Registry --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [19/03/2007|21:21] C:\Program Files\Fichiers communs\Adobe [19/03/2007|23:35] C:\Program Files\Fichiers communs\Ahead [03/05/2007|00:01] C:\Program Files\Fichiers communs\DirectX [07/04/2007|15:53] C:\Program Files\Fichiers communs\InstallShield [19/03/2007|22:57] C:\Program Files\Fichiers communs\Java [16/04/2007|17:23] C:\Program Files\Fichiers communs\Microsoft Shared [19/03/2007|20:53] C:\Program Files\Fichiers communs\MSSoap [08/07/2008|21:23] C:\Program Files\Fichiers communs\Nokia [19/03/2007|20:35] C:\Program Files\Fichiers communs\ODBC [08/07/2008|21:23] C:\Program Files\Fichiers communs\PCSuite [19/03/2007|20:53] C:\Program Files\Fichiers communs\Services [19/03/2007|20:35] C:\Program Files\Fichiers communs\SpeechEngines [07/02/2008|18:38] C:\Program Files\Fichiers communs\Supportsoft [01/07/2007|01:43] C:\Program Files\Fichiers communs\System --------------------\\ Process ( 37 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-10 09:28:14 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\AKmoqBeg.ini C:\WINDOWS\system32\AKmoqBeg.ini2 C:\WINDOWS\system32\LlVEgfii.ini C:\WINDOWS\system32\LlVEgfii.ini2 C:\WINDOWS\system32\QAcJRXyb.ini C:\WINDOWS\system32\QAcJRXyb.ini2 ==> VUNDO <== --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Services\tdssserv] Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Services\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet002\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet002\Services\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet002\Enum\Root\tdssserv] Trojan ! .. C:\WINDOWS\system32\tdssservers.dat Trojan ! .. C:\WINDOWS\system32\tdssinit.dll Trojan ! .. C:\WINDOWS\system32\tdssadw.dll --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 1 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 2 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 3 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 1 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip\Architecte3D C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 1 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip\Architecte3D\CD1 C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 1 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip\Architecte3D\CD1\Architecte3D.zip C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 2 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip\Architecte3D C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 2 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip\Architecte3D\CD2 C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 2 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip\Architecte3D\CD2\Architecte3D_CD2.zip C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 3 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip\Architecte3D C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 3 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip\Architecte3D\CD2 C:\DOCUME~1\Ludovic\Local Settings\Temp\R‚pertoire temporaire 3 pour Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip\Architecte3D\CD2\Architecte3D_CD2.zip C:\DOCUME~1\Ludovic\Mes documents\Downloads\Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip C:\DOCUME~1\Ludovic\Mes documents\Downloads\Metadata\Architecte 3d 2007 French(Plan Maison Architecture) Crack.zip.xml C:\DOCUME~1\Ludovic\Recent\Architecte 3d 2007 French(Plan Maison Architecture) Crack.lnk C:\DOCUME~1\Ludovic\Recent\lc4keygen.lnk [F:1109][D:169]-> C:\DOCUME~1\Ludovic\LOCALS~1\Temp [F:928][D:0]-> C:\DOCUME~1\Ludovic\Cookies [F:13640][D:22]-> C:\DOCUME~1\Ludovic\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 10/09/2008| 9:22 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 10/09/2008| 9:29 - Option : [2] --------------------\\ Fin du rapport a 9:29:10 Et voici le rapport Combofix: ComboFix 08-09-05.14 - Ludovic 2008-09-10 9:35:33.1 - NTFSx86 Endroit: C:\Téléchargements\ComboFix.exe AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Ludovic\Cookies\ludovic@edt02[2].txt C:\Documents and Settings\Ludovic\Cookies\ludovic@specificclick[1].txt C:\Program Files\PCHealthCenter\0.gif C:\Program Files\PCHealthCenter\1.gif C:\Program Files\PCHealthCenter\1.ico C:\Program Files\PCHealthCenter\2.gif C:\Program Files\PCHealthCenter\2.ico C:\Program Files\PCHealthCenter\3.gif C:\Program Files\PCHealthCenter\5.exe C:\Program Files\PCHealthCenter\7.exe C:\Program Files\PCHealthCenter\sc.html C:\WINDOWS\BMcf7819be.txt C:\WINDOWS\BMcf7819be.xml C:\WINDOWS\system32\aabsyhrn.ini C:\WINDOWS\system32\AKmoqBeg.ini C:\WINDOWS\system32\AKmoqBeg.ini2 C:\WINDOWS\system32\cdkxeobx.dll C:\WINDOWS\system32\csvmhapp.ini C:\WINDOWS\system32\dlnztu.dll C:\WINDOWS\system32\effauv.dll C:\WINDOWS\system32\exanffbm.ini C:\WINDOWS\system32\fmiomuen.dll C:\WINDOWS\system32\gengwott.ini C:\WINDOWS\system32\hfqfdu.dll C:\WINDOWS\system32\ixxogbup.dll C:\WINDOWS\system32\jmqsaoal.dll C:\WINDOWS\system32\lavimqyv.ini C:\WINDOWS\system32\LlVEgfii.ini C:\WINDOWS\system32\LlVEgfii.ini2 C:\WINDOWS\system32\lphcp9mj0en57.exe C:\WINDOWS\system32\nrhysbaa.dll C:\WINDOWS\system32\otoxrh.dll C:\WINDOWS\system32\phcp9mj0en57.bmp C:\WINDOWS\system32\pubgoxxi.ini C:\WINDOWS\system32\QAcJRXyb.ini C:\WINDOWS\system32\QAcJRXyb.ini2 C:\WINDOWS\system32\tdssadw.dll C:\WINDOWS\system32\tdssinit.dll C:\WINDOWS\system32\tdssservers.dat C:\WINDOWS\system32\ttowgneg.dll C:\WINDOWS\system32\vyqmival.dll C:\WINDOWS\system32\ydragkch.ini C:\WINDOWS\system32\ykqfnqjo.dll C:\WINDOWS\system32\yruxrckx.ini C:\WINDOWS\system32\yrxjjxwr.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_TDSSSERV -------\Service_TDSSserv ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-08-10 to 2008-09-10 )))))))))))))))))))))))))))))))))))) . 2008-09-10 09:39 . 2008-09-10 09:39 0 --a----t- C:\TEMP\Perflib_Perfdata_7d4.dat 2008-09-10 09:17 . 2008-09-10 09:29 <REP> d-------- C:\Lop SD 2008-09-10 09:01 . 2008-09-10 09:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NortonInstaller 2008-09-09 17:00 . 2008-09-09 17:00 <REP> d-------- C:\Program Files\Lavalys 2008-09-09 16:48 . 2008-09-09 16:48 <REP> d-------- C:\Program Files\Trend Micro 2008-09-08 16:26 . 2008-09-07 08:49 3,262 --a------ C:\WINDOWS\system32\2.ico 2008-09-08 16:22 . 2008-09-10 09:38 <REP> d-------- C:\Program Files\PCHealthCenter 2008-09-08 16:22 . 2008-09-07 08:49 167,936 --a------ C:\WINDOWS\system32\MSa.cpl 2008-09-08 16:22 . 2008-09-08 16:22 88,878 --a------ C:\WINDOWS\system32\casino3.ico 2008-09-08 16:22 . 2008-09-08 16:22 88,878 --a------ C:\WINDOWS\system32\casino2.ico 2008-09-08 16:22 . 2008-09-08 16:22 88,878 --a------ C:\WINDOWS\system32\casino1.ico 2008-09-08 16:22 . 2008-09-08 16:22 15,360 --a------ C:\WINDOWS\system32\tdsspopup.dll 2008-09-08 16:22 . 2008-09-07 08:49 3,262 --a------ C:\WINDOWS\system32\1.ico 2008-09-08 16:22 . 2008-09-08 16:22 120 --a------ C:\WINDOWS\system32\tdsspopup3.url 2008-09-08 16:22 . 2008-09-08 16:22 120 --a------ C:\WINDOWS\system32\tdsspopup2.url 2008-09-08 16:22 . 2008-09-08 16:22 120 --a------ C:\WINDOWS\system32\tdsspopup1.url . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-10 07:49 23,524 ----a-w C:\WINDOWS\system32\drivers\GVTDrv.sys 2008-09-09 14:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-09-08 15:56 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-07-28 08:07 --------- d-----w C:\Documents and Settings\Ludovic\Application Data\Nokia Multimedia Player 2008-07-21 09:54 --------- d-----w C:\Program Files\Windows Defender 2008-07-21 09:54 --------- d-----w C:\Program Files\Microsoft AntiSpyware 2008-07-18 21:36 --------- d-----w C:\Program Files\Alwil Software 2004-08-05 12:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll 2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll 2004-08-05 12:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll 2004-08-05 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll 2004-08-05 12:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll 2004-08-05 12:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll 2004-08-05 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll 2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll 2004-08-05 12:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll 2004-08-05 12:00 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SonicFocus"="C:\Program Files\Sonic Focus\SFIGUI\\SFIGUI.EXE" [2004-06-13 1224704] "NVRTCLK"="C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe" [2003-12-30 24576] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-30 4603904] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-09-30 86016] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768] "VGAUtil"="C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe" [2004-09-17 552960] "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "DeviceDiscovery"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 75520] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648] "type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032] "DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 81920] "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-09-22 817976] "Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2006-09-18 1696768] "Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe" [2006-06-22 192512] "CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344] "Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe] "SoundMan"="SOUNDMAN.EXE" [2004-09-23 C:\WINDOWS\SOUNDMAN.EXE] "AlcWzrd"="ALCWZRD.EXE" [2004-09-24 C:\WINDOWS\ALCWZRD.EXE] "nwiz"="nwiz.exe" [2004-09-30 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Shareaza\\Shareaza.exe"= "C:\\Program Files\\GigaByte\\VGA Utility Manager\\G-vga.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"= . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' . - - - - ORPHANS REMOVED - - - - HKCU-Run-DAEMON Tools - C:\Program Files\DAEMON Tools\daemon.exe MSConfigStartUp-ANTIVIRUS - C:\Program Files\MS Antivirus\MSA.exe . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://www.actu24.be/?ref=0815 R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s O16 -: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} - hxxp://belgacom.extrafilm.be/ImageUploader4.cab C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader4.inf C:\WINDOWS\system32\unicows.dll C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader4.ocx . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-10 09:49:18 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\ati2evxx.exe . ************************************************************************** . Temps d'accomplissement: 2008-09-10 9:51:33 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-10 07:51:28 Pre-Run: 83,083,804,672 octets libres Post-Run: 85,603,115,008 octets libres 184 --- E O F --- 2008-06-20 20:24:41
  18. Superludi
    Merci, j'exécute tout ça demain et je te tiens au courant.
  19. Superludi
    Bonjour la communauté, Je me permets de poster un rapport hijackthis. Dois-je envisager un petit nettoyage? Dans un tuto, j'ai pu remarquer que O4 correspond aux programmes lancés automatiquement au démarrage du pc. Il y en a apparament beaucoup. Est-du à cela la lenteur pour démarrer? Si oui, à votre avis que puis éliminer? Merci d'avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:28:51, on 09/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\ASUS\WLAN Card Utilities\Center.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Lavalys\EVEREST Home Edition\everest.bin C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.actu24.be/?ref=0815 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {13beb44e-2ab1-48a7-b38d-10a59f7fe1e9} - (no file) O2 - BHO: (no name) - {1B0B2FB4-7586-4AF0-BAB2-C271983196C8} - (no file) O2 - BHO: (no name) - {1C4CF529-83E2-4D13-9E7C-CD341A9828CB} - (no file) O2 - BHO: (no name) - {1D265CB4-2F85-45C8-A53B-56C2D3958EDA} - (no file) O2 - BHO: (no name) - {2b41ca50-a1b9-4f05-bc16-7d1b374b27be} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {74797C4F-5B4C-49A1-9BF3-67E0AFF68CAD} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {8F3CD31D-0125-4A25-A6EF-9557B52AF9C0} - (no file) O2 - BHO: (no name) - {94BB3B31-D921-4A3E-B4B0-0B6B74864FDA} - (no file) O2 - BHO: (no name) - {A8BD8ECB-21CB-4F0D-BA6D-E353B3BD5444} - C:\WINDOWS\system32\byXRJcAQ.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {AD112FC0-0DC3-41F3-862B-768054DFB7B4} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: (no name) - {C2B5F262-94AE-4A6F-A5F7-70DD97A6AEFB} - (no file) O2 - BHO: (no name) - {C5FD6A3F-B2DA-416C-83B8-6F3E3C9C6D2F} - C:\WINDOWS\system32\iifgEVlL.dll (file missing) O2 - BHO: (no name) - {CA3DEA79-4551-46CB-84AA-3EDBDE25DF69} - (no file) O2 - BHO: (no name) - {CCC0D722-E546-4AAD-9F01-1B274832F017} - C:\WINDOWS\system32\geBqomKA.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - (no file) O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file) O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [sonicFocus] "C:\Program Files\Sonic Focus\SFIGUI\\SFIGUI.EXE" BOOT O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1036 O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [bMcf7819be] Rundll32.exe "C:\WINDOWS\system32\ybxxolrw.dll",s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [objbuild] C:\DOCUME~1\Ludovic\APPLIC~1\STUPID~1\refamen.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [\YUR33.exe] C:\Windows\system32\YUR33.exe O4 - HKCU\..\Run: [\YUR34.exe] C:\Windows\system32\YUR34.exe O4 - HKCU\..\Run: [\YUR35.exe] C:\Windows\system32\YUR35.exe O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-1085031214-1123561945-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1085031214-1123561945-839522115-1003\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?') O4 - HKUS\S-1-5-21-1085031214-1123561945-839522115-1003\..\Run: [\YUR33.exe] C:\Windows\system32\YUR33.exe (User '?') O4 - HKUS\S-1-5-21-1085031214-1123561945-839522115-1003\..\Run: [\YUR34.exe] C:\Windows\system32\YUR34.exe (User '?') O4 - HKUS\S-1-5-21-1085031214-1123561945-839522115-1003\..\Run: [\YUR35.exe] C:\Windows\system32\YUR35.exe (User '?') O4 - HKUS\S-1-5-21-1085031214-1123561945-839522115-1003\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1174335529859 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://belgacom.extrafilm.be/ImageUploader4.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/a...zylomloader.cab O20 - AppInit_DLLs: otoxrh.dll O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 11030 bytes
×
×
  • Créer...