sound
-
Compteur de contenus
18 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par sound
-
Bonjour , merci pour vos reponses dsl du retard mais 1001 ennuies avec le pc maintenant Windows ce lance mais arriver sur le bureau j'ai un message comme quoi il ne trouve le fichier Svchost.exe
-
Bonjour , je n'arrive plus a demarrer windows il reste bloquer sur "windows est en cours de demarrage" je suis obliger d'utiliser le mode sans echec je cherche donc une solution a ce probleme merci
-
modification de config
sound a répondu à un(e) sujet de sound dans Conseils matériel - Achats & Ventes
ok merci -
modification de config
sound a répondu à un(e) sujet de sound dans Conseils matériel - Achats & Ventes
salut , tu saurais me dire la longueur de la 4870 ? parce que ma 7800gtx prend déja toute la place donc si elle est plus grande elle ne rentreras pas .. -
Bonjour , j'aimerais faire tourner mon pc sur des jeux comme crysis mais il n'est pas assez puissant donc j'aimerais que vous me conseillez sur ce que je devrais changer et si si c'est possible dans un prix assez raisonnable http://img190.imageshack.us/my.php?image=sanstitre1bws.png merci
-
Merci
-
Bonjour , j'ai un probleme avec outlook express j'ai ce message qui n'arrete pas de revenir http://img22.imageshack.us/my.php?image=sanstitre1yve.png et que je mette ok ou annuler il revient a chaque fois et c'est infernal ca me fait des retour windows tout le temp en jeu j'ai telecharger thunderbird j'en ai fait ma messagerie par defaut mais rien ne change merci de votre aide
-
ok merci a+
-
c'est les pub ca me fait des retour windows :/ j'ai telecharger ce script tanto mais ca na pas l'air de fonctionner je viens de voir votre dossier avast je vais reflechir a ca
-
Oui j'ai trouver ca assez long aussi ^^ clef norton2009reset bien supprimer le pc ce comporte très bien mais j'ai toujours un probleme avec le message de outlook express qui me demande si je veux compresser mes messages a chaque fois je met Ok 2 min après il revient ce qui est embetant c'est que ca me fait des retour windows quand je joue si vous avez une solution ? je fait un scan spybot parce que j'ai desinstaller antivir je vais surrement prendre avast [ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\VundoFix.txt: trouvé ! C:\Combofix.txt: trouvé ! C:\TB.txt: trouvé ! C:\UsbFix.txt: trouvé ! C:\Toolbar SD: trouvé ! C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé ! C:\Program Files\Trend Micro\HijackThis: trouvé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé ! --------------------------------- --> Suppression: C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk: supprimé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé ! C:\VundoFix.txt: supprimé ! C:\Combofix.txt: supprimé ! C:\TB.txt: supprimé ! C:\UsbFix.txt: supprimé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé ! C:\Toolbar SD: supprimé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé ! C:\Program Files\Trend Micro\HijackThis: supprimé ! voila et encore merci pour votre aide
-
Re , voici le rapport MBAM Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2077 Windows 5.1.2600 Service Pack 3 6/05/2009 16:57:11 mbam-log-2009-05-06 (16-57-11).txt Type de recherche: Examen rapide Eléments examinés: 82699 Temps écoulé: 1 hour(s), 9 minute(s), 52 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) et le rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:01:15, on 6/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Razer\DeathAdder\razertra.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_1_2_1.cab O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 7618 bytes stp
-
Bonjour , je n'arrive pas a finir l'analyse de MBAM un message de outlook express aparait a chaque fois http://img22.imageshack.us/my.php?image=sanstitre1yve.png
-
Rapport d'usb fix ############################## [ UsbFix V3.016 # Cleaning ] # User : renaud () # XPSP3 # Update on 02/05/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 22:36:09 | 5/05/2009 # AMD Athlon 64 X2 Dual Core Processor 4400+ # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Enabled # AV : BitDefender Antivirus 12.0 [ (!) Disabled | (!) Outdated ] # AV : AntiVir Desktop 9.0.1.26 [ (!) Disabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 39,99 Go (33,09 Go free) # NTFS # D:\ # Disque fixe local # 36,33 Go (36,27 Go free) [disque local] # NTFS # E:\ # Disque fixe local # 232,88 Go (208,57 Go free) # NTFS # F:\ # Disque CD-ROM # G:\ # Disque amovible ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\rsvp.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe ################## [ Fichiers # Dossiers infectieux ] ################## [ Registre # Clés Run infectieuses ] ################## [ Registre # Mountpoints2 ] Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{175d5218-2774-11de-b384-001109ddc2f2}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{175d5219-2774-11de-b384-001109ddc2f2}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{56572926-ff92-11dd-b34e-001109ddc2f2}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{8753cc6e-3d1f-11dc-a337-0040f4ea868e}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{960ca276-d9a9-11dd-9c2d-001109ddc2f2}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{960ca27b-d9a9-11dd-9c2d-001109ddc2f2}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{960ca27c-d9a9-11dd-9c2d-001109ddc2f2}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{b524274c-0fec-11de-b35f-001109ddc2f2}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{b71e3e11-41ed-11dd-8c7a-806d6172696f}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{d19fab24-3d2b-11dc-8dde-0040f4ea868e}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{dc5f8c8f-245e-11de-b37a-001109ddc2f2}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e681bea3-35c8-11de-b3c1-001109ddc2f2}\Shell\AutoRun\command ################## [ Listing des fichiers présent ] [28/07/2007 17:09|--a------|0] - C:\AUTOEXEC.BAT [14/04/2009 21:50|--a------|226] - C:\Boot.bak [05/05/2009 16:36|-rahs----|296] - C:\boot.ini [24/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin [03/08/2004 23:00|--a------|263488] - C:\cmldr [05/05/2009 16:45|--a------|25193] - C:\ComboFix.txt [28/07/2007 17:09|--a------|0] - C:\CONFIG.SYS [26/08/2008 23:43|--a------|0] - C:\fftoutput.txt [07/01/2009 21:57|--a------|2286] - C:\INSTALL.LOG [28/07/2007 17:09|-rahs----|0] - C:\IO.SYS [28/07/2007 17:09|-rahs----|0] - C:\MSDOS.SYS [03/08/2004 23:38|-rahs----|47564] - C:\NTDETECT.COM [03/08/2004 23:59|-rahs----|251712] - C:\ntldr [?|?|?] - C:\pagefile.sys [08/08/2008 16:48|--a------|251890] - C:\rapport.txt [10/12/2008 00:22|--a------|0] - C:\regdump.arm9.txt [24/06/2008 15:21|--ah-----|268] - C:\sqmdata00.sqm [24/06/2008 15:37|--ah-----|268] - C:\sqmdata01.sqm [08/07/2008 16:23|--ah-----|268] - C:\sqmdata02.sqm [23/07/2008 16:56|--ah-----|268] - C:\sqmdata03.sqm [23/07/2008 19:09|--ah-----|268] - C:\sqmdata04.sqm [07/08/2008 09:38|--ah-----|268] - C:\sqmdata05.sqm [07/08/2008 10:55|--ah-----|268] - C:\sqmdata06.sqm [17/05/2008 22:27|--ah-----|268] - C:\sqmdata07.sqm [20/05/2008 17:24|--ah-----|268] - C:\sqmdata08.sqm [20/05/2008 17:55|--ah-----|268] - C:\sqmdata09.sqm [20/05/2008 23:11|--ah-----|268] - C:\sqmdata10.sqm [23/05/2008 17:04|--ah-----|268] - C:\sqmdata11.sqm [24/05/2008 22:39|--ah-----|268] - C:\sqmdata12.sqm [25/05/2008 22:33|--ah-----|268] - C:\sqmdata13.sqm [26/05/2008 17:08|--ah-----|268] - C:\sqmdata14.sqm [26/05/2008 23:49|--ah-----|268] - C:\sqmdata15.sqm [28/05/2008 00:23|--ah-----|268] - C:\sqmdata16.sqm [28/05/2008 23:30|--ah-----|268] - C:\sqmdata17.sqm [29/05/2008 22:51|--ah-----|268] - C:\sqmdata18.sqm [24/06/2008 15:07|--ah-----|268] - C:\sqmdata19.sqm [24/06/2008 15:07|--ah-----|244] - C:\sqmnoopt00.sqm [24/06/2008 15:21|--ah-----|244] - C:\sqmnoopt01.sqm [24/06/2008 15:37|--ah-----|244] - C:\sqmnoopt02.sqm [08/07/2008 16:23|--ah-----|244] - C:\sqmnoopt03.sqm [23/07/2008 16:56|--ah-----|244] - C:\sqmnoopt04.sqm [23/07/2008 19:09|--ah-----|244] - C:\sqmnoopt05.sqm [07/08/2008 09:38|--ah-----|244] - C:\sqmnoopt06.sqm [07/08/2008 10:55|--ah-----|244] - C:\sqmnoopt07.sqm [20/05/2008 17:24|--ah-----|244] - C:\sqmnoopt08.sqm [20/05/2008 17:55|--ah-----|244] - C:\sqmnoopt09.sqm [20/05/2008 23:11|--ah-----|244] - C:\sqmnoopt10.sqm [21/05/2008 22:07|--ah-----|244] - C:\sqmnoopt11.sqm [23/05/2008 17:04|--ah-----|244] - C:\sqmnoopt12.sqm [24/05/2008 22:39|--ah-----|244] - C:\sqmnoopt13.sqm [25/05/2008 22:33|--ah-----|244] - C:\sqmnoopt14.sqm [26/05/2008 17:08|--ah-----|244] - C:\sqmnoopt15.sqm [26/05/2008 23:49|--ah-----|244] - C:\sqmnoopt16.sqm [28/05/2008 00:23|--ah-----|244] - C:\sqmnoopt17.sqm [28/05/2008 23:30|--ah-----|244] - C:\sqmnoopt18.sqm [29/05/2008 22:51|--ah-----|244] - C:\sqmnoopt19.sqm [05/05/2009 16:14|--a------|2671] - C:\TB.txt [24/05/2001 13:59|--a------|162304] - C:\UNWISE.EXE [05/05/2009 22:36|--a------|6565] - C:\UsbFix.txt [18/10/2008 20:58|--a------|159] - C:\VundoFix.txt [25/04/2009 11:51|--a------|3686454] - E:\01881_orionnebula_1280x960.bmp [27/04/2009 21:16|--a------|5760054] - E:\31112616.bmp [26/04/2009 20:46|--a------|5760054] - E:\3D18.bmp [29/04/2009 17:34|---hs----|1961] - E:\AlbumArtSmall.jpg [29/04/2009 12:34|--a------|5760054] - E:\Alienware_Alien.bmp [25/04/2009 10:53|--a------|1366] - E:\Aller sur MSN.fr.lnk [25/04/2009 10:47|--a------|1812] - E:\Belgacom e-Services.lnk [25/04/2009 10:49|--a------|1875] - E:\Belgacom Genius 2.2.lnk [27/04/2009 13:20|--a------|9000054] - E:\black-windows-vista-logo-wallpaper.bmp [19/06/2008 13:28|-rahs----|211] - E:\boot.ini [28/08/2001 14:00|-rahs----|4952] - E:\Bootfont.bin [03/04/2009 22:05|--a------|734105600] - E:\Braquage à l'anglaise.avi [26/04/2009 22:30|--a------|2359350] - E:\Brisingr_wallpaper_standard.bmp [16/04/2009 08:21|--a------|6511680] - E:\Busta Rhymes feat T-Pain - Hustlers Anthem.mp3 [16/04/2009 08:21|--a------|70006978] - E:\Busta Rhymes feat T-Pain - Hustlers Anthem.TVRIP.XViD.2009-FEAR.avi [04/08/2008 13:53|--a------|1548] - E:\CCleaner.lnk [19/10/2008 20:11|--a------|10111527] - E:\CS1.6-Original.exe [01/05/2009 22:34|--a------|564884] - E:\devas_model.jpg [30/04/2009 12:11|--a------|831] - E:\DivX Converter.lnk [30/04/2009 17:46|--a------|1397] - E:\DivX Movies.lnk [29/04/2009 10:47|--a------|729823232] - E:\DragonballEvolution.avi [29/04/2009 14:34|--a------|734718328] - E:\Fast.and.Furious.4.FRENCH.R5.MD.XviD-uLTiMaTe.avi [29/04/2009 17:34|---hs----|7248] - E:\Folder.jpg [02/12/2008 15:41|--a------|731994112] - E:\Gad Elmaleh Papa est en haut.avi [10/09/2008 12:38|--a------|727017472] - E:\Hancock.avi [02/05/2009 18:33|--a------|142279] - E:\hexsoundapowaa.gif [04/05/2009 22:41|--a------|1746] - E:\HijackThis.lnk [25/04/2009 11:03|--a------|815] - E:\Internet Explorer.lnk [25/04/2009 10:47|--a------|340] - E:\InternetInfo.txt [06/12/2008 20:00|--a------|734613504] - E:\Iron.Man.[2008.French].DVDRip.DivX-LTT.avi [01/10/2008 19:33|--a------|735358976] - E:\John Rambo.avi [17/11/2008 18:24|--a------|731889664] - E:\Jurassic Park 1.avi [18/11/2008 19:34|--a------|736143360] - E:\Jurassic park 2 Le monde perdu.avi [02/11/2008 12:46|--a------|734676992] - E:\Jurassic Park 3 .avi [03/05/2009 23:26|--a------|733698048] - E:\Knowing.TS.(mVs).FRENCH.MD.DivX.KiNG.avi [25/04/2009 15:34|--a------|3396] - E:\KXKZBCAU9VHY2CA.jpg [02/12/2008 20:00|--a------|720832628] - E:\La Haine.avi [27/11/2008 02:01|--a------|717856768] - E:\Le.Transporteur.3.TRUEFRENCH.XviD.MD.TS.KiNG.of.RLZ.Upload.(Steph53).Minino va.org..avi [01/05/2009 17:23|--a------|27690] - E:\Leo-Messi.jpg [01/05/2009 17:22|--a------|23037] - E:\LeoMessi-Botas.jpg [01/05/2009 17:25|--a------|39543] - E:\LionelMessi.jpg [29/04/2009 11:18|--a------|23750] - E:\ludacris.jpg [29/04/2009 11:40|--a------|3480105] - E:\Ludacris_-_Drinkin_&_Drivin.mp3 [05/05/2009 14:36|--a------|696] - E:\Malwarebytes' Anti-Malware.lnk [01/05/2009 17:25|--a------|126673] - E:\messi-pes20091.jpg [01/05/2009 17:24|--a------|122155] - E:\Messi_DerbyVirtual_Juegos.jpg [25/04/2009 22:49|--a------|666] - E:\Mumble.lnk [03/08/2004 22:38|-rahs----|47564] - E:\NTDETECT.COM [28/08/2008 17:05|-rahs----|252240] - E:\ntldr [06/07/2008 16:19|--a------|718] - E:\PhotoFiltre.lnk [24/02/2009 14:50|--a------|738172928] - E:\RAP_GAME_FRENCH_DVDRIP.[eMule-Box.com].avi [28/12/2008 11:41|--a------|18011] - E:\red hat.png [29/04/2009 11:30|--a------|3445270] - E:\Rick_Ross-Everything_You_Want_f._Usher.mp3 [05/05/2009 16:22|--a------|174304] - E:\sshot-1-9.jpg [05/05/2009 18:11|--a------|2151] - E:\Steam.lnk [25/04/2009 22:48|--a------|677] - E:\Teamspeak RC2.lnk [26/04/2009 22:31|--a------|3932214] - E:\thorn1280_1024.bmp [05/05/2009 18:22|--ahs----|647168] - E:\Thumbs.db [30/04/2009 22:53|--a------|1633] - E:\TuneUp Maintenance en 1 clic.lnk [30/04/2009 22:53|--a------|837] - E:\TuneUp Utilities 2009.lnk [01/05/2009 17:23|--a------|148381] - E:\vapor113da.jpg [25/04/2009 10:46|--a------|786] - E:\WiFiSettings.txt [25/04/2009 10:59|--a------|1753] - E:\Windows Live Messenger .lnk [29/04/2009 23:09|--a------|733413376] - E:\X-Men.Origins.Wolverine.2009.FRENCH.WORKPRiNT.MD.XViD-XMEN.avi ################## [ Vaccination ] # C:\autorun.inf -> Folder created by UsbFix. # D:\autorun.inf -> Folder created by UsbFix. # E:\autorun.inf -> Folder created by UsbFix. ################## [ Cracks / Keygens / Serials ] # -> Nothing found ! ################## [ ! Fin du rapport # UsbFix V3.016 ! ] Le fameux carrer blanc a disparu merci beaucoup
-
stp ############################## [ UsbFix V3.016 # Scan ] # User : renaud () # XPSP3 # Update on 02/05/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 17:47:16 | 5/05/2009 # AMD Athlon 64 X2 Dual Core Processor 4400+ # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Disabled # AV : BitDefender Antivirus 12.0 [ (!) Disabled | (!) Outdated ] # AV : AntiVir Desktop 9.0.1.26 [ (!) Disabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 39,99 Go (32,9 Go free) # NTFS # D:\ # Disque fixe local # 36,33 Go (36,27 Go free) [disque local] # NTFS # E:\ # Disque fixe local # 232,88 Go (208,7 Go free) # NTFS # F:\ # Disque CD-ROM # G:\ # Disque amovible ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## [ Registre # Startup ] HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm" HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" HKCU_Main: "Start Page"="http://www.google.be/" HKCU_Main: "Start Page Redirect Cache_TIMESTAMP"=hex:8e,b7,f8,1a,89,c5,c9,01 HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," HKLM_logon: "DefaultUserName"="XPSP3" HKLM_logon: "AltDefaultUserName"="renaud" HKLM_Run: NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM_Run: DeathAdder=C:\Program Files\Razer\DeathAdder\razerhid.exe HKLM_Run: avgnt="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min HKLM_Run: P17Helper=Rundll32 P17.dll,P17Helper HKLM_Run: CTSysVol=C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU_Run: Creative MediaSource Go=C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB ################## [ Informations ] ################## [ Fichiers # Dossiers infectieux ] Found ! C:\WINDOWS\system32\tmp.txt ################## [ Registre # Clés Run infectieuses ] ################## [ Registre # Mountpoints2 ] HKCU\Software\Microsoft\....\MountPoints2\{175d5218-2774-11de-b384-001109ddc2f2}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{175d5219-2774-11de-b384-001109ddc2f2}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{56572926-ff92-11dd-b34e-001109ddc2f2}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{8753cc6e-3d1f-11dc-a337-0040f4ea868e}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{960ca276-d9a9-11dd-9c2d-001109ddc2f2}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{960ca27b-d9a9-11dd-9c2d-001109ddc2f2}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{960ca27c-d9a9-11dd-9c2d-001109ddc2f2}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{b524274c-0fec-11de-b35f-001109ddc2f2}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{b71e3e11-41ed-11dd-8c7a-806d6172696f}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{d19fab24-3d2b-11dc-8dde-0040f4ea868e}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{dc5f8c8f-245e-11de-b37a-001109ddc2f2}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{e681bea3-35c8-11de-b3c1-001109ddc2f2}\Shell\AutoRun\command ################## [ ! Fin du rapport # UsbFix V3.016 ! ]
-
voila stp Apollo -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4400+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : renaud ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.26 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:31 Go) D:\ (Local Disk) - NTFS - Total:36 Go (Free:36 Go) E:\ (Local Disk) - NTFS - Total:232 Go (Free:208 Go) F:\ (CD or DVD) G:\ (USB) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( mar. 05/05/2009|16:12 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Search Page"="http://www.skynet.be/search" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.msn.com/" "Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" --------------------\\ Recherche d'autres infections --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV] --------------------\\ Cracks & Keygens .. 1 - "C:\ToolBar SD\TB_7.txt" - mar. 05/05/2009|16:13 - Option : [1] -----------\\ Fin du rapport a 16:13:27,10
-
stp Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2077 Windows 5.1.2600 Service Pack 3 5/05/2009 15:43:57 mbam-log-2009-05-05 (15-43-57).txt Type de recherche: Examen complet (A:\|C:\|D:\|E:\|G:\|) Eléments examinés: 139795 Temps écoulé: 32 minute(s), 36 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 4 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7fbb2d91-9964-4196-bac5-d5e751762ec3} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\antivirus 2008 (Rogue.Antivirus2008) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\renaud\Application Data\TmpRecentIcons\Antivirus-2008.lnk (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\renaud\Application Data\TmpRecentIcons\Vista Antivirus 2008.lnk (Rogue.Link) -> Quarantined and deleted successfully. et stp Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:51:34, on 5/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe C:\Program Files\Razer\DeathAdder\razertra.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.skynet.be/search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O8 - Extra context menu item: Download with ImTOO Download YouTube Video - C:\Program Files\ImTOO\Download YouTube Video\upod_link.HTM O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_1_2_1.cab O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 8194 bytes
-
j'ai desactiver le teatimer de spybot j'ai cocher les lignes a supprimer dans hijacthis mais celle si revient a chaque fois O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing) les rapport de ne sont pas reelement les 1er et 2em j'ai eté distrait rapport toolbar s&d -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4400+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : renaud ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.26 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:30 Go) D:\ (Local Disk) - NTFS - Total:36 Go (Free:36 Go) E:\ (Local Disk) - NTFS - Total:232 Go (Free:208 Go) F:\ (CD or DVD) G:\ (USB) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( mar. 05/05/2009|14:11 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/"'>http://www.google.be/" "Search Page"="http://www.skynet.be/search"'>http://www.skynet.be/search" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.msn.com/"'>http://www.msn.com/" "Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"'>http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" --------------------\\ Recherche d'autres infections --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV] --------------------\\ Cracks & Keygens .. 1 - "C:\ToolBar SD\TB_5.txt" - mar. 05/05/2009|14:11 - Option : [1] -----------\\ Fin du rapport a 14:11:29,12 le 2eme -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4400+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : renaud ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.26 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:30 Go) D:\ (Local Disk) - NTFS - Total:36 Go (Free:36 Go) E:\ (Local Disk) - NTFS - Total:232 Go (Free:208 Go) F:\ (CD or DVD) G:\ (USB) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( mar. 05/05/2009|14:12 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Search Page"="http://www.skynet.be/search" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.msn.com/" "Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" --------------------\\ Recherche d'autres infections --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV] --------------------\\ Cracks & Keygens .. 1 - "C:\ToolBar SD\TB_5.txt" - mar. 05/05/2009|14:11 - Option : [1] 2 - "C:\ToolBar SD\TB_6.txt" - mar. 05/05/2009|14:13 - Option : [2] -----------\\ Fin du rapport a 14:13:18,68 rapport hijacthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:19:03, on 5/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe C:\Program Files\Razer\DeathAdder\razertra.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\Program Files\Mumble\dbus-daemon.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.skynet.be/search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O8 - Extra context menu item: Download with ImTOO Download YouTube Video - C:\Program Files\ImTOO\Download YouTube Video\upod_link.HTM O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_1_2_1.cab O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 8182 bytes voila merci pour votre aide
-
Bonjour , depuis peut j'ai un carrer blanc invirable qui c'est installer en haut de mon ecran j'ai essayer tout les moyens pour l'enlever mais sans succes merci de m'aider http://img5.imageshack.us/my.php?image=sanstitre1oxf.png rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:37:21, on 5/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe C:\Program Files\Razer\DeathAdder\razertra.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mumble\dbus-daemon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.skynet.be/search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file) O2 - BHO: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O8 - Extra context menu item: Download with ImTOO Download YouTube Video - C:\Program Files\ImTOO\Download YouTube Video\upod_link.HTM O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_1_2_1.cab O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 8986 bytes