Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[résolu]Rapport Hijackthis.

Forester

Par Forester
dans Analyses et éradication malwares

 Partager

Messages recommandés

Forester Full Patch Member

Forester

Posté(e)
Posté(e)

Bonjour,

 

Je tente de réparer, du moins de trouver ce qui va pas sur un portable.

J'ai fait la procédure habituelle, Ccleaner, Spybot, Antivir, a-squared et tout le reste. J'ai donc réussi à bien le nettoyer et virer pas mal de salopries ( excuser moi du terme) mais des problèmes persistent dont :

 

Pubs intempestives sous internet explorer et firefox.

 

Je poste donc un rapport Hijackthis après avoir réinstaller firefox et ajouter un anti-pop-up pour firefox ( toujours des pubs qui apparaissent)

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\ICO.EXE

C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll

O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar1.01.2607.0\fr\msntb.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"

O4 - HKLM\..\Run: [sonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [Owns Ping Ante Admin] C:\Documents and Settings\All Users\Application Data\Ball mapi owns ping\Gram Lies.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [road draw] C:\DOCUME~1\MORGAN~1\APPLIC~1\FORDER~1\DVD OPTION START.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Bluetooth Manager.lnk = ?

O8 - Extra context menu item: Ajouter un site de support RSS à VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe

O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

End of file - 14088 bytes

 

 

Voilà, vous avez le rapport. J'ai également été sur le site Hijackthis :

 

http://www.hijackthis.de/fr#anl

 

A vous :P

 

Merci d'avance à l'équipe sécurité.

cauxboy Power Member

cauxboy

Posté(e)
Posté(e) (modifié)

Salut Forester,

 

Bon je vois quelques choses qui me dit que tu utilises ou a utiliser Rippack ou quelques choses comme ca .(Mogan streamer"

Relance un hijackthis par contre quel est ta version ?

la derniere est a télécharger ici

Une fois HJT lancer fais un scan

 

sélectionne la ligne suivante :

O4 - HKCU\..\Run: [road draw] C:\DOCUME~1\MORGAN~1\APPLIC~1\FORDER~1\DVD OPTION START.exe

O4 - HKLM\..\Run: [Owns Ping Ante Admin] C:\Documents and Settings\All Users\Application Data\Ball mapi owns ping\Gram Lies.exe

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

 

Logiquement tu coches les éléments puis tu cliques sur le bouton "fix checked"

 

Ensuite tu télécharges VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

 

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

 

Télécharge combofix.exe

(par sUBs) et sauvegarde le sur ton bureau.

Double-clique combofix.exe afin de l'exécuter et suis les instructions.

Lorsque l'analyse sera complétée, un rapport apparaîtra.

Copie et colle le rapport completement car il manque le début dans ta prochaine réponse.

 

Si tu as Spybot Search and destroy. Met le a jour et lance un scan complet mais il n'apparait pas dans le rapport donc tu ne l'as pas. Cet utilitaire est pas mal pour virer les malware, spyware,.... donc tu veux tu peux te l'installer et en plus il controle si la base de registre est modifié alors que tu n'installe rien.

 

Ensuite va sur ce site télécharge lop_S&D.exe et lance les options 1 et 2

DSL pour la double entrée avec Angélique mais il a répondu plus rapidement et en même temps que moi

 

Relance un nouveau rapport HijackThis! et poste le a nouveau dans ta prochaine réponse

 

 

Tiens moi au courant.

Modifié par cauxboy
Forester Full Patch Member

Forester

Posté(e)
  • Auteur
Posté(e)

Bonjour à vous deux,

 

Merci pour les réponses.

J'ai vérifié, j'ai bien la dernière version de Hijackthis. J'ai refait un scan et j'ai fait "fix checked" pour les lignes indiquées.

Ensuite, j'ai téléchargé Vundo et j'ai fait le scan, il n'a détecté aucun fichier suspect donc je l'ai supprimé.

Je vous mets le rapport de Cumbofix :

 

ComboFix 08-02-22.3 - morgane corbel 2008-02-22 3:54:27.1 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.393 [GMT -12:00]

Endroit: C:\Documents and Settings\morgane corbel\Bureau\ComboFix.exe

* Création d'un nouveau point de restauration

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

((((((((((((((((((((((((((((( Fichiers créés 2008-01-22 to 2008-02-22 ))))))))))))))))))))))))))))))))))))

.

 

2008-02-22 03:43 . 2008-02-22 03:43 <REP> d-------- C:\VundoFix Backups

2008-02-22 00:51 . 2008-02-22 00:51 <REP> d-------- C:\Program Files\Trend Micro

2008-02-16 16:41 . 2008-02-16 16:41 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-02-16 16:41 . 2008-02-16 16:41 1,409 --a------ C:\WINDOWS\QTFont.for

2008-02-15 21:02 . 2008-02-15 21:02 <REP> d-------- C:\Program Files\Ford Error Hide

2008-02-13 09:29 . 2008-02-13 09:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!

2008-02-13 08:29 . 2008-02-13 08:29 <REP> d-------- C:\Program Files\Windows Live

2008-02-13 08:29 . 2008-02-13 08:29 <REP> d-------- C:\Program Files\Messenger Plus! Live

2008-02-12 23:35 . 2008-02-13 00:31 <REP> d-------- C:\Program Files\a-squared Free

2008-02-12 23:30 . 2008-02-12 23:33 <REP> d-------- C:\Program Files\a-squared Anti-Malware

2008-02-12 21:25 . 2008-02-12 21:25 <REP> d-------- C:\Program Files\CCleaner

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-02-22 15:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-02-22 15:05 --------- d-----w C:\Program Files\Symantec AntiVirus

2008-02-16 09:12 --------- d-----w C:\Program Files\LimeWire

2008-02-16 09:02 --------- d-----w C:\Documents and Settings\morgane corbel\Application Data\Ford Error Hide

2008-02-16 09:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ball mapi owns ping

2008-02-13 20:29 --------- d-----w C:\Program Files\MSN Messenger

2008-02-13 12:19 --------- d-----w C:\Program Files\Google

2008-02-13 10:21 --------- d-----w C:\Documents and Settings\morgane corbel\Application Data\Lavasoft

2008-02-13 10:20 --------- d-----w C:\Program Files\Yahoo!

2008-01-27 18:01 --------- d-----w C:\Documents and Settings\morgane corbel\Application Data\LimeWire

2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll

2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll

2007-04-16 02:19 0 -c--a-w C:\Documents and Settings\morgane corbel\Application Data\wklnhst.dat

2006-11-30 12:26 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 00:00 15360]

"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-13 00:19 68856]

"road draw"="C:\DOCUME~1\MORGAN~1\APPLIC~1\FORDER~1\DVD OPTION START.exe" [2008-02-15 21:02 414720]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-07 13:50 7561216]

"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-11-16 23:47 118784]

"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-04 23:34 64512]

"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 02:46 45056 C:\WINDOWS\system32\ico.exe]

"VAIOCameraUtility"="C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-26 23:58 69632]

"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2006-06-27 04:24 217088]

"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 00:12 32768]

"Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-13 22:11 176128]

"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-11 07:36 151552]

"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-03-31 15:38 66656]

"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2004-08-03 04:55 124152]

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]

"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-10 00:00 110592 C:\WINDOWS\system32\bthprops.cpl]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 00:00 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

VESWinlogon.dll 2006-03-09 00:51 73728 C:\WINDOWS\system32\VESWinlogon.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"= %windir%\\system32\\sessmgr.exe:@xpsp2res.dll,-22019

"C:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"= %windir%\\Network Diagnostic\\xpnetdiag.exe:@xpsp3res.dll,-20000

"C:\\Program Files\\LimeWire\\LimeWire.exe"=

"C:\\Documents and Settings\\morgane corbel\\Local Settings\\Temporary Internet Files\\Content.IE5\\15ODBH0N\\installer-9093-17-Nero-7-7-5-9-0-French[1].exe"=

"C:\\Documents and Settings\\morgane corbel\\Local Settings\\Temporary Internet Files\\Content.IE5\\2EHG94OW\\installer-11283-17-Nero-7-7-7-5-1-French[1].exe"=

"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"C:\\Program Files\\MSN Messenger\\livecall.exe"=

 

R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 03:55]

R3 SonyImgF;Sony Image Conversion Filter Driver;C:\WINDOWS\system32\DRIVERS\SonyImgF.sys [2006-03-05 21:39]

R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2006-02-20 21:32]

S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-14 05:10]

S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 03:23]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b215a50-e158-11dc-a275-000b0d0b6f27}]

\Shell\AutoRun\command - G:\setupSNK.exe

 

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-02-22 13:00:00 C:\WINDOWS\Tasks\AFBAAA3891855A4C.job"

- c:\docume~1\morgan~1\applic~1\forder~1\32locksmfcd.exe

"2007-12-22 08:36:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-02-22 03:56:53

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

Temps d'accomplissement: 2008-02-22 3:57:35

.

2008-02-13 10:48:17 --- E O F ---

 

 

Pour spybot, ce n'est pas mon portable donc il n'y ai pas installé mais je l'avais mis pour faire la désinfection, il n'avait rien trouvé contrairement à a-squared ( en scan lent) qui avait supprimé des dizaines de fichiers.

Je ne sais pas ce qu'est Rippack :P

 

Voila le rapport fait avec le dernier outil : LOP S and D :

 

-----------------------------[ Lop S&D 2.3.7 ]---------------------------

 

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

[ USER : morgane corbel ] [ "C:\Program Files\Lop SD" ]

[ 22/02/2008 | 4:06:36,28 ] [ PC : MORGANE ]

[ MAJ : 21-02-2008 | 22:45 ]

 

-------------[ Listing des dossiers dans Application Data ]------------

 

[31/08/2006|16:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\.

[31/08/2006|16:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\..

[31/08/2006|17:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe

[26/07/2006|22:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini

[27/07/2006|03:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google

[26/07/2006|21:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[27/07/2006|19:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[31/08/2006|16:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony Corporation

 

[13/02/2008|09:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.

[13/02/2008|09:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..

[30/11/2006|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems

[31/08/2006|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[30/11/2006|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems

[05/04/2007|07:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[15/02/2008|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ball mapi owns ping

[03/07/2007|07:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth

[23/06/2007|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ

[26/07/2006|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[13/02/2008|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[06/04/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP

[06/04/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log

[27/07/2006|00:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel

[13/02/2008|09:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[12/02/2008|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[25/10/2007|06:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft

[01/09/2007|07:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype

[31/08/2006|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation

[22/02/2008|03:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[25/10/2007|06:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir

[23/06/2007|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard

[04/04/2007|10:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[31/08/2006|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VAIO Media Platform

[04/04/2007|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[14/11/2007|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

 

[31/08/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.

[31/08/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..

[31/08/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe

[26/07/2006|22:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[27/07/2006|03:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Google

[26/07/2006|21:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[27/07/2006|19:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[31/08/2006|16:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sony Corporation

 

[10/05/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[10/05/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\..

[10/05/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia

[11/11/2007|13:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[04/04/2007|10:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\sony

 

[22/02/2008|03:37] C:\DOCUME~1\MORGAN~1\APPLIC~1\.

[22/02/2008|03:37] C:\DOCUME~1\MORGAN~1\APPLIC~1\..

[30/11/2006|02:37] C:\DOCUME~1\MORGAN~1\APPLIC~1\ACD Systems

[30/10/2007|10:15] C:\DOCUME~1\MORGAN~1\APPLIC~1\Adobe

[29/04/2007|11:55] C:\DOCUME~1\MORGAN~1\APPLIC~1\AdobeUM

[07/04/2007|19:38] C:\DOCUME~1\MORGAN~1\APPLIC~1\Ahead

[05/04/2007|11:16] C:\DOCUME~1\MORGAN~1\APPLIC~1\Apple Computer

[26/07/2006|22:54] C:\DOCUME~1\MORGAN~1\APPLIC~1\desktop.ini

[15/02/2008|21:02] C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide

[05/04/2007|11:11] C:\DOCUME~1\MORGAN~1\APPLIC~1\Google

[22/10/2007|20:17] C:\DOCUME~1\MORGAN~1\APPLIC~1\HP

[26/07/2006|21:05] C:\DOCUME~1\MORGAN~1\APPLIC~1\Identities

[06/04/2007|12:13] C:\DOCUME~1\MORGAN~1\APPLIC~1\Image Zone Express

[19/05/2007|18:21] C:\DOCUME~1\MORGAN~1\APPLIC~1\InterVideo

[12/02/2008|22:21] C:\DOCUME~1\MORGAN~1\APPLIC~1\Lavasoft

[27/01/2008|06:01] C:\DOCUME~1\MORGAN~1\APPLIC~1\LimeWire

[22/11/2006|11:49] C:\DOCUME~1\MORGAN~1\APPLIC~1\Macromedia

[17/02/2008|18:08] C:\DOCUME~1\MORGAN~1\APPLIC~1\Microsoft

[22/11/2007|10:34] C:\DOCUME~1\MORGAN~1\APPLIC~1\Mozilla

[26/01/2007|06:17] C:\DOCUME~1\MORGAN~1\APPLIC~1\Pixela

[23/06/2007|17:52] C:\DOCUME~1\MORGAN~1\APPLIC~1\ScanSoft

[01/09/2007|10:31] C:\DOCUME~1\MORGAN~1\APPLIC~1\Skype

[22/11/2006|11:49] C:\DOCUME~1\MORGAN~1\APPLIC~1\sony

[04/04/2007|10:59] C:\DOCUME~1\MORGAN~1\APPLIC~1\Sony Corporation

[04/04/2007|10:40] C:\DOCUME~1\MORGAN~1\APPLIC~1\Symantec

[22/11/2007|10:34] C:\DOCUME~1\MORGAN~1\APPLIC~1\Talkback

[15/04/2007|14:20] C:\DOCUME~1\MORGAN~1\APPLIC~1\Template

[05/04/2007|05:45] C:\DOCUME~1\MORGAN~1\APPLIC~1\vlc

[22/02/2008|03:37] C:\DOCUME~1\MORGAN~1\APPLIC~1\WinRAR

[15/04/2007|14:19] C:\DOCUME~1\MORGAN~1\APPLIC~1\wklnhst.dat

 

[26/07/2006|21:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[26/07/2006|21:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\..

[26/07/2006|21:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

 

[22/02/2008 04:00][--ah-----] C:\WINDOWS\tasks\AFBAAA3891855A4C.job [--282--]

[21/12/2007 20:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]

[22/02/2008 03:04][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]

[10/08/2004 00:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]

 

---------------[ Listing des dossiers dans C:\Program Files ]--------------

 

[22/02/2008|04:06] C:\Program Files\.

[22/02/2008|04:06] C:\Program Files\..

[30/11/2006|02:17] C:\Program Files\ACD Systems

[30/11/2006|00:04] C:\Program Files\Adobe

[06/04/2007|11:45] C:\Program Files\Ahead

[26/07/2006|22:56] C:\Program Files\Apoint

[05/04/2007|07:19] C:\Program Files\Apple Software Update

[23/06/2007|17:49] C:\Program Files\ArcSoft

[12/02/2008|23:33] C:\Program Files\a-squared Anti-Malware

[13/02/2008|00:31] C:\Program Files\a-squared Free

[12/04/2007|18:31] C:\Program Files\Audacity

[23/06/2007|17:48] C:\Program Files\Canon

[12/02/2008|21:25] C:\Program Files\CCleaner

[05/02/2007|12:46] C:\Program Files\CDBurnerXP Pro 3

[26/07/2006|21:00] C:\Program Files\ComPlus Applications

[26/07/2006|21:59] C:\Program Files\CONEXANT

[27/04/2007|11:13] C:\Program Files\Desktop Architect

[18/04/2007|16:44] C:\Program Files\Elaborate Bytes

[14/11/2007|11:45] C:\Program Files\Fichiers communs

[15/02/2008|21:02] C:\Program Files\Ford Error Hide

[27/07/2006|03:32] C:\Program Files\GDS

[13/02/2008|00:19] C:\Program Files\Google

[27/07/2006|03:32] C:\Program Files\Google BAE

[06/04/2007|11:57] C:\Program Files\Hewlett-Packard

[06/04/2007|12:01] C:\Program Files\HP

[23/06/2007|17:49] C:\Program Files\InstallShield Installation Information

[27/07/2006|00:56] C:\Program Files\Intel

[12/02/2008|22:45] C:\Program Files\Internet Explorer

[27/07/2006|03:31] C:\Program Files\InterVideo

[30/11/2006|00:23] C:\Program Files\Inventel

[31/08/2006|16:52] C:\Program Files\ISP

[03/07/2007|07:08] C:\Program Files\IVT Corporation

[27/07/2006|03:20] C:\Program Files\Java

[15/02/2008|21:12] C:\Program Files\LimeWire

[22/02/2008|04:06] C:\Program Files\Lop SD

[26/07/2006|21:45] C:\Program Files\Messenger

[13/02/2008|08:29] C:\Program Files\Messenger Plus! Live

[14/11/2007|18:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[26/07/2006|21:05] C:\Program Files\microsoft frontpage

[03/11/2007|21:01] C:\Program Files\Microsoft Office

[31/08/2006|16:57] C:\Program Files\Microsoft SQL Server

[25/10/2007|10:44] C:\Program Files\Microsoft Works

[03/11/2007|20:59] C:\Program Files\Microsoft.NET

[26/09/2007|18:08] C:\Program Files\Movie Maker

[22/02/2008|03:48] C:\Program Files\Mozilla Firefox

[02/12/2006|10:14] C:\Program Files\MSN

[26/07/2006|20:59] C:\Program Files\MSN Gaming Zone

[13/02/2008|08:29] C:\Program Files\MSN Messenger

[05/04/2007|07:05] C:\Program Files\MSN Toolbar

[04/04/2007|11:38] C:\Program Files\MSXML 4.0

[26/07/2006|21:02] C:\Program Files\NetMeeting

[26/07/2006|21:00] C:\Program Files\Online Services

[12/02/2008|23:05] C:\Program Files\Outlook Express

[26/10/2007|07:18] C:\Program Files\PhotoFiltre

[30/11/2006|00:13] C:\Program Files\Picasa2

[26/01/2007|06:05] C:\Program Files\PIXELA

[05/04/2007|07:19] C:\Program Files\QuickTime

[21/11/2006|06:31] C:\Program Files\Raccourcis de programmes

[31/08/2006|16:52] C:\Program Files\Roxio

[23/06/2007|17:52] C:\Program Files\ScanSoft

[26/07/2006|21:02] C:\Program Files\Services en ligne

[27/07/2006|00:18] C:\Program Files\SigmaTel

[31/08/2006|16:54] C:\Program Files\Skype

[22/11/2006|11:47] C:\Program Files\Sony

[22/11/2007|01:22] C:\Program Files\Spybot - Search & Destroy

[05/04/2007|05:39] C:\Program Files\SuperCopier

[05/04/2007|05:39] C:\Program Files\SuperCopier2

[04/04/2007|10:45] C:\Program Files\Symantec

[22/02/2008|03:05] C:\Program Files\Symantec AntiVirus

[31/08/2006|16:50] C:\Program Files\Toshiba

[22/02/2008|00:51] C:\Program Files\Trend Micro

[31/08/2006|16:57] C:\Program Files\Uninstall Information

[05/04/2007|05:43] C:\Program Files\VideoLAN

[04/04/2007|10:59] C:\Program Files\Wanadoo

[13/02/2008|08:29] C:\Program Files\Windows Live

[11/11/2007|13:25] C:\Program Files\Windows Media Connect 2

[12/02/2008|23:05] C:\Program Files\Windows Media Player

[26/07/2006|20:59] C:\Program Files\Windows NT

[26/07/2006|21:00] C:\Program Files\Windows Plus

[26/07/2006|21:02] C:\Program Files\WindowsUpdate

[22/02/2008|03:36] C:\Program Files\WinRAR

[26/07/2006|21:05] C:\Program Files\xerox

[12/02/2008|22:20] C:\Program Files\Yahoo!

 

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

 

[14/11/2007|11:45] C:\Program Files\Fichiers communs\.

[14/11/2007|11:45] C:\Program Files\Fichiers communs\..

[30/11/2006|02:17] C:\Program Files\Fichiers communs\ACD Systems

[30/11/2006|00:00] C:\Program Files\Fichiers communs\Adobe

[30/11/2006|00:02] C:\Program Files\Fichiers communs\Adobe Systems Shared

[06/04/2007|11:22] C:\Program Files\Fichiers communs\Ahead

[30/11/2006|01:39] C:\Program Files\Fichiers communs\Canon

[03/11/2007|21:01] C:\Program Files\Fichiers communs\DESIGNER

[30/11/2006|00:26] C:\Program Files\Fichiers communs\FDEUnInstaller.exe

[06/04/2007|11:59] C:\Program Files\Fichiers communs\HP

[27/07/2006|03:31] C:\Program Files\Fichiers communs\InstallShield

[27/07/2006|03:32] C:\Program Files\Fichiers communs\InterVideo

[27/07/2006|03:19] C:\Program Files\Fichiers communs\Java

[14/11/2007|11:58] C:\Program Files\Fichiers communs\Microsoft Shared

[26/07/2006|21:02] C:\Program Files\Fichiers communs\MSSoap

[06/04/2007|12:06] C:\Program Files\Fichiers communs\Nero

[26/07/2006|22:54] C:\Program Files\Fichiers communs\ODBC

[23/06/2007|17:52] C:\Program Files\Fichiers communs\ScanSoft Shared

[26/07/2006|21:02] C:\Program Files\Fichiers communs\Services

[31/08/2006|16:58] C:\Program Files\Fichiers communs\Sony Shared

[26/07/2006|22:54] C:\Program Files\Fichiers communs\SpeechEngines

[22/11/2006|11:49] C:\Program Files\Fichiers communs\SWF Studio

[04/04/2007|10:47] C:\Program Files\Fichiers communs\Symantec Shared

[03/11/2007|21:01] C:\Program Files\Fichiers communs\System

[14/11/2007|11:57] C:\Program Files\Fichiers communs\WindowsLiveInstaller

 

----------------------[ Recherche avec S_Lop ]---------------------

 

Aucun fichier / dossier Lop trouvé !

 

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

 

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\32locksmfcd.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\cibovrrt.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\cjjiuupx.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\DVD OPTION START.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\fmevkdxh.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\glgohfpj.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\nawwclde.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\oimbldex.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\osdcezsx.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\qcdanbtg.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\qpukomqt.exe

C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\recttypemapiooze.exe

C:\Program Files\Ford Error Hide

C:\WINDOWS\Tasks\AFBAAA3891855A4C.job

 

----------------------[ Verification du Registre ]----------------------

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

..... OK !

 

--------------------[ Verification du fichier Hosts ]---------------------

 

Fichier Hosts MODIFIE

 

127.0.0.1 bin.errorprotector.com ## added by CiD

127.0.0.1 br.errorsafe.com ## added by CiD

127.0.0.1 br.winantivirus.com ## added by CiD

127.0.0.1 br.winfixer.com ## added by CiD

127.0.0.1 cdn.drivecleaner.com ## added by CiD

127.0.0.1 cdn.errorsafe.com ## added by CiD

127.0.0.1 cdn.winsoftware.com ## added by CiD

127.0.0.1 de.errorsafe.com ## added by CiD

127.0.0.1 de.winantivirus.com ## added by CiD

127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

127.0.0.1 download.cdn.errorsafe.com ## added by CiD

127.0.0.1 download.cdn.winsoftware.com ## added by CiD

127.0.0.1 download.errorsafe.com ## added by CiD

127.0.0.1 download.systemdoctor.com ## added by CiD

127.0.0.1 download.winantispyware.com ## added by CiD

127.0.0.1 download.windrivecleaner.com ## added by CiD

127.0.0.1 download.winfixer.com ## added by CiD

127.0.0.1 drivecleaner.com ## added by CiD

127.0.0.1 dynamique.drivecleaner.com ## added by CiD

127.0.0.1 errorprotector.com ## added by CiD

127.0.0.1 errorsafe.com ## added by CiD

127.0.0.1 es.winantivirus.com ## added by CiD

127.0.0.1 fr.winantivirus.com ## added by CiD

127.0.0.1 fr.winfixer.com ## added by CiD

127.0.0.1 go.drivecleaner.com ## added by CiD

127.0.0.1 go.errorsafe.com ## added by CiD

127.0.0.1 go.winantispyware.com ## added by CiD

127.0.0.1 go.winantivirus.com ## added by CiD

127.0.0.1 hk.winantivirus.com ## added by CiD

127.0.0.1 instlog.errorsafe.com ## added by CiD

127.0.0.1 instlog.winantivirus.com ## added by CiD

127.0.0.1 instlog.winfixer.com ## added by CiD

127.0.0.1 jsp.drivecleaner.com ## added by CiD

127.0.0.1 kb.errorsafe.com ## added by CiD

127.0.0.1 kb.winantivirus.com ## added by CiD

127.0.0.1 nl.errorsafe.com ## added by CiD

127.0.0.1 se.errorsafe.com ## added by CiD

127.0.0.1 secure.drivecleaner.com ## added by CiD

127.0.0.1 secure.errorsafe.com ## added by CiD

127.0.0.1 secure.winantispam.com ## added by CiD

127.0.0.1 secure.winantispy.com ## added by CiD

127.0.0.1 secure.winantivirus.com ## added by CiD

127.0.0.1 support.winantivirus.com ## added by CiD

127.0.0.1 trial.updates.winsoftware.com ## added by CiD

127.0.0.1 ulog.winantivirus.com ## added by CiD

127.0.0.1 utils.errorsafe.com ## added by CiD

127.0.0.1 utils.winantivirus.com ## added by CiD

127.0.0.1 utils.winfixer.com ## added by CiD

127.0.0.1 winantispyware.com ## added by CiD

127.0.0.1 winantivirus.com ## added by CiD

127.0.0.1 winfixer.com ## added by CiD

127.0.0.1 winfixer2006.com ## added by CiD

127.0.0.1 winsoftware.com ## added by CiD

127.0.0.1 www.drivecleaner.com ## added by CiD

127.0.0.1 www.errorprotector.com ## added by CiD

127.0.0.1 www.errorsafe.com ## added by CiD

127.0.0.1 www.systemdoctor.com ## added by CiD

127.0.0.1 www.utils.winfixer.com ## added by CiD

127.0.0.1 www.win-anti-virus-pro.com ## added by CiD

127.0.0.1 www.win-virus-pro.com ## added by CiD

127.0.0.1 www.winantispam.com ## added by CiD

127.0.0.1 www.winantispy.com ## added by CiD

127.0.0.1 www.winantispyware.com ## added by CiD

127.0.0.1 www.winantivirus.com ## added by CiD

127.0.0.1 www.winantiviruspro.com ## added by CiD

127.0.0.1 www.windrivecleaner.com ## added by CiD

127.0.0.1 www.windrivesafe.com ## added by CiD

127.0.0.1 www.winfixer.com ## added by CiD

127.0.0.1 www.winfixer2006.com ## added by CiD

127.0.0.1 www.winsoftware.com ## added by CiD

 

-> 72 ( 70 ## added by CiD )

 

/!\ 1 Not 127.0.0.1 !!

 

----------------[ Recherche de fichiers avec Catchme ]-----------------

 

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-02-22 04:08:11

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden files ...

scan completed successfully

hidden files: 0

 

--------------------[ Recherche d'autres infections ]---------------------

 

Aucune autre infection trouvée !

 

/!\ [Fich:1][Doss:0] C:\DOCUME~1\MORGAN~1\LOCALS~1\Temp

/!\ [Fich:1][Doss:0] C:\DOCUME~1\MORGAN~1\Cookies

/!\ [Fich:1][Doss:0] C:\DOCUME~1\MORGAN~1\LOCALS~1\TEMPOR~1\content.IE5

 

--------------------[ Fin du rapport a 4:08:27,95 ]----------------------

 

Le log de suppression :

-----------------------------[ Lop S&D 2.3.7 ]---------------------------

 

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

[ USER : morgane corbel ] [ "C:\Program Files\Lop SD" ]

[ 22/02/2008 | 4:11:27,28 ] [ PC : MORGANE ]

[ MAJ : 21-02-2008 | 22:45 ]

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

 

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\32locksmfcd.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\cibovrrt.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\cjjiuupx.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\DVD OPTION START.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\fmevkdxh.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\glgohfpj.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\nawwclde.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\oimbldex.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\osdcezsx.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\qcdanbtg.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\qpukomqt.exe

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide\recttypemapiooze.exe

Supprimé! - C:\WINDOWS\Tasks\AFBAAA3891855A4C.job

Supprimé! - C:\DOCUME~1\MORGAN~1\APPLIC~1\Ford Error Hide

Supprimé! - C:\Program Files\Ford Error Hide

Restauré! - Fichier Hosts

 

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

-------------[ Listing des dossiers dans Application Data ]------------

 

[31/08/2006|16:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\.

[31/08/2006|16:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\..

[31/08/2006|17:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe

[26/07/2006|22:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini

[27/07/2006|03:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google

[26/07/2006|21:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[27/07/2006|19:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[31/08/2006|16:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony Corporation

 

[13/02/2008|09:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.

[13/02/2008|09:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..

[30/11/2006|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems

[31/08/2006|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[30/11/2006|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems

[05/04/2007|07:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[15/02/2008|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ball mapi owns ping

[03/07/2007|07:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth

[23/06/2007|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ

[26/07/2006|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[13/02/2008|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[06/04/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP

[06/04/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log

[27/07/2006|00:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel

[13/02/2008|09:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[12/02/2008|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[25/10/2007|06:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft

[01/09/2007|07:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype

[31/08/2006|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation

[22/02/2008|03:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[25/10/2007|06:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir

[23/06/2007|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard

[04/04/2007|10:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[31/08/2006|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VAIO Media Platform

[04/04/2007|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[14/11/2007|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

 

[31/08/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.

[31/08/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..

[31/08/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe

[26/07/2006|22:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[27/07/2006|03:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Google

[26/07/2006|21:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[27/07/2006|19:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[31/08/2006|16:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sony Corporation

 

[10/05/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[10/05/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\..

[10/05/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia

[11/11/2007|13:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[04/04/2007|10:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\sony

 

[22/02/2008|04:11] C:\DOCUME~1\MORGAN~1\APPLIC~1\.

[22/02/2008|04:11] C:\DOCUME~1\MORGAN~1\APPLIC~1\..

[30/11/2006|02:37] C:\DOCUME~1\MORGAN~1\APPLIC~1\ACD Systems

[30/10/2007|10:15] C:\DOCUME~1\MORGAN~1\APPLIC~1\Adobe

[29/04/2007|11:55] C:\DOCUME~1\MORGAN~1\APPLIC~1\AdobeUM

[07/04/2007|19:38] C:\DOCUME~1\MORGAN~1\APPLIC~1\Ahead

[05/04/2007|11:16] C:\DOCUME~1\MORGAN~1\APPLIC~1\Apple Computer

[26/07/2006|22:54] C:\DOCUME~1\MORGAN~1\APPLIC~1\desktop.ini

[05/04/2007|11:11] C:\DOCUME~1\MORGAN~1\APPLIC~1\Google

[22/10/2007|20:17] C:\DOCUME~1\MORGAN~1\APPLIC~1\HP

[26/07/2006|21:05] C:\DOCUME~1\MORGAN~1\APPLIC~1\Identities

[06/04/2007|12:13] C:\DOCUME~1\MORGAN~1\APPLIC~1\Image Zone Express

[19/05/2007|18:21] C:\DOCUME~1\MORGAN~1\APPLIC~1\InterVideo

[12/02/2008|22:21] C:\DOCUME~1\MORGAN~1\APPLIC~1\Lavasoft

[27/01/2008|06:01] C:\DOCUME~1\MORGAN~1\APPLIC~1\LimeWire

[22/11/2006|11:49] C:\DOCUME~1\MORGAN~1\APPLIC~1\Macromedia

[17/02/2008|18:08] C:\DOCUME~1\MORGAN~1\APPLIC~1\Microsoft

[22/11/2007|10:34] C:\DOCUME~1\MORGAN~1\APPLIC~1\Mozilla

[26/01/2007|06:17] C:\DOCUME~1\MORGAN~1\APPLIC~1\Pixela

[23/06/2007|17:52] C:\DOCUME~1\MORGAN~1\APPLIC~1\ScanSoft

[01/09/2007|10:31] C:\DOCUME~1\MORGAN~1\APPLIC~1\Skype

[22/11/2006|11:49] C:\DOCUME~1\MORGAN~1\APPLIC~1\sony

[04/04/2007|10:59] C:\DOCUME~1\MORGAN~1\APPLIC~1\Sony Corporation

[04/04/2007|10:40] C:\DOCUME~1\MORGAN~1\APPLIC~1\Symantec

[22/11/2007|10:34] C:\DOCUME~1\MORGAN~1\APPLIC~1\Talkback

[15/04/2007|14:20] C:\DOCUME~1\MORGAN~1\APPLIC~1\Template

[05/04/2007|05:45] C:\DOCUME~1\MORGAN~1\APPLIC~1\vlc

[22/02/2008|03:37] C:\DOCUME~1\MORGAN~1\APPLIC~1\WinRAR

[15/04/2007|14:19] C:\DOCUME~1\MORGAN~1\APPLIC~1\wklnhst.dat

 

[26/07/2006|21:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[26/07/2006|21:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\..

[26/07/2006|21:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

 

[21/12/2007 20:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]

[22/02/2008 03:04][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]

[10/08/2004 00:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]

 

---------------[ Listing des dossiers dans C:\Program Files ]--------------

 

[22/02/2008|04:11] C:\Program Files\.

[22/02/2008|04:11] C:\Program Files\..

[30/11/2006|02:17] C:\Program Files\ACD Systems

[30/11/2006|00:04] C:\Program Files\Adobe

[06/04/2007|11:45] C:\Program Files\Ahead

[26/07/2006|22:56] C:\Program Files\Apoint

[05/04/2007|07:19] C:\Program Files\Apple Software Update

[23/06/2007|17:49] C:\Program Files\ArcSoft

[12/02/2008|23:33] C:\Program Files\a-squared Anti-Malware

[13/02/2008|00:31] C:\Program Files\a-squared Free

[12/04/2007|18:31] C:\Program Files\Audacity

[23/06/2007|17:48] C:\Program Files\Canon

[12/02/2008|21:25] C:\Program Files\CCleaner

[05/02/2007|12:46] C:\Program Files\CDBurnerXP Pro 3

[26/07/2006|21:00] C:\Program Files\ComPlus Applications

[26/07/2006|21:59] C:\Program Files\CONEXANT

[27/04/2007|11:13] C:\Program Files\Desktop Architect

[18/04/2007|16:44] C:\Program Files\Elaborate Bytes

[14/11/2007|11:45] C:\Program Files\Fichiers communs

[27/07/2006|03:32] C:\Program Files\GDS

[13/02/2008|00:19] C:\Program Files\Google

[27/07/2006|03:32] C:\Program Files\Google BAE

[06/04/2007|11:57] C:\Program Files\Hewlett-Packard

[06/04/2007|12:01] C:\Program Files\HP

[23/06/2007|17:49] C:\Program Files\InstallShield Installation Information

[27/07/2006|00:56] C:\Program Files\Intel

[12/02/2008|22:45] C:\Program Files\Internet Explorer

[27/07/2006|03:31] C:\Program Files\InterVideo

[30/11/2006|00:23] C:\Program Files\Inventel

[31/08/2006|16:52] C:\Program Files\ISP

[03/07/2007|07:08] C:\Program Files\IVT Corporation

[27/07/2006|03:20] C:\Program Files\Java

[15/02/2008|21:12] C:\Program Files\LimeWire

[22/02/2008|04:11] C:\Program Files\Lop SD

[26/07/2006|21:45] C:\Program Files\Messenger

[13/02/2008|08:29] C:\Program Files\Messenger Plus! Live

[14/11/2007|18:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[26/07/2006|21:05] C:\Program Files\microsoft frontpage

[03/11/2007|21:01] C:\Program Files\Microsoft Office

[31/08/2006|16:57] C:\Program Files\Microsoft SQL Server

[25/10/2007|10:44] C:\Program Files\Microsoft Works

[03/11/2007|20:59] C:\Program Files\Microsoft.NET

[26/09/2007|18:08] C:\Program Files\Movie Maker

[22/02/2008|03:48] C:\Program Files\Mozilla Firefox

[02/12/2006|10:14] C:\Program Files\MSN

[26/07/2006|20:59] C:\Program Files\MSN Gaming Zone

[13/02/2008|08:29] C:\Program Files\MSN Messenger

[05/04/2007|07:05] C:\Program Files\MSN Toolbar

[04/04/2007|11:38] C:\Program Files\MSXML 4.0

[26/07/2006|21:02] C:\Program Files\NetMeeting

[26/07/2006|21:00] C:\Program Files\Online Services

[12/02/2008|23:05] C:\Program Files\Outlook Express

[26/10/2007|07:18] C:\Program Files\PhotoFiltre

[30/11/2006|00:13] C:\Program Files\Picasa2

[26/01/2007|06:05] C:\Program Files\PIXELA

[05/04/2007|07:19] C:\Program Files\QuickTime

[21/11/2006|06:31] C:\Program Files\Raccourcis de programmes

[31/08/2006|16:52] C:\Program Files\Roxio

[23/06/2007|17:52] C:\Program Files\ScanSoft

[26/07/2006|21:02] C:\Program Files\Services en ligne

[27/07/2006|00:18] C:\Program Files\SigmaTel

[31/08/2006|16:54] C:\Program Files\Skype

[22/11/2006|11:47] C:\Program Files\Sony

[22/11/2007|01:22] C:\Program Files\Spybot - Search & Destroy

[05/04/2007|05:39] C:\Program Files\SuperCopier

[05/04/2007|05:39] C:\Program Files\SuperCopier2

[04/04/2007|10:45] C:\Program Files\Symantec

[22/02/2008|03:05] C:\Program Files\Symantec AntiVirus

[31/08/2006|16:50] C:\Program Files\Toshiba

[22/02/2008|00:51] C:\Program Files\Trend Micro

[31/08/2006|16:57] C:\Program Files\Uninstall Information

[05/04/2007|05:43] C:\Program Files\VideoLAN

[04/04/2007|10:59] C:\Program Files\Wanadoo

[13/02/2008|08:29] C:\Program Files\Windows Live

[11/11/2007|13:25] C:\Program Files\Windows Media Connect 2

[12/02/2008|23:05] C:\Program Files\Windows Media Player

[26/07/2006|20:59] C:\Program Files\Windows NT

[26/07/2006|21:00] C:\Program Files\Windows Plus

[26/07/2006|21:02] C:\Program Files\WindowsUpdate

[22/02/2008|03:36] C:\Program Files\WinRAR

[26/07/2006|21:05] C:\Program Files\xerox

[12/02/2008|22:20] C:\Program Files\Yahoo!

 

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

 

[14/11/2007|11:45] C:\Program Files\Fichiers communs\.

[14/11/2007|11:45] C:\Program Files\Fichiers communs\..

[30/11/2006|02:17] C:\Program Files\Fichiers communs\ACD Systems

[30/11/2006|00:00] C:\Program Files\Fichiers communs\Adobe

[30/11/2006|00:02] C:\Program Files\Fichiers communs\Adobe Systems Shared

[06/04/2007|11:22] C:\Program Files\Fichiers communs\Ahead

[30/11/2006|01:39] C:\Program Files\Fichiers communs\Canon

[03/11/2007|21:01] C:\Program Files\Fichiers communs\DESIGNER

[30/11/2006|00:26] C:\Program Files\Fichiers communs\FDEUnInstaller.exe

[06/04/2007|11:59] C:\Program Files\Fichiers communs\HP

[27/07/2006|03:31] C:\Program Files\Fichiers communs\InstallShield

[27/07/2006|03:32] C:\Program Files\Fichiers communs\InterVideo

[27/07/2006|03:19] C:\Program Files\Fichiers communs\Java

[14/11/2007|11:58] C:\Program Files\Fichiers communs\Microsoft Shared

[26/07/2006|21:02] C:\Program Files\Fichiers communs\MSSoap

[06/04/2007|12:06] C:\Program Files\Fichiers communs\Nero

[26/07/2006|22:54] C:\Program Files\Fichiers communs\ODBC

[23/06/2007|17:52] C:\Program Files\Fichiers communs\ScanSoft Shared

[26/07/2006|21:02] C:\Program Files\Fichiers communs\Services

[31/08/2006|16:58] C:\Program Files\Fichiers communs\Sony Shared

[26/07/2006|22:54] C:\Program Files\Fichiers communs\SpeechEngines

[22/11/2006|11:49] C:\Program Files\Fichiers communs\SWF Studio

[04/04/2007|10:47] C:\Program Files\Fichiers communs\Symantec Shared

[03/11/2007|21:01] C:\Program Files\Fichiers communs\System

[14/11/2007|11:57] C:\Program Files\Fichiers communs\WindowsLiveInstaller

 

----------------------[ Recherche avec S_Lop ]---------------------

 

Aucun fichier / dossier Lop trouvé !

 

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

 

Aucun fichier / dossier Lop trouvé !

 

----------------------[ Verification du Registre ]----------------------

 

..... OK !

 

--------------------[ Verification du fichier Hosts ]---------------------

 

Fichier Hosts PROPRE

 

 

----------------[ Recherche de fichiers avec Catchme ]-----------------

 

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-02-22 04:12:00

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden files ...

scan completed successfully

hidden files: 0

 

--------------------[ Recherche d'autres infections ]---------------------

 

Aucune autre infection trouvée !

 

/!\ [Fich:1][Doss:0] C:\DOCUME~1\MORGAN~1\Cookies

/!\ [Fich:2][Doss:0] C:\DOCUME~1\MORGAN~1\LOCALS~1\TEMPOR~1\content.IE5

 

--------------------[ Fin du rapport a 4:12:16,90 ]----------------------

 

LOG HIJACKTHIS POUR FINIR : (désolé pour tout ces logs)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 04:15:20, on 22/02/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\ICO.EXE

C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\morgane corbel\Bureau\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll

O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar1.01.2607.0\fr\msntb.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"

O4 - HKLM\..\Run: [sonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [road draw] C:\DOCUME~1\MORGAN~1\APPLIC~1\FORDER~1\DVD OPTION START.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Bluetooth Manager.lnk = ?

O8 - Extra context menu item: Ajouter un site de support RSS à VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe

O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

--

End of file - 13700 bytes

cauxboy Power Member

cauxboy

Posté(e)
Posté(e) (modifié)

Apparament l'entreé "DVD OPTION START.exe" est tojours présente.

Essaye de faire ce qui suit :

Demarre en mode sans échec.

Lance un hijackthis coche l'entrée comme precedemment et clique sur "Fix"

lance un ccleaner

Relance lop_S&D.exe et lance les options 1 et puis 2

supprime le répertoire C:\DOCUME~1\MORGAN~1\APPLIC~1\FORDER~1\

Rédamarre en mode normal et refait un HJT en postant le log.

 

TMAC de la suite

Modifié par cauxboy
Forester Full Patch Member

Forester

Posté(e)
  • Auteur
Posté(e)

J'ai effectué les opérations en mode sans échec sauf la suppression du répertoire, je sais pas comment faire ??!

J'ai passé un coup avec regseeker, j'ai supprimé les entrées invalides.

 

Voilà le nouveau rapport :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:02:17, on 23/02/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\ICO.EXE

C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\msiexec.exe

C:\Documents and Settings\morgane corbel\Bureau\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll

O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar1.01.2607.0\fr\msntb.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"

O4 - HKLM\..\Run: [sonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Bluetooth Manager.lnk = ?

O8 - Extra context menu item: Ajouter un site de support RSS à VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe

O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

--

End of file - 12484 bytes

cauxboy Power Member

cauxboy

Posté(e)
Posté(e)

Forester,

 

DSL pour le retard mais ce week end comme tous les autres, j'étais en grosse teuf !!!!!

Apparemment on a eu le dernier mot sur ce probleme.

 

J'ai effectué les opérations en mode sans échec sauf la suppression du répertoire, je sais pas comment faire ??!

Lop S&D a du faire le ménage.

 

Sinon tout est OK. :P

 

Si tu as d'autres soucis n'hésite pas.

 

Cauxboy

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...