Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

hijackthis [résolu]

max2610

Par max2610
dans Analyses et éradication malwares

 Partager

Messages recommandés

max2610 Member

max2610

Posté(e)
Posté(e)

mon rapport hijackthis est t'il bon??

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:15:03, on 28/08/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Windows Desktop Search\wds_sl.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Synaptics\SynTP\Toshiba.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\ltmoh\Ltmoh.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Program Files\TOSHIBA\Tvs\TvsTray.exe

C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe

C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\WINDOWS\vsnpstd.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\program files\relevantknowledge\rlvknlg.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Belkin\Bluetooth Software\BTTray.exe

C:\Program Files\Uniblue\LocalCooling\localcooling2.exe

C:\Program Files\Secunia\PSI (RC3)\psi.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\LimeWire\LimeWire.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Free Music Zilla\FMZilla.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\DVDripnburn.com\DVD RIP N Burn\DVD Rip N Burn.exe

C:\Program Files\DVDripnburn.com\DVD RIP N Burn\DVDRipper.exe

C:\Program Files\Opera\opera.exe

C:\Documents and Settings\maxime cottin\Bureau\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ircdown.com/fr/index.php?rvs=ho...&d=79919178

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://configuration.adsl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll

R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll

O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll

O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe

O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [RelevantKnowledge] C:\program files\relevantknowledge\rlvknlg.exe -boot

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: LocalCooling.lnk = C:\Program Files\Uniblue\LocalCooling\localcooling2.exe

O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm

O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Crux P2P\Plugins\RazaWebHook.dll/3000

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

 

--

End of file - 13888 bytes

 

 

 

merci :P

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Bonsoir, de multiples infections et programmes douteux, on analyse, puis on nettoie !

 

Je vais te demander 2 rapports de diagnostic.

 

** 1 **

 

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)

 

** 2 **

Désactive tes protections résidentes (Antivirus, ...) tu les réactivera après le scan

 

Télécharge Lop S&D < ici

 

Double-clique sur Lop S&D.exe présent sur ton bureau

Séléctionne la langue souhaitée, puis choisis l'Option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

 

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

max2610 Member

max2610

Posté(e)
  • Auteur
Posté(e)

-----------\\ ToolBar S&D 1.1.6 XP/Vista

 

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : Intel® Core2 CPU T5500 @ 1.66GHz )

BIOS : BIOS Version 1.90

USER : maxime cottin ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.15 (Activated)

 

"C:\ToolBar SD" ( MAJ : 27-08-2008|23:35 )

Option : [1] ( 28/08/2008|19:18 )

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

C:\Program Files\AskSBar

C:\Program Files\AskSBar\bar

C:\Program Files\AskSBar\SrchAstt

C:\Program Files\P2P_Energy

C:\Program Files\P2P_Energy\INSTALL.LOG

C:\Program Files\P2P_Energy\P2P_EnergyToolbarHelper.exe

C:\Program Files\P2P_Energy\tbP2P_.dll

C:\Program Files\P2P_Energy\toolbar.cfg

C:\Program Files\P2P_Energy\UNWISE.EXE

C:\Program Files\Search Settings

C:\Program Files\Search Settings\kb126

C:\Program Files\Search Settings\SearchSettings.exe

 

-----------\\ Extensions

 

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

 

(maxime cottin) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(maxime cottin) - {36C13C8F-54F1-412e-8177-2E411719162D} => chrome

(maxime cottin) - {B5EDFBB0-9827-11DA-A72B-0800200C9A66} => forecastfox

(maxime cottin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\WINDOWS\\system32\\blank.htm"

"Start Page"="http://www.ircdown.com/fr/index.php?rvs=hompag&d=79919178"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"

 

 

--------------------\\ Recherche d'autres infections

 

 

Aucune autre infection trouvée !

 

-----------\\ Fin du rapport a 19:22:07,42

max2610 Member

max2610

Posté(e)
  • Auteur
Posté(e)

--------------------\\ Lop S&D 4.2.3-6 XP/Vista

 

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : Intel® Core2 CPU T5500 @ 1.66GHz )

BIOS : BIOS Version 1.90

USER : maxime cottin ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.15 (Activated)

 

"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )

Option : [1] ( 28/08/2008|20:04 )

 

--------------------\\ Listing des dossiers dans APPLIC~1

 

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe

[22/09/2006|15:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI

[15/09/2006|16:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[13/03/2008|23:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Desktop Search

 

[18/08/2008|02:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[02/08/2008|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[18/08/2008|00:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[27/08/2008|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[08/08/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

[22/08/2008|23:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus

[15/09/2006|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[26/08/2008|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink

[14/04/2008|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EaseDic

[17/03/2008|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[08/04/2008|01:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GRETECH

[31/03/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM

[31/03/2008|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail

[13/03/2008|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel

[17/08/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes

[04/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[25/07/2008|03:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[27/04/2008|11:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help

[17/03/2008|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla

[26/08/2008|02:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software

[18/08/2008|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero

[17/03/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[27/08/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RapidSolution

[26/03/2008|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[13/03/2008|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[17/08/2008|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[16/03/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[19/08/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[13/03/2008|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

 

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe

[22/09/2006|15:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI

[15/09/2006|16:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[13/03/2008|23:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Windows Desktop Search

 

[13/03/2008|23:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel

[16/03/2008|15:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/03/2008|07:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

 

[15/08/2008|13:14] C:\DOCUME~1\MAXIME~1\APPLIC~1\Adobe

[13/03/2008|21:19] C:\DOCUME~1\MAXIME~1\APPLIC~1\AdobeUM

[18/03/2008|18:40] C:\DOCUME~1\MAXIME~1\APPLIC~1\Ahead

[02/08/2008|16:38] C:\DOCUME~1\MAXIME~1\APPLIC~1\Apple Computer

[22/09/2006|15:12] C:\DOCUME~1\MAXIME~1\APPLIC~1\ATI

[08/08/2008|22:15] C:\DOCUME~1\MAXIME~1\APPLIC~1\AVS4YOU

[27/08/2008|13:34] C:\DOCUME~1\MAXIME~1\APPLIC~1\Azureus

[26/08/2008|14:58] C:\DOCUME~1\MAXIME~1\APPLIC~1\Cabos

[26/08/2008|14:58] C:\DOCUME~1\MAXIME~1\APPLIC~1\Cabos.plist

[24/07/2008|13:11] C:\DOCUME~1\MAXIME~1\APPLIC~1\Canneverbe_Limited

[27/08/2008|13:07] C:\DOCUME~1\MAXIME~1\APPLIC~1\COWON

[15/09/2006|16:31] C:\DOCUME~1\MAXIME~1\APPLIC~1\desktop.ini

[26/08/2008|14:02] C:\DOCUME~1\MAXIME~1\APPLIC~1\dvdcss

[14/04/2008|19:23] C:\DOCUME~1\MAXIME~1\APPLIC~1\EaseDic

[21/08/2008|03:53] C:\DOCUME~1\MAXIME~1\APPLIC~1\FMZilla

[18/08/2008|14:28] C:\DOCUME~1\MAXIME~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt

[02/08/2008|15:53] C:\DOCUME~1\MAXIME~1\APPLIC~1\Google

[08/04/2008|01:20] C:\DOCUME~1\MAXIME~1\APPLIC~1\GRETECH

[15/04/2008|13:49] C:\DOCUME~1\MAXIME~1\APPLIC~1\Help

[31/03/2008|20:24] C:\DOCUME~1\MAXIME~1\APPLIC~1\Identities

[13/03/2008|23:27] C:\DOCUME~1\MAXIME~1\APPLIC~1\Intel

[28/08/2008|20:03] C:\DOCUME~1\MAXIME~1\APPLIC~1\LimeWire

[13/03/2008|21:09] C:\DOCUME~1\MAXIME~1\APPLIC~1\Macromedia

[17/08/2008|17:32] C:\DOCUME~1\MAXIME~1\APPLIC~1\Malwarebytes

[28/04/2008|09:47] C:\DOCUME~1\MAXIME~1\APPLIC~1\Microsoft

[19/06/2008|13:03] C:\DOCUME~1\MAXIME~1\APPLIC~1\Mozilla

[19/05/2008|20:53] C:\DOCUME~1\MAXIME~1\APPLIC~1\MySpace

[26/08/2008|02:58] C:\DOCUME~1\MAXIME~1\APPLIC~1\NCH Software

[14/04/2008|19:18] C:\DOCUME~1\MAXIME~1\APPLIC~1\Notepad++

[12/05/2008|13:28] C:\DOCUME~1\MAXIME~1\APPLIC~1\Nvu

[02/08/2008|14:47] C:\DOCUME~1\MAXIME~1\APPLIC~1\Opera

[27/08/2008|13:15] C:\DOCUME~1\MAXIME~1\APPLIC~1\Shareaza

[28/08/2008|02:12] C:\DOCUME~1\MAXIME~1\APPLIC~1\Software Informer

[14/03/2008|07:37] C:\DOCUME~1\MAXIME~1\APPLIC~1\Sonic

[19/03/2008|17:09] C:\DOCUME~1\MAXIME~1\APPLIC~1\Sun

[23/04/2008|17:21] C:\DOCUME~1\MAXIME~1\APPLIC~1\Talkback

[09/06/2008|17:37] C:\DOCUME~1\MAXIME~1\APPLIC~1\TaoUSign

[22/03/2008|22:21] C:\DOCUME~1\MAXIME~1\APPLIC~1\Template

[23/04/2008|17:21] C:\DOCUME~1\MAXIME~1\APPLIC~1\Thunderbird

[14/03/2008|07:37] C:\DOCUME~1\MAXIME~1\APPLIC~1\toshiba

[19/08/2008|03:12] C:\DOCUME~1\MAXIME~1\APPLIC~1\UseNeXT

[27/08/2008|13:02] C:\DOCUME~1\MAXIME~1\APPLIC~1\uTorrent

[17/03/2008|16:26] C:\DOCUME~1\MAXIME~1\APPLIC~1\vlc

[14/03/2008|07:37] C:\DOCUME~1\MAXIME~1\APPLIC~1\Windows Desktop Search

[16/08/2008|17:06] C:\DOCUME~1\MAXIME~1\APPLIC~1\wklnhst.dat

[30/05/2008|17:55] C:\DOCUME~1\MAXIME~1\APPLIC~1\Wormux

[23/08/2008|09:13] C:\DOCUME~1\MAXIME~1\APPLIC~1\zweitgeist

 

[13/03/2008|23:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel

[14/03/2008|07:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[28/08/2008 11:26][--ah-----] C:\WINDOWS\tasks\SA.DAT

[10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[18/08/2008|02:53] C:\Program Files\Adobe

[13/03/2008|22:24] C:\Program Files\Alwil Software

[29/03/2008|20:12] C:\Program Files\Antadis

[16/03/2008|22:52] C:\Program Files\ANWSOFT

[18/08/2008|00:30] C:\Program Files\Apple Software Update

[22/08/2008|23:33] C:\Program Files\AskSBar

[30/04/2008|22:26] C:\Program Files\a-squared Anti-Malware

[27/08/2008|15:36] C:\Program Files\Avira

[27/08/2008|13:25] C:\Program Files\AviSynth 2.5

[09/08/2008|18:04] C:\Program Files\AVS4YOU

[04/04/2008|20:06] C:\Program Files\Axon Data

[27/08/2008|13:34] C:\Program Files\Azureus

[23/08/2008|12:59] C:\Program Files\Belkin

[02/08/2008|16:36] C:\Program Files\Bonjour

[03/05/2008|00:25] C:\Program Files\CamStudio

[13/03/2008|22:19] C:\Program Files\CCleaner

[24/07/2008|13:10] C:\Program Files\CDBurnerXP

[14/03/2008|07:49] C:\Program Files\Common Files

[15/09/2006|14:36] C:\Program Files\ComPlus Applications

[22/08/2008|23:13] C:\Program Files\Conduit

[22/03/2008|09:38] C:\Program Files\Controle Parental

[27/08/2008|13:15] C:\Program Files\Crux P2P

[25/05/2008|14:46] C:\Program Files\Dofus

[25/08/2008|19:00] C:\Program Files\DVDripnburn.com

[06/06/2008|07:23] C:\Program Files\eMailTrackerPro 2008

[27/08/2008|13:08] C:\Program Files\eMule

[18/03/2008|00:20] C:\Program Files\Enigma Software Group

[26/07/2008|00:57] C:\Program Files\Fake Voice

[27/08/2008|15:33] C:\Program Files\Fichiers communs

[16/03/2008|21:28] C:\Program Files\FLVPlayer4Free

[26/08/2008|21:36] C:\Program Files\Free Audio Pack

[24/07/2008|13:44] C:\Program Files\Free Easy Burner

[21/08/2008|04:03] C:\Program Files\Free Music Zilla

[26/08/2008|15:32] C:\Program Files\Free Video Converter

[15/04/2008|13:49] C:\Program Files\fxc

[02/08/2008|15:52] C:\Program Files\Google

[08/04/2008|01:19] C:\Program Files\GRETECH

[16/04/2008|09:02] C:\Program Files\Horloge

[09/05/2008|11:38] C:\Program Files\Inno Setup 5

[27/08/2008|13:07] C:\Program Files\InstallShield Installation Information

[13/03/2008|23:27] C:\Program Files\Intel

[27/08/2008|13:05] C:\Program Files\InterActual

[15/08/2008|03:02] C:\Program Files\Internet Explorer

[27/08/2008|13:05] C:\Program Files\InterVideo

[18/03/2008|20:27] C:\Program Files\Inventel

[18/08/2008|02:14] C:\Program Files\Java

[15/04/2008|01:46] C:\Program Files\JPA

[04/05/2008|18:10] C:\Program Files\JYK Technologies

[14/08/2008|21:05] C:\Program Files\LimeWire

[18/03/2008|15:11] C:\Program Files\Look 310S

[14/03/2008|07:52] C:\Program Files\ltmoh

[17/08/2008|17:32] C:\Program Files\Malwarebytes' Anti-Malware

[17/08/2008|22:54] C:\Program Files\Messenger

[03/05/2008|13:15] C:\Program Files\Messenger Plus! Live

[08/04/2008|17:50] C:\Program Files\Metin2_France

[15/03/2008|09:19] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[14/03/2008|07:52] C:\Program Files\microsoft frontpage

[17/08/2008|23:53] C:\Program Files\Microsoft Office

[17/05/2008|17:53] C:\Program Files\Microsoft Research

[27/04/2008|11:34] C:\Program Files\Microsoft SDKs

[19/08/2008|03:00] C:\Program Files\Microsoft Silverlight

[27/04/2008|11:39] C:\Program Files\Microsoft SQL Server Compact Edition

[27/04/2008|11:39] C:\Program Files\Microsoft Synchronization Services

[27/04/2008|11:39] C:\Program Files\Microsoft Visual Studio 9.0

[14/03/2008|07:52] C:\Program Files\Microsoft.NET

[17/08/2008|22:45] C:\Program Files\Movie Maker

[28/08/2008|19:35] C:\Program Files\Mozilla Firefox

[27/04/2008|11:28] C:\Program Files\MSBuild

[14/03/2008|07:52] C:\Program Files\MSN

[05/04/2008|22:09] C:\Program Files\MSN Gaming Zone

[14/03/2008|07:53] C:\Program Files\MSN Toolbar Suite

[27/04/2008|11:27] C:\Program Files\MSXML 6.0

[03/06/2008|20:31] C:\Program Files\MySpace

[26/08/2008|03:18] C:\Program Files\NCH Software

[16/03/2008|15:20] C:\Program Files\Nero

[17/08/2008|22:40] C:\Program Files\NetMeeting

[13/03/2008|22:24] C:\Program Files\Norton Internet Security

[14/04/2008|19:18] C:\Program Files\Notepad++

[27/08/2008|13:16] C:\Program Files\Nvu

[13/03/2008|21:49] C:\Program Files\Offre Wanadoo

[14/03/2008|07:53] C:\Program Files\Online Services

[28/08/2008|01:54] C:\Program Files\Opera

[17/08/2008|22:40] C:\Program Files\Outlook Express

[22/08/2008|23:13] C:\Program Files\P2P_Energy

[26/07/2008|00:56] C:\Program Files\Personal Voice Changer Driver

[05/06/2008|18:33] C:\Program Files\PixiePack Codec Pack

[15/04/2008|13:47] C:\Program Files\ProPointer

[05/06/2008|18:31] C:\Program Files\RapidSolution

[14/03/2008|07:53] C:\Program Files\Realtek

[27/04/2008|11:28] C:\Program Files\Reference Assemblies

[25/08/2008|19:05] C:\Program Files\RelevantKnowledge

[30/07/2008|21:24] C:\Program Files\ruedesecoles

[02/08/2008|16:38] C:\Program Files\Safari

[16/03/2008|22:20] C:\Program Files\Search Settings

[17/08/2008|22:17] C:\Program Files\Secunia

[17/06/2008|17:21] C:\Program Files\Security Process Explorer

[14/03/2008|07:54] C:\Program Files\Services en ligne

[28/08/2008|02:11] C:\Program Files\Software Informer

[14/03/2008|07:54] C:\Program Files\Sonic

[04/04/2008|18:42] C:\Program Files\Sony

[23/08/2008|12:11] C:\Program Files\Sony Ericsson

[20/04/2008|22:34] C:\Program Files\SpeedFan

[26/03/2008|18:06] C:\Program Files\Spybot - Search & Destroy

[15/04/2008|01:50] C:\Program Files\Stardock

[17/08/2008|23:48] C:\Program Files\Sun

[27/08/2008|13:07] C:\Program Files\Symantec

[14/03/2008|07:54] C:\Program Files\Synaptics

[14/03/2008|07:55] C:\Program Files\Toshiba

[16/08/2008|18:30] C:\Program Files\Trend Micro

[28/08/2008|02:36] C:\Program Files\TubeMaster

[30/07/2008|21:17] C:\Program Files\Ubi Soft

[30/07/2008|21:09] C:\Program Files\UbiSoft

[28/04/2008|09:47] C:\Program Files\Uniblue

[15/09/2006|15:50] C:\Program Files\Uninstall Information

[23/04/2008|09:51] C:\Program Files\Unlocker

[16/03/2008|19:54] C:\Program Files\uTorrent

[26/08/2008|15:43] C:\Program Files\VideoLAN

[16/08/2008|18:38] C:\Program Files\VS Revo Group

[23/08/2008|09:13] C:\Program Files\weblin

[14/03/2008|07:55] C:\Program Files\Windows Desktop Search

[06/04/2008|17:24] C:\Program Files\Windows Live

[01/04/2008|22:32] C:\Program Files\Windows Live Safety Center

[22/03/2008|00:31] C:\Program Files\Windows Media Connect 2

[16/03/2008|15:01] C:\Program Files\Windows Media Player

[17/08/2008|22:40] C:\Program Files\Windows NT

[14/03/2008|07:55] C:\Program Files\Windows Plus

[15/09/2006|14:39] C:\Program Files\WindowsUpdate

[14/03/2008|07:56] C:\Program Files\X10 Hardware

[14/03/2008|07:56] C:\Program Files\xerox

[13/03/2008|21:35] C:\Program Files\Yahoo!

[18/03/2008|14:52] C:\Program Files\ZNsoft Corporation

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[16/03/2008|22:52] C:\Program Files\Fichiers communs\A&W

[18/08/2008|02:54] C:\Program Files\Fichiers communs\Adobe

[18/08/2008|14:15] C:\Program Files\Fichiers communs\Ahead

[16/03/2008|22:52] C:\Program Files\Fichiers communs\ANWSOFT

[09/08/2008|11:40] C:\Program Files\Fichiers communs\AVSMedia

[27/08/2008|13:03] C:\Program Files\Fichiers communs\Blizzard Entertainment

[18/03/2008|20:27] C:\Program Files\Fichiers communs\FDEUnInstaller.exe

[14/03/2008|07:49] C:\Program Files\Fichiers communs\InstallShield

[14/03/2008|07:49] C:\Program Files\Fichiers communs\InterVideo

[14/03/2008|07:49] C:\Program Files\Fichiers communs\Java

[18/03/2008|15:11] C:\Program Files\Fichiers communs\Look310S

[17/08/2008|23:53] C:\Program Files\Fichiers communs\Microsoft Shared

[14/03/2008|07:50] C:\Program Files\Fichiers communs\MSSoap

[14/03/2008|07:50] C:\Program Files\Fichiers communs\ODBC

[14/03/2008|07:50] C:\Program Files\Fichiers communs\Services

[14/03/2008|07:50] C:\Program Files\Fichiers communs\SpeechEngines

[13/03/2008|22:26] C:\Program Files\Fichiers communs\Symantec Shared

[17/08/2008|22:40] C:\Program Files\Fichiers communs\System

[13/03/2008|21:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller

 

--------------------\\ Process

 

( 77 Processus )

 

... OK !

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Verification du Registre

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-28 20:04:54

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 81

 

--------------------\\ Recherche d'autres infections

 

 

Aucune autre infection trouvée !

 

[F:1442][D:85]-> C:\DOCUME~1\MAXIME~1\LOCALS~1\Temp

[F:8][D:0]-> C:\DOCUME~1\MAXIME~1\Cookies

[F:177][D:4]-> C:\DOCUME~1\MAXIME~1\LOCALS~1\TEMPOR~1\content.IE5

 

--------------------\\ Fin du rapport a 20:07:10

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".

! Ne ferme pas la fenêtre lors de la suppression !

Un rapport sera généré, poste son contenu ici.

 

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.

Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."

Tape explorer puis valide.

 

Puis ajoute un rapport HijackThis stp. (2 rapports en tout à poster)

max2610 Member

max2610

Posté(e)
  • Auteur
Posté(e)

-----------\\ ToolBar S&D 1.1.6 XP/Vista

 

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : Intel® Core2 CPU T5500 @ 1.66GHz )

BIOS : BIOS Version 1.90

USER : maxime cottin ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.15 (Activated)

 

"C:\ToolBar SD" ( MAJ : 27-08-2008|23:35 )

Option : [2] ( 29/08/2008|13:07 )

 

-----------\\ SUPPRESSION

 

Supprime! - C:\Program Files\AskSBar\bar

Supprime! - C:\Program Files\AskSBar\SrchAstt

Supprime! - C:\Program Files\P2P_Energy\INSTALL.LOG

Supprime! - C:\Program Files\P2P_Energy\P2P_EnergyToolbarHelper.exe

Supprime! - C:\Program Files\P2P_Energy\tbP2P_.dll

Supprime! - C:\Program Files\P2P_Energy\toolbar.cfg

Supprime! - C:\Program Files\P2P_Energy\UNWISE.EXE

Supprime! - C:\Program Files\Search Settings\kb126

Supprime! - C:\Program Files\Search Settings\SearchSettings.exe

Supprime! - C:\Program Files\AskSBar

Supprime! - C:\Program Files\P2P_Energy

Supprime! - C:\Program Files\Search Settings

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

 

-----------\\ Extensions

 

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

 

(maxime cottin) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(maxime cottin) - {36C13C8F-54F1-412e-8177-2E411719162D} => chrome

(maxime cottin) - {B5EDFBB0-9827-11DA-A72B-0800200C9A66} => forecastfox

(maxime cottin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\WINDOWS\\system32\\blank.htm"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.msn.com/"

 

 

--------------------\\ Recherche d'autres infections

 

 

Aucune autre infection trouvée !

 

-----------\\ Fin du rapport a 13:09:08,77

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:10:45, on 29/08/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\ltmoh\Ltmoh.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\TOSHIBA\Tvs\TvsTray.exe

C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe

C:\Program Files\Synaptics\SynTP\Toshiba.exe

C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\WINDOWS\vsnpstd.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\program files\relevantknowledge\rlvknlg.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Uniblue\LocalCooling\localcooling2.exe

C:\Program Files\Secunia\PSI (RC3)\psi.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\maxime cottin\Bureau\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://configuration.adsl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (file missing)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll

O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe

O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [RelevantKnowledge] C:\program files\relevantknowledge\rlvknlg.exe -boot

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: LocalCooling.lnk = C:\Program Files\Uniblue\LocalCooling\localcooling2.exe

O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm

O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Crux P2P\Plugins\RazaWebHook.dll/3000

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

 

--

End of file - 12779 bytes

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Sélectionne entièrement l'encadré ci-dessous , puis clique droit et choisis Copier

C:\program files\relevantknowledge\rlvknlg.exe

Relance Lop S&D

Choisis cette fois ci l'Option 4 ( LopScript )

Une page blanche va s'ouvrir , clique droit dessus et choisis Coller

Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

 

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

max2610 Member

max2610

Posté(e)
  • Auteur
Posté(e)

--------------------\\ Lop S&D 4.2.3-6 XP/Vista

 

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : Intel® Core2 CPU T5500 @ 1.66GHz )

BIOS : BIOS Version 1.90

USER : maxime cottin ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.15 (Activated)

 

"C:\Lop SD" ( MAJ : 27-08-2008|22:40 )

Option : [4] ( 29/08/2008|23:29 )

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

 

C:\program files\relevantknowledge\rlvknlg.exe

 

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

 

Supprime! - C:\program files\relevantknowledge\rlvknlg.exe

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

--------------------\\ Listing des dossiers dans APPLIC~1

 

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe

[22/09/2006|15:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI

[15/09/2006|16:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[13/03/2008|23:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba

[14/03/2008|07:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Desktop Search

 

[18/08/2008|02:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[02/08/2008|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[18/08/2008|00:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[27/08/2008|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[08/08/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

[22/08/2008|23:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus

[15/09/2006|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[26/08/2008|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink

[14/04/2008|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EaseDic

[17/03/2008|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[08/04/2008|01:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GRETECH

[31/03/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM

[31/03/2008|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail

[13/03/2008|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel

[17/08/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes

[04/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[28/08/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[27/04/2008|11:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help

[17/03/2008|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla

[26/08/2008|02:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software

[18/08/2008|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero

[17/03/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[27/08/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RapidSolution

[26/03/2008|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[13/03/2008|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[17/08/2008|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[16/03/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[28/08/2008|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[13/03/2008|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

 

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe

[22/09/2006|15:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI

[15/09/2006|16:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[13/03/2008|23:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba

[14/03/2008|07:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Windows Desktop Search

 

[13/03/2008|23:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel

[16/03/2008|15:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/03/2008|07:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

 

[15/08/2008|13:14] C:\DOCUME~1\MAXIME~1\APPLIC~1\Adobe

[13/03/2008|21:19] C:\DOCUME~1\MAXIME~1\APPLIC~1\AdobeUM

[18/03/2008|18:40] C:\DOCUME~1\MAXIME~1\APPLIC~1\Ahead

[02/08/2008|16:38] C:\DOCUME~1\MAXIME~1\APPLIC~1\Apple Computer

[22/09/2006|15:12] C:\DOCUME~1\MAXIME~1\APPLIC~1\ATI

[08/08/2008|22:15] C:\DOCUME~1\MAXIME~1\APPLIC~1\AVS4YOU

[27/08/2008|13:34] C:\DOCUME~1\MAXIME~1\APPLIC~1\Azureus

[26/08/2008|14:58] C:\DOCUME~1\MAXIME~1\APPLIC~1\Cabos

[26/08/2008|14:58] C:\DOCUME~1\MAXIME~1\APPLIC~1\Cabos.plist

[24/07/2008|13:11] C:\DOCUME~1\MAXIME~1\APPLIC~1\Canneverbe_Limited

[27/08/2008|13:07] C:\DOCUME~1\MAXIME~1\APPLIC~1\COWON

[15/09/2006|16:31] C:\DOCUME~1\MAXIME~1\APPLIC~1\desktop.ini

[26/08/2008|14:02] C:\DOCUME~1\MAXIME~1\APPLIC~1\dvdcss

[14/04/2008|19:23] C:\DOCUME~1\MAXIME~1\APPLIC~1\EaseDic

[21/08/2008|03:53] C:\DOCUME~1\MAXIME~1\APPLIC~1\FMZilla

[18/08/2008|14:28] C:\DOCUME~1\MAXIME~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt

[02/08/2008|15:53] C:\DOCUME~1\MAXIME~1\APPLIC~1\Google

[08/04/2008|01:20] C:\DOCUME~1\MAXIME~1\APPLIC~1\GRETECH

[15/04/2008|13:49] C:\DOCUME~1\MAXIME~1\APPLIC~1\Help

[31/03/2008|20:24] C:\DOCUME~1\MAXIME~1\APPLIC~1\Identities

[13/03/2008|23:27] C:\DOCUME~1\MAXIME~1\APPLIC~1\Intel

[29/08/2008|04:02] C:\DOCUME~1\MAXIME~1\APPLIC~1\LimeWire

[13/03/2008|21:09] C:\DOCUME~1\MAXIME~1\APPLIC~1\Macromedia

[17/08/2008|17:32] C:\DOCUME~1\MAXIME~1\APPLIC~1\Malwarebytes

[28/04/2008|09:47] C:\DOCUME~1\MAXIME~1\APPLIC~1\Microsoft

[19/06/2008|13:03] C:\DOCUME~1\MAXIME~1\APPLIC~1\Mozilla

[19/05/2008|20:53] C:\DOCUME~1\MAXIME~1\APPLIC~1\MySpace

[26/08/2008|02:58] C:\DOCUME~1\MAXIME~1\APPLIC~1\NCH Software

[14/04/2008|19:18] C:\DOCUME~1\MAXIME~1\APPLIC~1\Notepad++

[12/05/2008|13:28] C:\DOCUME~1\MAXIME~1\APPLIC~1\Nvu

[02/08/2008|14:47] C:\DOCUME~1\MAXIME~1\APPLIC~1\Opera

[27/08/2008|13:15] C:\DOCUME~1\MAXIME~1\APPLIC~1\Shareaza

[28/08/2008|02:12] C:\DOCUME~1\MAXIME~1\APPLIC~1\Software Informer

[14/03/2008|07:37] C:\DOCUME~1\MAXIME~1\APPLIC~1\Sonic

[19/03/2008|17:09] C:\DOCUME~1\MAXIME~1\APPLIC~1\Sun

[23/04/2008|17:21] C:\DOCUME~1\MAXIME~1\APPLIC~1\Talkback

[09/06/2008|17:37] C:\DOCUME~1\MAXIME~1\APPLIC~1\TaoUSign

[22/03/2008|22:21] C:\DOCUME~1\MAXIME~1\APPLIC~1\Template

[23/04/2008|17:21] C:\DOCUME~1\MAXIME~1\APPLIC~1\Thunderbird

[14/03/2008|07:37] C:\DOCUME~1\MAXIME~1\APPLIC~1\toshiba

[19/08/2008|03:12] C:\DOCUME~1\MAXIME~1\APPLIC~1\UseNeXT

[27/08/2008|13:02] C:\DOCUME~1\MAXIME~1\APPLIC~1\uTorrent

[17/03/2008|16:26] C:\DOCUME~1\MAXIME~1\APPLIC~1\vlc

[14/03/2008|07:37] C:\DOCUME~1\MAXIME~1\APPLIC~1\Windows Desktop Search

[16/08/2008|17:06] C:\DOCUME~1\MAXIME~1\APPLIC~1\wklnhst.dat

[30/05/2008|17:55] C:\DOCUME~1\MAXIME~1\APPLIC~1\Wormux

[23/08/2008|09:13] C:\DOCUME~1\MAXIME~1\APPLIC~1\zweitgeist

 

[13/03/2008|23:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel

[14/03/2008|07:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[29/08/2008 22:28][--ah-----] C:\WINDOWS\tasks\SA.DAT

[10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[18/08/2008|02:53] C:\Program Files\Adobe

[13/03/2008|22:24] C:\Program Files\Alwil Software

[29/03/2008|20:12] C:\Program Files\Antadis

[16/03/2008|22:52] C:\Program Files\ANWSOFT

[18/08/2008|00:30] C:\Program Files\Apple Software Update

[30/04/2008|22:26] C:\Program Files\a-squared Anti-Malware

[27/08/2008|15:36] C:\Program Files\Avira

[27/08/2008|13:25] C:\Program Files\AviSynth 2.5

[09/08/2008|18:04] C:\Program Files\AVS4YOU

[04/04/2008|20:06] C:\Program Files\Axon Data

[27/08/2008|13:34] C:\Program Files\Azureus

[23/08/2008|12:59] C:\Program Files\Belkin

[02/08/2008|16:36] C:\Program Files\Bonjour

[03/05/2008|00:25] C:\Program Files\CamStudio

[13/03/2008|22:19] C:\Program Files\CCleaner

[28/08/2008|22:37] C:\Program Files\CDBurnerXP

[14/03/2008|07:49] C:\Program Files\Common Files

[15/09/2006|14:36] C:\Program Files\ComPlus Applications

[22/08/2008|23:13] C:\Program Files\Conduit

[22/03/2008|09:38] C:\Program Files\Controle Parental

[27/08/2008|13:15] C:\Program Files\Crux P2P

[25/05/2008|14:46] C:\Program Files\Dofus

[25/08/2008|19:00] C:\Program Files\DVDripnburn.com

[06/06/2008|07:23] C:\Program Files\eMailTrackerPro 2008

[27/08/2008|13:08] C:\Program Files\eMule

[18/03/2008|00:20] C:\Program Files\Enigma Software Group

[26/07/2008|00:57] C:\Program Files\Fake Voice

[27/08/2008|15:33] C:\Program Files\Fichiers communs

[16/03/2008|21:28] C:\Program Files\FLVPlayer4Free

[26/08/2008|21:36] C:\Program Files\Free Audio Pack

[24/07/2008|13:44] C:\Program Files\Free Easy Burner

[21/08/2008|04:03] C:\Program Files\Free Music Zilla

[26/08/2008|15:32] C:\Program Files\Free Video Converter

[15/04/2008|13:49] C:\Program Files\fxc

[02/08/2008|15:52] C:\Program Files\Google

[08/04/2008|01:19] C:\Program Files\GRETECH

[16/04/2008|09:02] C:\Program Files\Horloge

[09/05/2008|11:38] C:\Program Files\Inno Setup 5

[27/08/2008|13:07] C:\Program Files\InstallShield Installation Information

[13/03/2008|23:27] C:\Program Files\Intel

[27/08/2008|13:05] C:\Program Files\InterActual

[15/08/2008|03:02] C:\Program Files\Internet Explorer

[27/08/2008|13:05] C:\Program Files\InterVideo

[18/03/2008|20:27] C:\Program Files\Inventel

[18/08/2008|02:14] C:\Program Files\Java

[15/04/2008|01:46] C:\Program Files\JPA

[04/05/2008|18:10] C:\Program Files\JYK Technologies

[14/08/2008|21:05] C:\Program Files\LimeWire

[18/03/2008|15:11] C:\Program Files\Look 310S

[14/03/2008|07:52] C:\Program Files\ltmoh

[17/08/2008|17:32] C:\Program Files\Malwarebytes' Anti-Malware

[17/08/2008|22:54] C:\Program Files\Messenger

[03/05/2008|13:15] C:\Program Files\Messenger Plus! Live

[08/04/2008|17:50] C:\Program Files\Metin2_France

[15/03/2008|09:19] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[14/03/2008|07:52] C:\Program Files\microsoft frontpage

[17/08/2008|23:53] C:\Program Files\Microsoft Office

[17/05/2008|17:53] C:\Program Files\Microsoft Research

[27/04/2008|11:34] C:\Program Files\Microsoft SDKs

[19/08/2008|03:00] C:\Program Files\Microsoft Silverlight

[27/04/2008|11:39] C:\Program Files\Microsoft SQL Server Compact Edition

[27/04/2008|11:39] C:\Program Files\Microsoft Synchronization Services

[27/04/2008|11:39] C:\Program Files\Microsoft Visual Studio 9.0

[14/03/2008|07:52] C:\Program Files\Microsoft.NET

[17/08/2008|22:45] C:\Program Files\Movie Maker

[29/08/2008|23:21] C:\Program Files\Mozilla Firefox

[27/04/2008|11:28] C:\Program Files\MSBuild

[14/03/2008|07:52] C:\Program Files\MSN

[05/04/2008|22:09] C:\Program Files\MSN Gaming Zone

[14/03/2008|07:53] C:\Program Files\MSN Toolbar Suite

[27/04/2008|11:27] C:\Program Files\MSXML 6.0

[03/06/2008|20:31] C:\Program Files\MySpace

[26/08/2008|03:18] C:\Program Files\NCH Software

[16/03/2008|15:20] C:\Program Files\Nero

[17/08/2008|22:40] C:\Program Files\NetMeeting

[13/03/2008|22:24] C:\Program Files\Norton Internet Security

[14/04/2008|19:18] C:\Program Files\Notepad++

[27/08/2008|13:16] C:\Program Files\Nvu

[13/03/2008|21:49] C:\Program Files\Offre Wanadoo

[14/03/2008|07:53] C:\Program Files\Online Services

[28/08/2008|01:54] C:\Program Files\Opera

[17/08/2008|22:40] C:\Program Files\Outlook Express

[26/07/2008|00:56] C:\Program Files\Personal Voice Changer Driver

[05/06/2008|18:33] C:\Program Files\PixiePack Codec Pack

[15/04/2008|13:47] C:\Program Files\ProPointer

[05/06/2008|18:31] C:\Program Files\RapidSolution

[14/03/2008|07:53] C:\Program Files\Realtek

[27/04/2008|11:28] C:\Program Files\Reference Assemblies

[29/08/2008|23:30] C:\Program Files\RelevantKnowledge

[30/07/2008|21:24] C:\Program Files\ruedesecoles

[02/08/2008|16:38] C:\Program Files\Safari

[17/08/2008|22:17] C:\Program Files\Secunia

[17/06/2008|17:21] C:\Program Files\Security Process Explorer

[14/03/2008|07:54] C:\Program Files\Services en ligne

[28/08/2008|02:11] C:\Program Files\Software Informer

[14/03/2008|07:54] C:\Program Files\Sonic

[04/04/2008|18:42] C:\Program Files\Sony

[23/08/2008|12:11] C:\Program Files\Sony Ericsson

[20/04/2008|22:34] C:\Program Files\SpeedFan

[26/03/2008|18:06] C:\Program Files\Spybot - Search & Destroy

[15/04/2008|01:50] C:\Program Files\Stardock

[17/08/2008|23:48] C:\Program Files\Sun

[27/08/2008|13:07] C:\Program Files\Symantec

[14/03/2008|07:54] C:\Program Files\Synaptics

[14/03/2008|07:55] C:\Program Files\Toshiba

[16/08/2008|18:30] C:\Program Files\Trend Micro

[28/08/2008|02:36] C:\Program Files\TubeMaster

[30/07/2008|21:17] C:\Program Files\Ubi Soft

[30/07/2008|21:09] C:\Program Files\UbiSoft

[28/04/2008|09:47] C:\Program Files\Uniblue

[15/09/2006|15:50] C:\Program Files\Uninstall Information

[23/04/2008|09:51] C:\Program Files\Unlocker

[16/03/2008|19:54] C:\Program Files\uTorrent

[26/08/2008|15:43] C:\Program Files\VideoLAN

[16/08/2008|18:38] C:\Program Files\VS Revo Group

[23/08/2008|09:13] C:\Program Files\weblin

[14/03/2008|07:55] C:\Program Files\Windows Desktop Search

[28/08/2008|22:14] C:\Program Files\Windows Live

[01/04/2008|22:32] C:\Program Files\Windows Live Safety Center

[22/03/2008|00:31] C:\Program Files\Windows Media Connect 2

[16/03/2008|15:01] C:\Program Files\Windows Media Player

[17/08/2008|22:40] C:\Program Files\Windows NT

[14/03/2008|07:55] C:\Program Files\Windows Plus

[15/09/2006|14:39] C:\Program Files\WindowsUpdate

[14/03/2008|07:56] C:\Program Files\X10 Hardware

[14/03/2008|07:56] C:\Program Files\xerox

[13/03/2008|21:35] C:\Program Files\Yahoo!

[18/03/2008|14:52] C:\Program Files\ZNsoft Corporation

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[16/03/2008|22:52] C:\Program Files\Fichiers communs\A&W

[18/08/2008|02:54] C:\Program Files\Fichiers communs\Adobe

[18/08/2008|14:15] C:\Program Files\Fichiers communs\Ahead

[16/03/2008|22:52] C:\Program Files\Fichiers communs\ANWSOFT

[09/08/2008|11:40] C:\Program Files\Fichiers communs\AVSMedia

[27/08/2008|13:03] C:\Program Files\Fichiers communs\Blizzard Entertainment

[18/03/2008|20:27] C:\Program Files\Fichiers communs\FDEUnInstaller.exe

[14/03/2008|07:49] C:\Program Files\Fichiers communs\InstallShield

[14/03/2008|07:49] C:\Program Files\Fichiers communs\InterVideo

[14/03/2008|07:49] C:\Program Files\Fichiers communs\Java

[18/03/2008|15:11] C:\Program Files\Fichiers communs\Look310S

[17/08/2008|23:53] C:\Program Files\Fichiers communs\Microsoft Shared

[14/03/2008|07:50] C:\Program Files\Fichiers communs\MSSoap

[14/03/2008|07:50] C:\Program Files\Fichiers communs\ODBC

[14/03/2008|07:50] C:\Program Files\Fichiers communs\Services

[14/03/2008|07:50] C:\Program Files\Fichiers communs\SpeechEngines

[13/03/2008|22:26] C:\Program Files\Fichiers communs\Symantec Shared

[17/08/2008|22:40] C:\Program Files\Fichiers communs\System

[13/03/2008|21:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller

 

--------------------\\ Process

 

( 73 Processus )

 

... OK !

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Verification du Registre

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-29 23:31:02

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 81

 

--------------------\\ Recherche d'autres infections

 

 

Aucune autre infection trouvée !

 

[F:1495][D:89]-> C:\DOCUME~1\MAXIME~1\LOCALS~1\Temp

[F:23][D:0]-> C:\DOCUME~1\MAXIME~1\Cookies

[F:644][D:6]-> C:\DOCUME~1\MAXIME~1\LOCALS~1\TEMPOR~1\content.IE5

 

--------------------\\ Fin du rapport a 23:33:08

max2610 Member

max2610

Posté(e)
  • Auteur
Posté(e)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:49:11, on 29/08/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Synaptics\SynTP\Toshiba.exe

C:\Program Files\ltmoh\Ltmoh.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\TOSHIBA\Tvs\TvsTray.exe

C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\WINDOWS\vsnpstd.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Belkin\Bluetooth Software\BTTray.exe

C:\Program Files\Uniblue\LocalCooling\localcooling2.exe

C:\Program Files\Secunia\PSI (RC3)\psi.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\RelevantKnowledge\rlvknlg.exe

C:\Documents and Settings\maxime cottin\Bureau\HiJackThis.exe

C:\WINDOWS\system32\igfxsrvc.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://configuration.adsl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll (file missing)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll

O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe

O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [RelevantKnowledge] C:\Program Files\RelevantKnowledge\rlvknlg.exe -boot

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: LocalCooling.lnk = C:\Program Files\Uniblue\LocalCooling\localcooling2.exe

O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm

O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Crux P2P\Plugins\RazaWebHook.dll/3000

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O20 - AppInit_DLLs: C:\program,files\relevantknowledge\rlai.dll,C:\program,files\relevantknowledge\rlai.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program Files\RelevantKnowledge\rlai.dll

O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll

O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

 

--

End of file - 13103 bytes

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...