fenetre pup trojan et cid pc infecté (Résolu!) (1/2)

Connexion au forum informatique de Sur-la-Toile

La discussion « fenetre pup trojan et cid pc infecté » se trouve dans le forum « Virus, troyens, etc... »

	fenetre pup trojan et cid pc infecté
	» Liste des Forums » Virus, troyens, etc... » Discussion » Discussion disponible en mode résumé (6 messages)

7 messages dans la rubrique Virus, troyens, etc...

2 messages dans la rubrique Dépannage Informatique

Le 19 août à 14:37 #

Salut,

merci de venir a mon secour mon pc est infecté apres avoir passé tous les anti spyware je n y viens pas a bout.
p etre faut il desactivé la restauration sous xp.

merci pour votre aide!

voici le rapport hijack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:23:53, on 19/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vcl.vaio.sony.co.jp/eu/PforVAIO.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [workflow] F:\install\workflow.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [soft defy soap wave] C:\Documents and Settings\All Users\Application Data\Stupid Vc Soft Defy\Flaw Show.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/16.27/uploader2.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1118041202593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132863443500
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O20 - AppInit_DLLs: rznkwa.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: opnmKArs - opnmKArs.dll (file missing)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 13909 bytes

1923 messages dans la rubrique Humour, Délires, Jeux

1650 messages dans la rubrique Virus, troyens, etc...

926 messages dans la rubrique Vos Créations

839 messages dans la rubrique Dépannage Informatique

Le 19 août à 14:49 #

Salut

Télécharger et enregistrer sur le Bureau LopSD.exe

=> Double-clic Lop S&D

=> Faire l'installation

Fermer toutes les applications

=> Le lancer par un double-clic sur le raccourci qui est sur le bureau

(Avec VISTA > clic-droit et > Exécuter en tant qu'administrateur)

=> Taper F pour français , puis presser entrée

=> Taper 1

=> Presser Entrée

=> Le PC va redémarrer

Note: si l'antivirus annonce une infection dans TEMP , l'ignorer

=> Attendre l'apparition du rapport

=> Copier le rapport et le coller dans la réponse(le rapport se trouve aussi à C:\lopR)

+++++

Télécharger et enregistrer sur le bureau

Combofix

=Double-clic sur Combofix

= Presser 1 si demandé

= Attendre la fermeture de l’outil ( 5 -10 mn ou plus si infection importante)

=Copier/coller le rapport dans la réponse

Un rapport dans C:\Combofix.txt à mettre dans la réponse

Réactiver l'antivirus

============

supprimer ensuite

combofix

QooBox qui est à C:\

+++

Télécharger Hijackthis sur le bureau

Dézipper sur le bureau

= clic droit dessus ==> renommer ==> écrire : "test"( à la place de "hijackthis") <== Important

=Double-clic dessus

= Clic Do a system scan and save the log

-- Le Bloc-Notes s'ouvre :

-> Edition / Sélectionner Tout

-> Edition / Copier

copier coller le rapport

si tu as des soucis pour faire un rapport

demo hijack

Le 19 août à 14:56 #

merci voici le rapport

--------------------\\ Lop S&D 4.2.3-0 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : jean portable ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 19/08/2008 | 14:51:32 ] [ PC : PORTABLEJEAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]

--------------------\\ Listing des dossiers dans APPLIC~1

[17/12/2006|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/12/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/12/2007|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[19/08/2008|11:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[28/12/2007|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[19/11/2004|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[24/04/2007|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[20/05/2008|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/08/2008|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[28/12/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[30/12/2007|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[01/07/2008|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
[19/05/2008|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[17/08/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06/06/2008|09:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/08/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[06/08/2007|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[09/08/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[09/01/2007|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[29/12/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[22/11/2004|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[16/05/2008|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[12/09/2007|06:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[18/08/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/08/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Stupid Vc Soft Defy
[01/01/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[07/08/2005|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[17/08/2008|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[14/12/2004|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VAIO Media Platform
[08/08/2005|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[09/08/2007|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[22/05/2008|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[23/07/2008|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[15/08/2007|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

[14/12/2004|11:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[19/11/2004|13:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/11/2004|12:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/11/2004|12:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[09/08/2007|12:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[14/12/2004|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sony Corporation
[22/11/2004|12:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[17/03/2008|19:35] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
[04/08/2008|15:49] C:\DOCUME~1\INVIT~1\APPLIC~1\Apple Computer
[19/11/2004|13:14] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[04/12/2007|21:42] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[19/11/2004|12:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[28/10/2005|17:41] C:\DOCUME~1\INVIT~1\APPLIC~1\InstallShield
[22/07/2005|16:03] C:\DOCUME~1\INVIT~1\APPLIC~1\Leadertech
[22/11/2004|12:05] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[15/10/2005|17:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[29/07/2005|10:49] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft Excel.TSK
[11/08/2005|01:47] C:\DOCUME~1\INVIT~1\APPLIC~1\PC Suite
[04/11/2006|00:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Sonic
[06/06/2005|10:00] C:\DOCUME~1\INVIT~1\APPLIC~1\Sony Corporation
[24/12/2005|16:45] C:\DOCUME~1\INVIT~1\APPLIC~1\Sun
[22/11/2004|12:01] C:\DOCUME~1\INVIT~1\APPLIC~1\Symantec

[17/08/2008|15:16] C:\DOCUME~1\JEANPO~1\APPLIC~1\.wyzo
[02/03/2008|14:52] C:\DOCUME~1\JEANPO~1\APPLIC~1\Adobe
[09/08/2007|11:46] C:\DOCUME~1\JEANPO~1\APPLIC~1\AdobeUM
[05/06/2008|23:10] C:\DOCUME~1\JEANPO~1\APPLIC~1\Apple Computer
[28/12/2007|12:38] C:\DOCUME~1\JEANPO~1\APPLIC~1\AVS4YOU
[16/08/2005|12:21] C:\DOCUME~1\JEANPO~1\APPLIC~1\DataLayer
[19/11/2004|13:14] C:\DOCUME~1\JEANPO~1\APPLIC~1\desktop.ini
[29/05/2008|11:02] C:\DOCUME~1\JEANPO~1\APPLIC~1\DivX
[19/08/2008|11:59] C:\DOCUME~1\JEANPO~1\APPLIC~1\Ford Error Hide
[18/02/2006|00:41] C:\DOCUME~1\JEANPO~1\APPLIC~1\Google
[18/08/2008|18:52] C:\DOCUME~1\JEANPO~1\APPLIC~1\Grisoft
[19/11/2004|12:22] C:\DOCUME~1\JEANPO~1\APPLIC~1\Identities
[30/12/2007|14:15] C:\DOCUME~1\JEANPO~1\APPLIC~1\InterVideo
[01/07/2008|17:59] C:\DOCUME~1\JEANPO~1\APPLIC~1\iolo
[19/05/2008|17:27] C:\DOCUME~1\JEANPO~1\APPLIC~1\Lavasoft
[04/06/2005|00:43] C:\DOCUME~1\JEANPO~1\APPLIC~1\Leadertech
[22/11/2004|12:05] C:\DOCUME~1\JEANPO~1\APPLIC~1\Macromedia
[17/08/2008|16:16] C:\DOCUME~1\JEANPO~1\APPLIC~1\Malwarebytes
[31/12/2006|01:10] C:\DOCUME~1\JEANPO~1\APPLIC~1\Media Player Classic
[23/12/2006|18:53] C:\DOCUME~1\JEANPO~1\APPLIC~1\Micro Application
[17/08/2008|15:16] C:\DOCUME~1\JEANPO~1\APPLIC~1\Microsoft
[21/01/2007|15:45] C:\DOCUME~1\JEANPO~1\APPLIC~1\Mozilla
[16/08/2006|09:06] C:\DOCUME~1\JEANPO~1\APPLIC~1\MSNInstaller
[09/08/2007|18:44] C:\DOCUME~1\JEANPO~1\APPLIC~1\NMM-MetaData.db
[09/08/2007|18:38] C:\DOCUME~1\JEANPO~1\APPLIC~1\Nokia
[09/08/2007|23:15] C:\DOCUME~1\JEANPO~1\APPLIC~1\Nokia Multimedia Player
[09/08/2007|18:37] C:\DOCUME~1\JEANPO~1\APPLIC~1\PC Suite
[17/08/2008|20:42] C:\DOCUME~1\JEANPO~1\APPLIC~1\PC Tools
[09/01/2007|20:39] C:\DOCUME~1\JEANPO~1\APPLIC~1\Simply Super Software
[04/06/2005|00:44] C:\DOCUME~1\JEANPO~1\APPLIC~1\Sonic
[12/09/2007|04:56] C:\DOCUME~1\JEANPO~1\APPLIC~1\Sony Corporation
[30/12/2006|23:22] C:\DOCUME~1\JEANPO~1\APPLIC~1\SoundSpectrum
[20/06/2005|19:44] C:\DOCUME~1\JEANPO~1\APPLIC~1\Sun
[01/01/2008|16:13] C:\DOCUME~1\JEANPO~1\APPLIC~1\SUPERAntiSpyware.com
[30/12/2007|10:52] C:\DOCUME~1\JEANPO~1\APPLIC~1\Symantec
[28/05/2008|18:14] C:\DOCUME~1\JEANPO~1\APPLIC~1\T.Aragon
[14/08/2005|01:39] C:\DOCUME~1\JEANPO~1\APPLIC~1\Template
[21/01/2007|16:46] C:\DOCUME~1\JEANPO~1\APPLIC~1\vlc
[27/12/2007|23:00] C:\DOCUME~1\JEANPO~1\APPLIC~1\WinRAR
[14/08/2005|01:39] C:\DOCUME~1\JEANPO~1\APPLIC~1\wklnhst.dat
[23/07/2008|11:46] C:\DOCUME~1\JEANPO~1\APPLIC~1\Yahoo!
[04/06/2005|09:57] C:\DOCUME~1\JEANPO~1\APPLIC~1\Yahoo! Messenger
[03/11/2006|12:23] C:\DOCUME~1\JEANPO~1\APPLIC~1\ZoneCoquineWebcamPrefs
[15/08/2007|18:35] C:\DOCUME~1\JEANPO~1\APPLIC~1\ZoomBrowser EX

[03/03/2008|11:55] C:\DOCUME~1\LAETIT~1\APPLIC~1\Adobe
[19/11/2004|13:14] C:\DOCUME~1\LAETIT~1\APPLIC~1\desktop.ini
[19/11/2004|12:22] C:\DOCUME~1\LAETIT~1\APPLIC~1\Identities
[22/11/2004|12:05] C:\DOCUME~1\LAETIT~1\APPLIC~1\Macromedia
[25/02/2008|10:29] C:\DOCUME~1\LAETIT~1\APPLIC~1\Microsoft
[25/02/2008|10:29] C:\DOCUME~1\LAETIT~1\APPLIC~1\PC Suite
[25/02/2008|10:35] C:\DOCUME~1\LAETIT~1\APPLIC~1\Sony Corporation
[25/02/2008|10:37] C:\DOCUME~1\LAETIT~1\APPLIC~1\SUPERAntiSpyware.com
[22/11/2004|12:01] C:\DOCUME~1\LAETIT~1\APPLIC~1\Symantec

[01/07/2008|17:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\iolo
[30/12/2006|22:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/10/2005|21:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sony Corporation

[30/12/2007|19:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
[19/11/2004|12:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[19/08/2008 13:00][--ah-----] C:\WINDOWS\tasks\A442EBD7918D69C3.job
[05/06/2008 23:05][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[19/08/2008 12:52][--a------] C:\WINDOWS\tasks\SyncBack jean portable.job
[18/08/2008 17:50][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{A2D763F5-017A-4758-8710-7EDBD602014A}.job
[19/08/2008 14:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( A442EBD7918D69C3.job )=( c:\docume~1\jeanpo~1\applic~1\forder~1\32locksmfcd.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[21/02/2007|19:28] C:\Program Files\2BrightSparks
[11/07/2007|21:43] C:\Program Files\Acro Software
[30/12/2007|10:37] C:\Program Files\Adobe
[29/12/2007|17:44] C:\Program Files\Apoint
[05/06/2008|23:08] C:\Program Files\Apple Software Update
[01/01/2008|15:41] C:\Program Files\a-squared Free
[17/12/2006|19:15] C:\Program Files\AvantGo Connect
[19/08/2008|11:36] C:\Program Files\Avira
[27/12/2007|23:37] C:\Program Files\AviSynth 2.5
[29/12/2007|11:39] C:\Program Files\AVS4YOU
[11/01/2007|21:52] C:\Program Files\BHO Plugin
[20/05/2008|17:23] C:\Program Files\Borland
[15/08/2007|18:25] C:\Program Files\Canon
[17/08/2008|14:51] C:\Program Files\Club-Internet
[06/08/2007|19:13] C:\Program Files\Common Files
[19/11/2004|12:19] C:\Program Files\ComPlus Applications
[19/11/2004|13:53] C:\Program Files\CONEXANT
[27/09/2007|12:12] C:\Program Files\Convar
[09/08/2007|18:34] C:\Program Files\DIFX
[29/05/2008|11:03] C:\Program Files\DivX
[30/12/2007|10:49] C:\Program Files\eBay
[18/08/2008|18:57] C:\Program Files\Enigma Software Group
[17/08/2008|20:42] C:\Program Files\Fichiers communs
[22/11/2004|12:04] C:\Program Files\FlashPlayer
[17/08/2008|15:07] C:\Program Files\Ford Error Hide
[19/05/2008|16:18] C:\Program Files\Free Internet Window Washer
[25/11/2007|13:05] C:\Program Files\G-FORCE GOLD-PLATINIUM WINDOWS MEDIAPLAYER PLUGIN
[20/05/2008|12:55] C:\Program Files\Google
[11/07/2007|21:44] C:\Program Files\GPLGS
[18/08/2008|18:51] C:\Program Files\Grisoft
[30/04/2008|11:35] C:\Program Files\Hp
[01/01/2008|15:57] C:\Program Files\InstallShield Installation Information
[19/11/2004|13:46] C:\Program Files\Intel
[16/08/2008|20:36] C:\Program Files\Internet Explorer
[30/12/2007|14:03] C:\Program Files\InterVideo
[27/08/2005|19:35] C:\Program Files\Inventel
[05/06/2008|23:03] C:\Program Files\iPod
[05/06/2008|23:03] C:\Program Files\iTunes
[19/05/2008|10:47] C:\Program Files\Java
[31/12/2006|01:09] C:\Program Files\K-Lite Codec Pack
[29/04/2008|10:55] C:\Program Files\Lavalys
[19/05/2008|17:28] C:\Program Files\Lavasoft
[17/08/2008|15:53] C:\Program Files\LimeWire
[07/08/2005|22:42] C:\Program Files\Logitech
[17/08/2008|16:16] C:\Program Files\Malwarebytes' Anti-Malware
[27/09/2007|17:54] C:\Program Files\Messenger
[04/08/2008|10:49] C:\Program Files\Microsoft ActiveSync
[24/06/2007|11:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/11/2004|12:22] C:\Program Files\microsoft frontpage
[11/06/2008|11:20] C:\Program Files\Microsoft MapPoint Europe
[30/12/2007|10:42] C:\Program Files\Microsoft Office
[24/06/2005|10:25] C:\Program Files\Microsoft Visual Studio
[06/06/2008|09:55] C:\Program Files\Microsoft Works
[24/06/2005|10:27] C:\Program Files\Microsoft.NET
[07/08/2007|23:32] C:\Program Files\MoodLogic
[14/12/2004|11:16] C:\Program Files\Moodlogic HTML
[19/11/2004|12:20] C:\Program Files\Movie Maker
[30/12/2007|10:43] C:\Program Files\Mozilla Firefox
[25/12/2006|21:16] C:\Program Files\MP3 Player Utilities 3.67
[16/08/2005|13:27] C:\Program Files\mp3DirectCut
[08/08/2007|00:42] C:\Program Files\MSN
[19/11/2004|12:18] C:\Program Files\MSN Gaming Zone
[18/10/2006|15:05] C:\Program Files\MSXML 4.0
[17/12/2006|19:16] C:\Program Files\Navman
[19/11/2004|12:20] C:\Program Files\NetMeeting
[09/08/2007|18:35] C:\Program Files\Nokia
[18/10/2005|21:52] C:\Program Files\OfficeUpdate11
[19/11/2004|12:18] C:\Program Files\Online Services
[24/06/2007|11:25] C:\Program Files\Outlook Express
[30/12/2007|10:46] C:\Program Files\Panda Security
[29/12/2007|18:04] C:\Program Files\PC Connectivity Solution
[27/09/2007|11:49] C:\Program Files\PC Inspector File Recovery
[09/01/2007|18:04] C:\Program Files\PC Tools AntiVirus
[20/05/2008|14:27] C:\Program Files\Picasa2
[28/12/2007|12:34] C:\Program Files\pspvideo9
[05/06/2008|23:01] C:\Program Files\QuickTime
[18/08/2005|13:04] C:\Program Files\Raccourcis de programmes
[19/11/2004|13:59] C:\Program Files\Realtek
[27/12/2007|22:07] C:\Program Files\Red Kawa
[17/08/2008|17:39] C:\Program Files\RogueRemover FREE
[05/06/2008|22:48] C:\Program Files\Safari
[19/11/2004|12:20] C:\Program Files\Services en ligne
[28/05/2008|18:10] C:\Program Files\Smart PC Solutions
[14/12/2004|11:14] C:\Program Files\Sonic
[30/12/2007|11:53] C:\Program Files\Sony
[30/12/2006|23:19] C:\Program Files\SoundSpectrum
[18/08/2008|18:22] C:\Program Files\Spybot - Search & Destroy
[17/06/2008|11:48] C:\Program Files\SUPERAntiSpyware
[20/05/2008|16:52] C:\Program Files\Symantec
[19/08/2008|14:23] C:\Program Files\Trend Micro
[19/11/2004|12:25] C:\Program Files\Uninstall Information
[25/12/2006|21:15] C:\Program Files\USBDisk
[17/08/2008|15:16] C:\Program Files\uTorrent
[18/08/2005|12:16] C:\Program Files\v6100
[21/01/2007|16:45] C:\Program Files\VideoLAN
[27/12/2007|22:11] C:\Program Files\Videora
[29/12/2007|22:38] C:\Program Files\WinAVI MP4 Converter
[09/08/2007|12:06] C:\Program Files\Windows Live
[10/07/2008|14:07] C:\Program Files\Windows Live Safety Center
[07/08/2005|22:45] C:\Program Files\Windows Media Components
[30/12/2006|22:07] C:\Program Files\Windows Media Connect 2
[30/12/2006|22:07] C:\Program Files\Windows Media Player
[19/11/2004|12:18] C:\Program Files\Windows NT
[19/11/2004|12:20] C:\Program Files\WindowsUpdate
[01/01/2008|15:27] C:\Program Files\WinRAR
[29/05/2008|09:53] C:\Program Files\WinSynchro
[11/08/2007|10:06] C:\Program Files\X-Cleaner
[19/11/2004|12:22] C:\Program Files\xerox
[22/11/2004|12:05] C:\Program Files\Yahoo HTML
[23/07/2008|12:59] C:\Program Files\Yahoo!
[22/11/2004|12:05] C:\Program Files\YahooMFU

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/07/2007|21:18] C:\Program Files\Fichiers communs\Adobe
[26/12/2007|19:27] C:\Program Files\Fichiers communs\Apple
[29/12/2007|11:38] C:\Program Files\Fichiers communs\AVSMedia
[24/01/2007|19:37] C:\Program Files\Fichiers communs\Borland Shared
[15/08/2007|18:24] C:\Program Files\Fichiers communs\Canon
[24/06/2005|10:26] C:\Program Files\Fichiers communs\DESIGNER
[27/08/2005|19:35] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[22/11/2004|11:58] C:\Program Files\Fichiers communs\InstallShield
[22/11/2004|11:55] C:\Program Files\Fichiers communs\Java
[30/12/2007|10:48] C:\Program Files\Fichiers communs\Logitech
[04/08/2008|10:47] C:\Program Files\Fichiers communs\Microsoft Shared
[06/08/2007|19:13] C:\Program Files\Fichiers communs\Motive
[19/11/2004|12:20] C:\Program Files\Fichiers communs\MSSoap
[09/08/2007|18:35] C:\Program Files\Fichiers communs\Nokia
[19/11/2004|13:14] C:\Program Files\Fichiers communs\ODBC
[09/08/2007|18:35] C:\Program Files\Fichiers communs\PCSuite
[19/11/2004|12:20] C:\Program Files\Fichiers communs\Services
[30/12/2007|11:52] C:\Program Files\Fichiers communs\Sony Shared
[19/11/2004|13:14] C:\Program Files\Fichiers communs\SpeechEngines
[20/05/2008|16:52] C:\Program Files\Fichiers communs\Symantec Shared
[24/06/2007|11:25] C:\Program Files\Fichiers communs\System
[22/05/2008|12:10] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/05/2008|17:27] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 57 Processus )

iexplore.exe ~ [PID:3488] ~ [Threads:16]
iexplore.exe ~ [PID:2136] ~ [Threads:35]
iexplore.exe ~ [PID:260] ~ [Threads:13]
iexplore.exe ~ [PID:1268] ~ [Threads:15]
iexplore.exe ~ [PID:3004] ~ [Threads:20]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\JEANPO~1\APPLIC~1\Ford Error Hide
C:\Program Files\Ford Error Hide
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Stupid Vc Soft Defy
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Stupid Vc Soft Defy\Flaw Show.exe
C:\DOCUME~1\JEANPO~1\APPLIC~1\forder~1
C:\Program Files\forder~1
C:\DOCUME~1\JEANPO~1\Cookies\jean_portable@advertising[2].txt
C:\DOCUME~1\JEANPO~1\Cookies\jean_portable@adopt.euroclick[2].txt
C:\WINDOWS\Tasks\A442EBD7918D69C3.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"soft defy soap wave"="C:\\Documents and Settings\\All Users\\Application Data\\Stupid Vc Soft Defy\\Flaw Show.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 14:52:49
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack
C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack\adobelm.dll
C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack\avc1kg.exe
C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack\lisezmoi.txt

C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack\tw10122.dat

[F:7][D:24]-> C:\DOCUME~1\JEANPO~1\LOCALS~1\Temp
[F:73][D:0]-> C:\DOCUME~1\JEANPO~1\Cookies
[F:1864][D:8]-> C:\DOCUME~1\JEANPO~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 14:53:55.96

Le 19 août à 14:58 #

désinstalle tout de suite le crack d'adobe que tu a il est infecté, ensuite poste les autres rapports !

Ajout du 19-08-2008 à 15:02:

Je suis étourdi moi,

=> Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)

- Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes. Relancer le Pc et tapoter la touche F8, jusqu’à l’apparition des inscriptions avec choix de démarrage

Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel

relance LopSD avec l'option 2 cette fois et poste le deuxième rapport

Le 19 août à 15:22 #

mais je l ai deja desinstaller a moins que celui ci soit bien caché.

je fais quoi ? alors

merci

ComboFix 08-08-18.04 - jean portable 2008-08-19 15:01:51.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.361 [GMT 2:00]
Endroit: C:\DOCUME~1\JEANPO~1\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Invité\Cookies\invité@www.pixmania[3].txt
C:\Documents and Settings\Invité\UserData
C:\Documents and Settings\Invité\UserData\index.dat
C:\Documents and Settings\Invité\UserData\JM0BZ5S5\oWindowsUpdate[1].xml
C:\Documents and Settings\jean portable\UserData
C:\Documents and Settings\jean portable\UserData\[u]0[/u]98TM7SP\sn[1].xml
C:\Documents and Settings\jean portable\UserData\index.dat
C:\WINDOWS\Downloaded Program Files\setup.inf

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-19 to 2008-08-19 ))))))))))))))))))))))))))))))))))))
.

2008-08-19 11:36 . 2008-08-19 11:36 <REP> d-------- C:\Program Files\Avira
2008-08-19 11:36 . 2008-08-19 11:36 <REP> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Avira
2008-08-18 18:52 . 2008-08-18 18:52 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\Grisoft
2008-08-18 18:52 . 2008-08-18 18:52 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\Grisoft
2008-08-18 18:52 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-08-18 18:11 . 2008-08-19 14:53 <REP> d-------- C:\Lop SD
2008-08-17 18:23 . 2008-08-18 18:57 <REP> d-------- C:\Program Files\Enigma Software Group
2008-08-17 17:39 . 2008-08-17 17:39 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-08-17 16:16 . 2008-08-17 16:16 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\Malwarebytes
2008-08-17 16:16 . 2008-08-17 16:16 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\Malwarebytes
2008-08-17 16:15 . 2008-08-17 16:16 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-17 16:15 . 2008-08-17 16:15 <REP> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Malwarebytes
2008-08-17 16:15 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-17 16:15 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-17 16:09 . 2008-08-17 16:09 71,788 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-08-17 15:16 . 2008-08-17 15:16 <REP> d-------- C:\Program Files\uTorrent
2008-08-17 15:16 . 2008-08-17 15:16 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\.wyzo
2008-08-17 15:16 . 2008-08-17 15:16 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\.wyzo
2008-08-17 15:07 . 2008-08-17 15:07 <REP> d-------- C:\Program Files\Ford Error Hide
2008-08-17 15:07 . 2008-08-19 11:59 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\Ford Error Hide
2008-08-17 15:07 . 2008-08-19 11:59 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\Ford Error Hide
2008-08-17 15:07 . 2008-08-17 15:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Stupid Vc Soft Defy
2008-08-17 15:01 . 2008-08-17 15:53 <REP> d-------- C:\Program Files\LimeWire
2008-08-16 18:03 . 2008-05-01 16:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-04 12:33 . 2008-08-04 12:39 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-08-03 15:34 . 2008-08-17 14:51 <REP> d-------- C:\Program Files\Club-Internet
2008-07-23 11:46 . 2008-07-23 11:46 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\Yahoo!
2008-07-23 11:46 . 2008-07-23 11:46 <REP> d-------- C:\DOCUME~1\JEANPO~1\Application Data\Yahoo!
2008-07-23 11:45 . 2008-07-23 11:45 <REP> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Yahoo!

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-19 12:23 --------- d-----w C:\Program Files\Trend Micro
2008-08-18 18:02 --------- d-----w C:\DOCUME~1\ALLUSE~1\Application Data\Google Updater
2008-08-18 17:00 --------- d-----w C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy
2008-08-18 16:22 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-17 18:42 --------- d---a-w C:\DOCUME~1\ALLUSE~1\Application Data\TEMP
2008-08-17 18:42 --------- d-----w C:\DOCUME~1\JEANPO~1\Application Data\PC Tools
2008-08-17 18:42 --------- d-----w C:\DOCUME~1\JEANPO~1\Application Data\PC Tools
2008-08-04 08:49 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-07-23 10:59 --------- d-----w C:\Program Files\Yahoo!
2008-07-22 18:32 32,000 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 17:08 36,368 ----a-w C:\WINDOWS\system32\drivers\tmpreflt.sys
2008-07-18 17:08 205,328 ----a-w C:\WINDOWS\system32\drivers\tmxpflt.sys
2008-07-18 16:51 1,195,448 ----a-w C:\WINDOWS\system32\drivers\VsapiNT.sys
2008-07-10 12:07 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-01 15:59 --------- d-----w C:\DOCUME~1\JEANPO~1\Application Data\iolo
2008-07-01 15:59 --------- d-----w C:\DOCUME~1\JEANPO~1\Application Data\iolo
2008-07-01 15:59 --------- d-----w C:\DOCUME~1\ALLUSE~1\Application Data\iolo
2008-07-01 15:58 --------- d-----w C:\Documents and Settings\LocalService\Application Data\iolo
2008-07-01 15:57 74,703 ----a-w C:\WINDOWS\system32\mfc45.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-05-20 14:52 4,032 ----a-w C:\WINDOWS\system32\SYMEVNT1.DLL
2008-05-20 14:52 36,864 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2008-05-19 15:29 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2005-08-27 17:35 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2005-08-13 23:39 0 ----a-w C:\DOCUME~1\JEANPO~1\Application Data\wklnhst.dat
2005-08-13 23:39 0 ----a-w C:\DOCUME~1\JEANPO~1\Application Data\wklnhst.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-20 12:54 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-11-05 14:05 5406720]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-10-08 01:31 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-10-08 01:27 126976]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2004-10-21 20:12 184320]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 15:12 32768]
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe" [2004-10-27 13:05 823361]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 13:27 222208]
"VAIO Update 3"="C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" [2007-01-25 20:41 546936]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-01-14 14:43 151552]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 10:50 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]
"soft defy soap wave"="C:\Documents and Settings\All Users\Application Data\Stupid Vc Soft Defy\Flaw Show.exe" [2008-08-19 15:12 3942912]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 17:15 1634304]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 03:23 443968]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-06-17 11:48 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 14:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify]
2002-02-15 10:51 24638 C:\WINDOWS\system32\PCANotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-09-23 16:24 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=rznkwa.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv50"= C:\WINDOWS\ir50_32.dll
"vidc.mpg2"= C:\WINDOWS\mpg4c32.dll
"vidc.mpg3"= C:\WINDOWS\mpg4c32.dll
"vidc.GEOX"= C:\WINDOWS\system32\GeoCodec.dll
"vidc.MJPG"= C:\WINDOWS\m3jpeg32.dll
"vidc.dmb1"= C:\WINDOWS\m3jpeg32.dll
"MSACM.CEGSM"= mobilev.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant d'Acrobat.lnk
backup=C:\WINDOWS\pss\Assistant d'Acrobat.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
--a------ 2003-11-07 10:21 114688 C:\Program Files\Apoint\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2008-06-17 11:48 1506544 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
--a------ 2006-03-30 17:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"C:\\Program Files\\SoundSpectrum\\G-Force\\G-Force Standalone.exe"=
"C:\\Program Files\\Sony\\VAIO Media 3.1\\Vc.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\Symantec\\pcAnywhere\\WINAW32.EXE"=
"C:\\Program Files\\Symantec\\pcAnywhere\\AWHOST32.EXE"=
"C:\\Program Files\\Symantec\\pcAnywhere\\awrem32.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

S1 lusbaudio;Logitech USB Microphone;C:\WINDOWS\system32\drivers\lvsound2.sys [2002-06-10 14:20]
S2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S2 ioloSystemService;iolo System Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys []
S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys []
S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNW.sys []
S3 QCEmerald;Logitech QuickCam Web(PID_0850);C:\WINDOWS\system32\DRIVERS\LVCE.sys [2002-06-10 14:20]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c9cc0b32-077d-11da-a928-000e35f0336d}]
\Shell\AutoRun\command - setupSNK.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

2008-06-05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-08-19 C:\WINDOWS\Tasks\SyncBack jean portable.job
- C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe [2006-10-30 16:16]

2008-08-18 C:\WINDOWS\Tasks\User_Feed_Synchronization-{A2D763F5-017A-4758-8710-7EDBD602014A}.job
- C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 12:58]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-workflow - F:\install\workflow.exe
HKLM-Run-StandardInstall - (no file)
Notify-opnmKArs - opnmKArs.dll
MSConfigStartUp-MSMSGS - C:\Program Files\Messenger\msmsgs.exe
MSConfigStartUp-Yahoo! Pager - C:\Program Files\Yahoo!\Messenger\ypager.exe

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\DOCUME~1\JEANPO~1\Application Data\Mozilla\Firefox\Profiles\kgh6loka.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.firesearch.com/
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 15:08:04
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-19 15:16:57 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-19 13:16:48

Pre-Run: 5,389,488,128 octets libres
Post-Run: 5,699,846,144 octets libres

247 --- E O F --- 2008-08-16 18:40:14

Ajout du 19-08-2008 à 15:30:

voici la suite

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:25:01, on 19/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\jean portable\Bureau\test.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vcl.vaio.sony.co.jp/eu/PforVAIO.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [soft defy soap wave] C:\Documents and Settings\All Users\Application Data\Stupid Vc Soft Defy\Flaw Show.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/16.27/uploader2.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1118041202593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132863443500
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O20 - AppInit_DLLs: rznkwa.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 13448 bytes

Ajout du 19-08-2008 à 15:41:

ci joint le dernier rapport

merci

--------------------\\ Lop S&D 4.2.3-0 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : jean portable ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 19/08/2008 | 15:33:09 ] [ PC : PORTABLEJEAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Stupid Vc Soft Defy\Flaw Show.exe
Supprime! - C:\DOCUME~1\JEANPO~1\Cookies\jean_portable@advertising[2].txt
Supprime! - C:\WINDOWS\Tasks\A442EBD7918D69C3.job
Supprime! - C:\DOCUME~1\JEANPO~1\APPLIC~1\Ford Error Hide
Supprime! - C:\Program Files\Ford Error Hide
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Stupid Vc Soft Defy

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[17/12/2006|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/12/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/12/2007|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[19/08/2008|11:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[28/12/2007|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[19/11/2004|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[24/04/2007|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[20/05/2008|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/08/2008|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[28/12/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[30/12/2007|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[01/07/2008|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
[19/05/2008|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[17/08/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06/06/2008|09:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/08/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[06/08/2007|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[09/08/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[09/01/2007|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[29/12/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[22/11/2004|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[16/05/2008|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[12/09/2007|06:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[18/08/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/01/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[07/08/2005|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[17/08/2008|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[14/12/2004|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VAIO Media Platform
[08/08/2005|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[09/08/2007|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[22/05/2008|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[23/07/2008|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[15/08/2007|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

[14/12/2004|11:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[19/11/2004|13:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/11/2004|12:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/11/2004|12:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[09/08/2007|12:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[14/12/2004|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sony Corporation
[22/11/2004|12:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[17/03/2008|19:35] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
[04/08/2008|15:49] C:\DOCUME~1\INVIT~1\APPLIC~1\Apple Computer
[19/11/2004|13:14] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[04/12/2007|21:42] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[19/11/2004|12:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[28/10/2005|17:41] C:\DOCUME~1\INVIT~1\APPLIC~1\InstallShield
[22/07/2005|16:03] C:\DOCUME~1\INVIT~1\APPLIC~1\Leadertech
[22/11/2004|12:05] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[15/10/2005|17:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[29/07/2005|10:49] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft Excel.TSK
[11/08/2005|01:47] C:\DOCUME~1\INVIT~1\APPLIC~1\PC Suite
[04/11/2006|00:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Sonic
[06/06/2005|10:00] C:\DOCUME~1\INVIT~1\APPLIC~1\Sony Corporation
[24/12/2005|16:45] C:\DOCUME~1\INVIT~1\APPLIC~1\Sun
[22/11/2004|12:01] C:\DOCUME~1\INVIT~1\APPLIC~1\Symantec

[17/08/2008|15:16] C:\DOCUME~1\JEANPO~1\APPLIC~1\.wyzo
[02/03/2008|14:52] C:\DOCUME~1\JEANPO~1\APPLIC~1\Adobe
[09/08/2007|11:46] C:\DOCUME~1\JEANPO~1\APPLIC~1\AdobeUM
[05/06/2008|23:10] C:\DOCUME~1\JEANPO~1\APPLIC~1\Apple Computer
[28/12/2007|12:38] C:\DOCUME~1\JEANPO~1\APPLIC~1\AVS4YOU
[16/08/2005|12:21] C:\DOCUME~1\JEANPO~1\APPLIC~1\DataLayer
[19/11/2004|13:14] C:\DOCUME~1\JEANPO~1\APPLIC~1\desktop.ini
[29/05/2008|11:02] C:\DOCUME~1\JEANPO~1\APPLIC~1\DivX
[18/02/2006|00:41] C:\DOCUME~1\JEANPO~1\APPLIC~1\Google
[18/08/2008|18:52] C:\DOCUME~1\JEANPO~1\APPLIC~1\Grisoft
[19/11/2004|12:22] C:\DOCUME~1\JEANPO~1\APPLIC~1\Identities
[30/12/2007|14:15] C:\DOCUME~1\JEANPO~1\APPLIC~1\InterVideo
[01/07/2008|17:59] C:\DOCUME~1\JEANPO~1\APPLIC~1\iolo
[19/05/2008|17:27] C:\DOCUME~1\JEANPO~1\APPLIC~1\Lavasoft
[04/06/2005|00:43] C:\DOCUME~1\JEANPO~1\APPLIC~1\Leadertech
[22/11/2004|12:05] C:\DOCUME~1\JEANPO~1\APPLIC~1\Macromedia
[17/08/2008|16:16] C:\DOCUME~1\JEANPO~1\APPLIC~1\Malwarebytes
[31/12/2006|01:10] C:\DOCUME~1\JEANPO~1\APPLIC~1\Media Player Classic
[23/12/2006|18:53] C:\DOCUME~1\JEANPO~1\APPLIC~1\Micro Application
[17/08/2008|15:16] C:\DOCUME~1\JEANPO~1\APPLIC~1\Microsoft
[21/01/2007|15:45] C:\DOCUME~1\JEANPO~1\APPLIC~1\Mozilla
[16/08/2006|09:06] C:\DOCUME~1\JEANPO~1\APPLIC~1\MSNInstaller
[09/08/2007|18:44] C:\DOCUME~1\JEANPO~1\APPLIC~1\NMM-MetaData.db
[09/08/2007|18:38] C:\DOCUME~1\JEANPO~1\APPLIC~1\Nokia
[09/08/2007|23:15] C:\DOCUME~1\JEANPO~1\APPLIC~1\Nokia Multimedia Player
[09/08/2007|18:37] C:\DOCUME~1\JEANPO~1\APPLIC~1\PC Suite
[17/08/2008|20:42] C:\DOCUME~1\JEANPO~1\APPLIC~1\PC Tools
[09/01/2007|20:39] C:\DOCUME~1\JEANPO~1\APPLIC~1\Simply Super Software
[04/06/2005|00:44] C:\DOCUME~1\JEANPO~1\APPLIC~1\Sonic
[12/09/2007|04:56] C:\DOCUME~1\JEANPO~1\APPLIC~1\Sony Corporation
[30/12/2006|23:22] C:\DOCUME~1\JEANPO~1\APPLIC~1\SoundSpectrum
[20/06/2005|19:44] C:\DOCUME~1\JEANPO~1\APPLIC~1\Sun
[01/01/2008|16:13] C:\DOCUME~1\JEANPO~1\APPLIC~1\SUPERAntiSpyware.com
[30/12/2007|10:52] C:\DOCUME~1\JEANPO~1\APPLIC~1\Symantec
[28/05/2008|18:14] C:\DOCUME~1\JEANPO~1\APPLIC~1\T.Aragon
[14/08/2005|01:39] C:\DOCUME~1\JEANPO~1\APPLIC~1\Template
[21/01/2007|16:46] C:\DOCUME~1\JEANPO~1\APPLIC~1\vlc
[27/12/2007|23:00] C:\DOCUME~1\JEANPO~1\APPLIC~1\WinRAR
[14/08/2005|01:39] C:\DOCUME~1\JEANPO~1\APPLIC~1\wklnhst.dat
[23/07/2008|11:46] C:\DOCUME~1\JEANPO~1\APPLIC~1\Yahoo!
[04/06/2005|09:57] C:\DOCUME~1\JEANPO~1\APPLIC~1\Yahoo! Messenger
[03/11/2006|12:23] C:\DOCUME~1\JEANPO~1\APPLIC~1\ZoneCoquineWebcamPrefs
[15/08/2007|18:35] C:\DOCUME~1\JEANPO~1\APPLIC~1\ZoomBrowser EX

[03/03/2008|11:55] C:\DOCUME~1\LAETIT~1\APPLIC~1\Adobe
[19/11/2004|13:14] C:\DOCUME~1\LAETIT~1\APPLIC~1\desktop.ini
[19/11/2004|12:22] C:\DOCUME~1\LAETIT~1\APPLIC~1\Identities
[22/11/2004|12:05] C:\DOCUME~1\LAETIT~1\APPLIC~1\Macromedia
[25/02/2008|10:29] C:\DOCUME~1\LAETIT~1\APPLIC~1\Microsoft
[25/02/2008|10:29] C:\DOCUME~1\LAETIT~1\APPLIC~1\PC Suite
[25/02/2008|10:35] C:\DOCUME~1\LAETIT~1\APPLIC~1\Sony Corporation
[25/02/2008|10:37] C:\DOCUME~1\LAETIT~1\APPLIC~1\SUPERAntiSpyware.com
[22/11/2004|12:01] C:\DOCUME~1\LAETIT~1\APPLIC~1\Symantec

[01/07/2008|17:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\iolo
[30/12/2006|22:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/10/2005|21:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sony Corporation

[30/12/2007|19:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
[19/11/2004|12:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[05/06/2008 23:05][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[19/08/2008 12:52][--a------] C:\WINDOWS\tasks\SyncBack jean portable.job
[18/08/2008 17:50][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{A2D763F5-017A-4758-8710-7EDBD602014A}.job
[19/08/2008 15:07][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[21/02/2007|19:28] C:\Program Files\2BrightSparks
[11/07/2007|21:43] C:\Program Files\Acro Software
[30/12/2007|10:37] C:\Program Files\Adobe
[29/12/2007|17:44] C:\Program Files\Apoint
[05/06/2008|23:08] C:\Program Files\Apple Software Update
[01/01/2008|15:41] C:\Program Files\a-squared Free
[17/12/2006|19:15] C:\Program Files\AvantGo Connect
[19/08/2008|11:36] C:\Program Files\Avira
[27/12/2007|23:37] C:\Program Files\AviSynth 2.5
[29/12/2007|11:39] C:\Program Files\AVS4YOU
[11/01/2007|21:52] C:\Program Files\BHO Plugin
[20/05/2008|17:23] C:\Program Files\Borland
[15/08/2007|18:25] C:\Program Files\Canon
[17/08/2008|14:51] C:\Program Files\Club-Internet
[06/08/2007|19:13] C:\Program Files\Common Files
[19/11/2004|12:19] C:\Program Files\ComPlus Applications
[19/11/2004|13:53] C:\Program Files\CONEXANT
[27/09/2007|12:12] C:\Program Files\Convar
[09/08/2007|18:34] C:\Program Files\DIFX
[29/05/2008|11:03] C:\Program Files\DivX
[30/12/2007|10:49] C:\Program Files\eBay
[18/08/2008|18:57] C:\Program Files\Enigma Software Group
[19/08/2008|15:03] C:\Program Files\Fichiers communs
[22/11/2004|12:04] C:\Program Files\FlashPlayer
[19/05/2008|16:18] C:\Program Files\Free Internet Window Washer
[25/11/2007|13:05] C:\Program Files\G-FORCE GOLD-PLATINIUM WINDOWS MEDIAPLAYER PLUGIN
[20/05/2008|12:55] C:\Program Files\Google
[11/07/2007|21:44] C:\Program Files\GPLGS
[18/08/2008|18:51] C:\Program Files\Grisoft
[30/04/2008|11:35] C:\Program Files\Hp
[01/01/2008|15:57] C:\Program Files\InstallShield Installation Information
[19/11/2004|13:46] C:\Program Files\Intel
[16/08/2008|20:36] C:\Program Files\Internet Explorer
[30/12/2007|14:03] C:\Program Files\InterVideo
[27/08/2005|19:35] C:\Program Files\Inventel
[05/06/2008|23:03] C:\Program Files\iPod
[05/06/2008|23:03] C:\Program Files\iTunes
[19/05/2008|10:47] C:\Program Files\Java
[31/12/2006|01:09] C:\Program Files\K-Lite Codec Pack
[29/04/2008|10:55] C:\Program Files\Lavalys
[19/05/2008|17:28] C:\Program Files\Lavasoft
[17/08/2008|15:53] C:\Program Files\LimeWire
[07/08/2005|22:42] C:\Program Files\Logitech
[17/08/2008|16:16] C:\Program Files\Malwarebytes' Anti-Malware
[27/09/2007|17:54] C:\Program Files\Messenger
[04/08/2008|10:49] C:\Program Files\Microsoft ActiveSync
[24/06/2007|11:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/11/2004|12:22] C:\Program Files\microsoft frontpage
[11/06/2008|11:20] C:\Program Files\Microsoft MapPoint Europe
[30/12/2007|10:42] C:\Program Files\Microsoft Office
[24/06/2005|10:25] C:\Program Files\Microsoft Visual Studio
[06/06/2008|09:55] C:\Program Files\Microsoft Works
[24/06/2005|10:27] C:\Program Files\Microsoft.NET
[07/08/2007|23:32] C:\Program Files\MoodLogic
[14/12/2004|11:16] C:\Program Files\Moodlogic HTML
[19/11/2004|12:20] C:\Program Files\Movie Maker
[30/12/2007|10:43] C:\Program Files\Mozilla Firefox
[25/12/2006|21:16] C:\Program Files\MP3 Player Utilities 3.67
[16/08/2005|13:27] C:\Program Files\mp3DirectCut
[08/08/2007|00:42] C:\Program Files\MSN
[19/11/2004|12:18] C:\Program Files\MSN Gaming Zone
[18/10/2006|15:05] C:\Program Files\MSXML 4.0
[17/12/2006|19:16] C:\Program Files\Navman
[19/11/2004|12:20] C:\Program Files\NetMeeting
[09/08/2007|18:35] C:\Program Files\Nokia
[18/10/2005|21:52] C:\Program Files\OfficeUpdate11
[19/11/2004|12:18] C:\Program Files\Online Services
[24/06/2007|11:25] C:\Program Files\Outlook Express
[30/12/2007|10:46] C:\Program Files\Panda Security
[29/12/2007|18:04] C:\Program Files\PC Connectivity Solution
[27/09/2007|11:49] C:\Program Files\PC Inspector File Recovery
[09/01/2007|18:04] C:\Program Files\PC Tools AntiVirus
[20/05/2008|14:27] C:\Program Files\Picasa2
[28/12/2007|12:34] C:\Program Files\pspvideo9
[05/06/2008|23:01] C:\Program Files\QuickTime
[18/08/2005|13:04] C:\Program Files\Raccourcis de programmes
[19/11/2004|13:59] C:\Program Files\Realtek
[27/12/2007|22:07] C:\Program Files\Red Kawa
[17/08/2008|17:39] C:\Program Files\RogueRemover FREE
[05/06/2008|22:48] C:\Program Files\Safari
[19/11/2004|12:20] C:\Program Files\Services en ligne
[28/05/2008|18:10] C:\Program Files\Smart PC Solutions
[14/12/2004|11:14] C:\Program Files\Sonic
[30/12/2007|11:53] C:\Program Files\Sony
[30/12/2006|23:19] C:\Program Files\SoundSpectrum
[18/08/2008|18:22] C:\Program Files\Spybot - Search & Destroy
[17/06/2008|11:48] C:\Program Files\SUPERAntiSpyware
[20/05/2008|16:52] C:\Program Files\Symantec
[19/08/2008|14:23] C:\Program Files\Trend Micro
[19/11/2004|12:25] C:\Program Files\Uninstall Information
[25/12/2006|21:15] C:\Program Files\USBDisk
[17/08/2008|15:16] C:\Program Files\uTorrent
[18/08/2005|12:16] C:\Program Files\v6100
[21/01/2007|16:45] C:\Program Files\VideoLAN
[27/12/2007|22:11] C:\Program Files\Videora
[29/12/2007|22:38] C:\Program Files\WinAVI MP4 Converter
[09/08/2007|12:06] C:\Program Files\Windows Live
[10/07/2008|14:07] C:\Program Files\Windows Live Safety Center
[07/08/2005|22:45] C:\Program Files\Windows Media Components
[30/12/2006|22:07] C:\Program Files\Windows Media Connect 2
[30/12/2006|22:07] C:\Program Files\Windows Media Player
[19/11/2004|12:18] C:\Program Files\Windows NT
[19/11/2004|12:20] C:\Program Files\WindowsUpdate
[01/01/2008|15:27] C:\Program Files\WinRAR
[29/05/2008|09:53] C:\Program Files\WinSynchro
[11/08/2007|10:06] C:\Program Files\X-Cleaner
[19/11/2004|12:22] C:\Program Files\xerox
[22/11/2004|12:05] C:\Program Files\Yahoo HTML
[23/07/2008|12:59] C:\Program Files\Yahoo!
[22/11/2004|12:05] C:\Program Files\YahooMFU

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/07/2007|21:18] C:\Program Files\Fichiers communs\Adobe
[26/12/2007|19:27] C:\Program Files\Fichiers communs\Apple
[29/12/2007|11:38] C:\Program Files\Fichiers communs\AVSMedia
[24/01/2007|19:37] C:\Program Files\Fichiers communs\Borland Shared
[15/08/2007|18:24] C:\Program Files\Fichiers communs\Canon
[24/06/2005|10:26] C:\Program Files\Fichiers communs\DESIGNER
[27/08/2005|19:35] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[22/11/2004|11:58] C:\Program Files\Fichiers communs\InstallShield
[22/11/2004|11:55] C:\Program Files\Fichiers communs\Java
[30/12/2007|10:48] C:\Program Files\Fichiers communs\Logitech
[04/08/2008|10:47] C:\Program Files\Fichiers communs\Microsoft Shared
[06/08/2007|19:13] C:\Program Files\Fichiers communs\Motive
[19/11/2004|12:20] C:\Program Files\Fichiers communs\MSSoap
[09/08/2007|18:35] C:\Program Files\Fichiers communs\Nokia
[19/11/2004|13:14] C:\Program Files\Fichiers communs\ODBC
[09/08/2007|18:35] C:\Program Files\Fichiers communs\PCSuite
[19/11/2004|12:20] C:\Program Files\Fichiers communs\Services
[30/12/2007|11:52] C:\Program Files\Fichiers communs\Sony Shared
[19/11/2004|13:14] C:\Program Files\Fichiers communs\SpeechEngines
[20/05/2008|16:52] C:\Program Files\Fichiers communs\Symantec Shared
[24/06/2007|11:25] C:\Program Files\Fichiers communs\System
[22/05/2008|12:10] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/05/2008|17:27] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 53 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\JEANPO~1\Cookies\jean_portable@adopt.euroclick[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 15:34:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack
C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack\adobelm.dll
C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack\avc1kg.exe
C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack\lisezmoi.txt
C:\DOCUME~1\JEANPO~1\Bureau\adobe\NEW (F)\Crack\tw10122.dat

[F:1][D:1]-> C:\DOCUME~1\JEANPO~1\LOCALS~1\Temp
[F:74][D:0]-> C:\DOCUME~1\JEANPO~1\Cookies
[F:401][D:4]-> C:\DOCUME~1\JEANPO~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 15:35:22.78

Le 19 août à 15:55 #

Ouvre le poste de travail ==> outils ==> options des dossiers ==> affichage ==> coche afficher le fichiers et les dossier cachés

ensuite cherche et supprime ce fichier

C:\DOCUME~1\JEANPO~1\Bureau\adobe

ensuite

++

Télécharger sur le bureau Malwarebyte's Anti-Malware

=> double-clic sur mbam-setup pour lancer l'installation

=> Installer simplement sans rien modifier

=> Quand le programme lancé ==> onglet Mise à jour cliquer sur => Recherche de mise à jour

Onglet Recherche => cocher Exécuter un examen complet

=> Clic Rechercher

=> Eventuellement décocher les disque à ne pas analyser

=> Clic Lancer l'examen

=> En fin de scan , si infection trouvée

==> Clic Afficher résultat

=> Fermer vos applications en cours

=> Vérifier si tout est coché et clic Supprimer la sélection

=> un rapport s'ouvre le copier et le coller dans la réponse

++++++

nouveau hijackthis

Le 19 août à 18:53 #

ci joint les rapports merci

Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1062
Windows 5.1.2600 Service Pack 2

18:45:12 19/08/2008
mbam-log-08-19-2008 (18-45-00).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 136319
Temps écoulé: 1 hour(s), 18 minute(s), 32 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\NetworkService\Cookies\bumo.reg (Fake.Dropped.Malware) -> No action taken.
C:\Documents and Settings\NetworkService\Cookies\jababug.inf (Fake.Dropped.Malware) -> No action taken.
C:\Documents and Settings\NetworkService\Cookies\uwux.exe (Fake.Dropped.Malware) -> No action taken.
C:\Documents and Settings\NetworkService\Cookies\jiceji._sy (Fake.Dropped.Malware) -> No action taken.
C:\Documents and Settings\NetworkService\Cookies\esycire._dl (Fake.Dropped.Malware) -> No action taken.
C:\Documents and Settings\NetworkService\Cookies\syssp.exe (Fake.Dropped.Malware) -> No action taken.

rapport hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:49:45, on 19/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vcl.vaio.sony.co.jp/eu/PforVAIO.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/16.27/uploader2.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1118041202593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132863443500
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O20 - AppInit_DLLs: rznkwa.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fi

fenetre pup trojan et cid pc infecté

Participer! →

jeannot69 →

Le 19 août à 14:37 #

kasper →

Le 19 août à 14:49 #

jeannot69 →

Le 19 août à 14:56 #

kasper →

Le 19 août à 14:58 #

jeannot69 →

Le 19 août à 15:22 #

kasper →

Le 19 août à 15:55 #

jeannot69 →

Le 19 août à 18:53 #