Se connecter / S'enregistrer
Votre question

Pb IEXPLORE.EXE

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
12 Janvier 2008 22:11:16

Bonjour,

A mon tour, j'ai de sérieux problèmes avec mon PC qui rame.
J'ai notamment le processus IEXPLORE.EXE qui se lance au démarrage et se relance même si le processus est tué.

Ci-après le rapport HijackThis que je viens d'éditer.

Merci d'avance de votre aide.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:09:26, on 12/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RunDll32.exe
D:\Program Files\NavNT\vptray.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\WINDOWS\system32\ElkCtrl.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware

7.5\guard.exe
D:\Program Files\NavNT\defwatch.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\NavNT\rtvscan.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\taskmgr.exe
D:\WINDOWS\system32\MsgSys.EXE
D:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
D:\PROGRA~1\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Documents and Settings\tcsao\Desktop\Ménache

PC\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program

Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no

file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no

file)
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program

files\google\googletoolbar3.dll
O2 - BHO: (no name) - {ECA7CCE3-1432-75EF-74B0-567E373A6BA1} - (no

file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} -

(no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

d:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE

D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common

Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program

Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program

Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [regs mfcd]

D:\DOCUME~1\tcsao\APPLIC~1\STOPBI~1\Surf chin cast.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]

D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]

D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Add animation to IncrediMail Style

Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to AMV Convert Tool... -

D:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel -

res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file

- D:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O8 - Extra context menu item: Open PDF in Word - res://D:\Program

Files\ScanSoft\PDF Converter\IEShellExt.dll /100
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program

Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program

Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack -

{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack

(aspi)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack -

{36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack

(aspi)\WinHTTrackIEBar.dll
O9 - Extra button: Recherche -

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -

D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program

Files\Messenger\msmsgs.exe
O12 - Plugin for .csm: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: D:\Program Files\Internet

Explorer\Plugins\npchime.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -

http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags

Class) -

http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -

http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -

http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}

(MessengerStatsClient Class) -

http://messenger.zone.msn.com/binary/MessengerStatsClie...

ab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}

(MessengerStatsClient Class) -

http://messenger.zone.msn.com/binary/MessengerStatsPACl...

.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -

http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire

Showdown Class) -

http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Filter hijack: text/html -

{2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -

D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware

7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - D:\Program

Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation - D:\Program Files\Common

Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -

D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt

Software - D:\Program Files\Sunbelt Software\Personal

Firewall\kpf4ss.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. -

d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program

Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) -

Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA

Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - D:\Program

Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -

D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation

- D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 9498 bytes


Autres pages sur : iexplore exe

a b 8 Sécurité
13 Janvier 2008 11:56:18

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    13 Janvier 2008 20:02:50

    Voici le rapport :


    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "D:\Program Files\Lop SD"

    [ 13/01/2008 | 19:47:59,84 ] [ TCSAO-54EF74060 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    D:\Documents and Settings\All Users\APPLIC~1\Grisoft
    D:\Documents and Settings\All Users\APPLIC~1\burn spam ping upload
    D:\Documents and Settings\All Users\APPLIC~1\ISx12.tmp
    D:\Documents and Settings\All Users\APPLIC~1\Microsoft Games
    D:\Documents and Settings\All Users\APPLIC~1\ISx16A.tmp
    D:\Documents and Settings\All Users\APPLIC~1\HotSync
    D:\Documents and Settings\All Users\APPLIC~1\WLInstaller
    D:\Documents and Settings\All Users\APPLIC~1\xnwfyhdk.mld
    D:\Documents and Settings\All Users\APPLIC~1\Adobe
    D:\Documents and Settings\All Users\APPLIC~1\TEMP
    D:\Documents and Settings\All Users\APPLIC~1\Google
    D:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    D:\Documents and Settings\All Users\APPLIC~1\AceBIT
    D:\Documents and Settings\All Users\APPLIC~1\Skype
    D:\Documents and Settings\All Users\APPLIC~1\Sony Corporation
    D:\Documents and Settings\All Users\APPLIC~1\Microsoft
    D:\Documents and Settings\All Users\APPLIC~1\Kodak
    D:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    D:\Documents and Settings\All Users\APPLIC~1\QuickTime
    D:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    D:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
    D:\Documents and Settings\All Users\APPLIC~1\Symantec
    D:\Documents and Settings\All Users\APPLIC~1\desktop.ini

    D:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    D:\Documents and Settings\Default User\APPLIC~1\Microsoft

    D:\Documents and Settings\LocalService\APPLIC~1\Help
    D:\Documents and Settings\LocalService\APPLIC~1\Microsoft
    D:\Documents and Settings\LocalService\APPLIC~1\Mozilla
    D:\Documents and Settings\LocalService\APPLIC~1\Talkback

    D:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

    D:\Documents and Settings\tcsao\APPLIC~1\Grisoft
    D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB
    D:\Documents and Settings\tcsao\APPLIC~1\Microsoft Games
    D:\Documents and Settings\tcsao\APPLIC~1\HotSync
    D:\Documents and Settings\tcsao\APPLIC~1\Microsoft
    D:\Documents and Settings\tcsao\APPLIC~1\OpenOffice.org2
    D:\Documents and Settings\tcsao\APPLIC~1\Adobe
    D:\Documents and Settings\tcsao\APPLIC~1\Wormux
    D:\Documents and Settings\tcsao\APPLIC~1\DivX
    D:\Documents and Settings\tcsao\APPLIC~1\tunebite
    D:\Documents and Settings\tcsao\APPLIC~1\Help
    D:\Documents and Settings\tcsao\APPLIC~1\Skype
    D:\Documents and Settings\tcsao\APPLIC~1\AdobeUM
    D:\Documents and Settings\tcsao\APPLIC~1\Simple Sudoku
    D:\Documents and Settings\tcsao\APPLIC~1\Google
    D:\Documents and Settings\tcsao\APPLIC~1\U3
    D:\Documents and Settings\tcsao\APPLIC~1\Opera
    D:\Documents and Settings\tcsao\APPLIC~1\AceBIT
    D:\Documents and Settings\tcsao\APPLIC~1\Nvu
    D:\Documents and Settings\tcsao\APPLIC~1\vlc
    D:\Documents and Settings\tcsao\APPLIC~1\Sony Corporation
    D:\Documents and Settings\tcsao\APPLIC~1\Creative
    D:\Documents and Settings\tcsao\APPLIC~1\AdobeAUM
    D:\Documents and Settings\tcsao\APPLIC~1\Mozilla
    D:\Documents and Settings\tcsao\APPLIC~1\Macromedia
    D:\Documents and Settings\tcsao\APPLIC~1\Azureus
    D:\Documents and Settings\tcsao\APPLIC~1\Mini
    D:\Documents and Settings\tcsao\APPLIC~1\NASA
    D:\Documents and Settings\tcsao\APPLIC~1\Apple Computer
    D:\Documents and Settings\tcsao\APPLIC~1\1st Free Solitaire
    D:\Documents and Settings\tcsao\APPLIC~1\123 Free Solitaire
    D:\Documents and Settings\tcsao\APPLIC~1\MSNInstaller
    D:\Documents and Settings\tcsao\APPLIC~1\Leadertech
    D:\Documents and Settings\tcsao\APPLIC~1\Real
    D:\Documents and Settings\tcsao\APPLIC~1\Sun
    D:\Documents and Settings\tcsao\APPLIC~1\Lavasoft
    D:\Documents and Settings\tcsao\APPLIC~1\Thunderbird
    D:\Documents and Settings\tcsao\APPLIC~1\Talkback
    D:\Documents and Settings\tcsao\APPLIC~1\desktop.ini
    D:\Documents and Settings\tcsao\APPLIC~1\Identities

    ----------------[ Tâches planifiées dans D:\WINDOWS\tasks ]---------------

    [13/01/2008 19:00][--ah-----]D:\WINDOWS\tasks\A71673389189E74C.job
    [13/01/2008 12:32][--ah-----]D:\WINDOWS\tasks\SA.DAT
    [23/08/2001 13:00][-r-h-----]D:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans D:\Program Files ]--------------

    D:\Program Files\123 Free Solitaire
    D:\Program Files\1st Free Solitaire
    D:\Program Files\ABBYY PDF Transformer 2.0
    D:\Program Files\Access_Control
    D:\Program Files\Adobe
    D:\Program Files\AF Cam
    D:\Program Files\AtomixMP3
    D:\Program Files\AV Music Morpher
    D:\Program Files\Azureus
    D:\Program Files\CDBurnerXP Pro 3
    D:\Program Files\CDDC-Sudoku
    D:\Program Files\CDex_150
    D:\Program Files\Celestia
    D:\Program Files\Circle Developement
    D:\Program Files\Common Files
    D:\Program Files\ComPlus Applications
    D:\Program Files\Creative
    D:\Program Files\DivX
    D:\Program Files\eMule
    D:\Program Files\Finale NotePad 2004
    D:\Program Files\Free Audio Pack
    D:\Program Files\Frozen-Bubble
    D:\Program Files\GEONExT
    D:\Program Files\Google
    D:\Program Files\Heart Of Darkness
    D:\Program Files\Illustrate
    D:\Program Files\IncrediMail
    D:\Program Files\Internet Explorer
    D:\Program Files\iPod
    D:\Program Files\iTunes
    D:\Program Files\IZArc
    D:\Program Files\Java
    D:\Program Files\Kazaa
    D:\Program Files\Kerio
    D:\Program Files\Kodak
    D:\Program Files\Lavasoft
    D:\Program Files\Logitech
    D:\Program Files\Lop SD
    D:\Program Files\Messenger
    D:\Program Files\Messenger Plus! Live
    D:\Program Files\MessengerPlus! 3
    D:\Program Files\Microsoft CAPICOM 2.1.0.2
    D:\Program Files\microsoft frontpage
    D:\Program Files\Microsoft FrontPage Express
    D:\Program Files\Microsoft Office
    D:\Program Files\Microsoft Visual Studio
    D:\Program Files\Microsoft Works
    D:\Program Files\Microsoft.NET
    D:\Program Files\MixSense
    D:\Program Files\MixVibes5
    D:\Program Files\MixVibesFREE5
    D:\Program Files\MixVibesPro5
    D:\Program Files\MobeeSoft
    D:\Program Files\Motherboard Monitor 5
    D:\Program Files\Movie Maker
    D:\Program Files\Mozart2005
    D:\Program Files\Mozilla Firefox
    D:\Program Files\Mozilla Thunderbird
    D:\Program Files\mozilla.org
    D:\Program Files\MP3 Player Utilities
    D:\Program Files\MP3 Player Utilities 3.13
    D:\Program Files\MP3 Player Utilities 3.75
    D:\Program Files\mp3DirectCut
    D:\Program Files\MSN
    D:\Program Files\MSN Gaming Zone
    D:\Program Files\MSN Messenger
    D:\Program Files\MSXML 4.0
    D:\Program Files\NASA
    D:\Program Files\Native Instruments
    D:\Program Files\Navilog1
    D:\Program Files\NavNT
    D:\Program Files\NCH Software
    D:\Program Files\NetMeeting
    D:\Program Files\netpass
    D:\Program Files\Nvu
    D:\Program Files\Objective Tarot
    D:\Program Files\Online Services
    D:\Program Files\OpenEuclide
    D:\Program Files\OpenOffice.org 1.9.113
    D:\Program Files\Opera
    D:\Program Files\Orange
    D:\Program Files\Outlook Express
    D:\Program Files\Palm
    D:\Program Files\Pappocom
    D:\Program Files\Paragon Software
    D:\Program Files\Parallel Tasking
    D:\Program Files\PowerArchiver
    D:\Program Files\PowerQuest
    D:\Program Files\PTDD Group
    D:\Program Files\QuickTime
    D:\Program Files\RadioTracker
    D:\Program Files\Ratajik Software
    D:\Program Files\Real
    D:\Program Files\Ruud
    D:\Program Files\ScanSoft
    D:\Program Files\SCHNEIDER ELECTRIC
    D:\Program Files\Simple Sudoku
    D:\Program Files\SiSLan
    D:\Program Files\Skype
    D:\Program Files\Smart Projects
    D:\Program Files\Sony
    D:\Program Files\SpeedFan
    D:\Program Files\SplashData
    D:\Program Files\StationRipper
    D:\Program Files\STOP BIB
    D:\Program Files\subduction
    D:\Program Files\Sudoku
    D:\Program Files\Sunbelt Software
    D:\Program Files\Surface Facile version d'‚valuation
    D:\Program Files\Symantec
    D:\Program Files\Technodev
    D:\Program Files\tunebite
    D:\Program Files\uree
    D:\Program Files\VideoLAN
    D:\Program Files\VIH1
    D:\Program Files\VirtualDJ
    D:\Program Files\Visicom Media
    D:\Program Files\Win TV Pro Free
    D:\Program Files\Windows Live
    D:\Program Files\Windows Media Player
    D:\Program Files\Windows NT
    D:\Program Files\WinHTTrack (aspi)
    D:\Program Files\WinRAR
    D:\Program Files\WinZip
    D:\Program Files\Wormux 0.7
    D:\Program Files\xerox
    D:\Program Files\Xolox
    D:\Program Files\Yahoo!

    ------[ Listing des dossiers dans D:\Program Files\Common Files ]------

    D:\Program Files\Common Files\Adobe
    D:\Program Files\Common Files\DESIGNER
    D:\Program Files\Common Files\InstallShield
    D:\Program Files\Common Files\Java
    D:\Program Files\Common Files\Logitech
    D:\Program Files\Common Files\Microsoft Shared
    D:\Program Files\Common Files\MimarSinan
    D:\Program Files\Common Files\MSSoap
    D:\Program Files\Common Files\ODBC
    D:\Program Files\Common Files\Real
    D:\Program Files\Common Files\Services
    D:\Program Files\Common Files\Sony Shared
    D:\Program Files\Common Files\SpeechEngines
    D:\Program Files\Common Files\SWF Studio
    D:\Program Files\Common Files\Symantec Shared
    D:\Program Files\Common Files\System
    D:\Program Files\Common Files\WhenU
    D:\Program Files\Common Files\xing shared
    D:\Program Files\Common Files\zoqw

    ----------------------[ Recherche avec S_Lop ]---------------------

    D:\Documents and Settings\All Users\APPLIC~1\Kodak\EasyShareSetup\$SETUP_9_2cd52\Setup.exe
    D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB\ieytsjfl.exe
    D:\Documents and Settings\All Users\APPLIC~1\Kodak
    D:\Program Files\Kodak
    D:\Documents and Settings\tcsao\APPLIC~1\STOPBI~1
    D:\Program Files\STOPBI~1
    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    D:\WINDOWS\Tasks\A71673389189E74C.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "regs mfcd"="D:\\DOCUME~1\\tcsao\\APPLIC~1\\STOPBI~1\\Surf chin cast.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-13 19:52:13
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    --------------------[ Fin du rapport a 19:52:25,14 ]----------------------
    Contenus similaires
    a b 8 Sécurité
    13 Janvier 2008 20:27:07

    Tu as installé un programme lié à Kodak ?
    14 Janvier 2008 19:03:01

    Bonjour,

    J'ai un appareil photo Kodak.
    C'est possible mais pas récemment.
    a b 8 Sécurité
    14 Janvier 2008 19:15:46

    Re,

    Que contient le dossier Kodak dans Program Files ?

    Télécharge R-Hosts.exe (de S!ri)
    Lance R-Hosts puis clique sur "Restaurer".
    Valide la modification en appuyant sur OK.

    &

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {ECA7CCE3-1432-75EF-74B0-567E373A6BA1} - (no file)
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
    O4 - HKCU\..\Run: [regs mfcd] D:\DOCUME~1\tcsao\APPLIC~1\STOPBI~1\Surf chin cast.exe


    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne tous les emplacements dans le cadre ci-dessous :

    D:\Documents and Settings\All Users\APPLIC~1\Kodak\EasyShareSetup\$SETUP_9_2cd52\Setup.exe
    D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB\
    D:\Documents and Settings\tcsao\APPLIC~1\STOPBI~1
    D:\Program Files\STOPBI~1

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    15 Janvier 2008 21:01:07

    Bonjour,

    Le dossier D:\Program Files\Kodak est vide.

    Ci-après, le rapport de OTMoveIt :

    D:\Documents and Settings\All Users\APPLIC~1\Kodak\EasyShareSetup\$SETUP_9_2cd52\Setup.exe moved successfully.
    D:\Documents and Settings\tcsao\APPLIC~1\STOP BIB moved successfully.
    File/Folder D:\Documents and Settings\tcsao\APPLIC~1\STOPBI~1 not found.
    D:\Program Files\STOPBI~1 moved successfully.

    Created on 01/15/2008 20:56:45
    a b 8 Sécurité
    15 Janvier 2008 21:22:40

    Reposte un rapport Hijackthis.
    15 Janvier 2008 23:07:04

    Le voici :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:02:46, on 15/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\RunDll32.exe
    D:\Program Files\NavNT\vptray.exe
    D:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Program Files\QuickTime\qttask.exe
    D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    D:\WINDOWS\system32\LVCOMSX.EXE
    D:\WINDOWS\system32\ctfmon.exe
    D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware

    7.5\guard.exe
    D:\Program Files\NavNT\defwatch.exe
    D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    D:\Program Files\NavNT\rtvscan.exe
    D:\WINDOWS\system32\nvsvc32.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\MsgSys.EXE
    D:\WINDOWS\system32\wuauclt.exe
    D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    D:\Documents and Settings\tcsao\Desktop\Ménache

    PC\HiJackThis\HijackThis.exe
    D:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

    http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper -

    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program

    Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

    D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper -

    {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program

    files\google\googletoolbar3.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

    d:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

    D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE

    D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common

    Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program

    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program

    Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]

    D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]

    D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Add animation to IncrediMail Style

    Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: Add to AMV Convert Tool... -

    D:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel -

    res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: MediaManager tool grab multimedia file

    - D:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
    O8 - Extra context menu item: Open PDF in Word - res://D:\Program

    Files\ScanSoft\PDF Converter\IEShellExt.dll /100
    O9 - Extra button: (no name) -

    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program

    Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) -

    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program

    Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Run WinHTTrack -

    {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack

    (aspi)\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack -

    {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack

    (aspi)\WinHTTrackIEBar.dll
    O9 - Extra button: Recherche -

    {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

    D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Yahoo! Messenger -

    {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

    D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger -

    {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

    D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra button: Messenger -

    {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program

    Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger -

    {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program

    Files\Messenger\msmsgs.exe
    O12 - Plugin for .csm: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .csml: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .cub: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .cube: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .dx: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .emb: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .embl: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .gau: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .jdx: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .mol: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .mop: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .pdb: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .rxn: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .scr: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .skc: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .spt: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .tgf: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O12 - Plugin for .xyz: D:\Program Files\Internet

    Explorer\Plugins\npchime.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -

    http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags

    Class) -

    http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -

    http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -

    http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}

    (MessengerStatsClient Class) -

    http://messenger.zone.msn.com/binary/MessengerStatsClie...

    ab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}

    (MessengerStatsClient Class) -

    http://messenger.zone.msn.com/binary/MessengerStatsPACl...

    .cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -

    http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire

    Showdown Class) -

    http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O18 - Filter hijack: text/html -

    {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -

    D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware

    7.5\guard.exe
    O23 - Service: DefWatch - Symantec Corporation - D:\Program

    Files\NavNT\defwatch.exe
    O23 - Service: Google Updater Service (gusvc) - Google - D:\Program

    Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

    Corporation - D:\Program Files\Common

    Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -

    D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt

    Software - D:\Program Files\Sunbelt Software\Personal

    Firewall\kpf4ss.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. -

    d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program

    Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) -

    Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA

    Corporation - D:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - D:\Program

    Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -

    D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation

    - D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 9018 bytes
    a b 8 Sécurité
    16 Janvier 2008 13:06:23

    Tu peux poster ton rapport de la bonne forme ?
    Ex :
    04...
    04...
    16 Janvier 2008 18:06:46

    Bonjour,

    Voici. J'espère que c'est mieux.


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:41:48, on 16/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware

    7.5\guard.exe
    D:\Program Files\NavNT\defwatch.exe
    D:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    D:\Program Files\NavNT\rtvscan.exe
    D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    D:\WINDOWS\system32\nvsvc32.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\MsgSys.EXE
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    D:\WINDOWS\system32\RunDll32.exe
    D:\Program Files\NavNT\vptray.exe
    D:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Program Files\QuickTime\qttask.exe
    D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    D:\WINDOWS\system32\LVCOMSX.EXE
    D:\WINDOWS\system32\ctfmon.exe
    D:\WINDOWS\system32\taskmgr.exe
    D:\Program Files\Mozilla Thunderbird\thunderbird.exe
    D:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
    D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    D:\Documents and Settings\tcsao\Desktop\Ménache
    PC\HiJackThis\HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper -
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program
    Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
    D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper -
    {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program
    files\google\googletoolbar3.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
    d:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
    D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common
    Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program
    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program
    Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
    D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
    D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Add animation to IncrediMail Style
    Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: Add to AMV Convert Tool... -
    D:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel -
    res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: MediaManager tool grab multimedia file
    - D:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
    O8 - Extra context menu item: Open PDF in Word - res://D:\Program
    Files\ScanSoft\PDF Converter\IEShellExt.dll /100
    O9 - Extra button: (no name) -
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
    Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) -
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program
    Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Run WinHTTrack -
    {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
    (aspi)\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack -
    {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack
    (aspi)\WinHTTrackIEBar.dll
    O9 - Extra button: Recherche -
    {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
    D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Yahoo! Messenger -
    {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
    D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
    {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
    D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra button: Messenger -
    {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
    Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger -
    {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program
    Files\Messenger\msmsgs.exe
    O12 - Plugin for .csm: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .csml: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .cub: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .cube: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .dx: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .emb: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .embl: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .gau: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .jdx: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .mol: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .mop: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .pdb: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .rxn: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .scr: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .skc: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .spt: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .tgf: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O12 - Plugin for .xyz: D:\Program Files\Internet
    Explorer\Plugins\npchime.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
    http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
    Class) -
    http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
    http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
    http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
    (MessengerStatsClient Class) -
    http://messenger.zone.msn.com/binary/MessengerStatsClie...
    ab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
    (MessengerStatsClient Class) -
    http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    .cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
    http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire
    Showdown Class) -
    http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O18 - Filter hijack: text/html -
    {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
    D:\Documents and Settings\tcsao\Desktop\Ménache PC\AVG Anti-Spyware
    7.5\guard.exe
    O23 - Service: DefWatch - Symantec Corporation - D:\Program
    Files\NavNT\defwatch.exe
    O23 - Service: Google Updater Service (gusvc) - Google - D:\Program
    Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    Corporation - D:\Program Files\Common
    Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
    D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt
    Software - D:\Program Files\Sunbelt Software\Personal
    Firewall\kpf4ss.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. -
    d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program
    Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) -
    Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
    Corporation - D:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - D:\Program
    Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
    D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation
    - D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 9266 bytes
    17 Janvier 2008 07:34:00

    Bonjour,

    Oui, je vois que la forme n'est pas tout à fait la même.
    Je ne fais pourtant qu'un simple copier/coller.
    Y-a t-il une autre façon de faire ?
    a b 8 Sécurité
    17 Janvier 2008 18:56:27

    Pas grave, tu as encore des soucis ?
    17 Janvier 2008 19:35:03

    Bonsoir,

    Non, ça va beaucoup mieux !
    Merci bien Angeldark.

    Mais tant que j'y suis à faire du ménage, tu penses que j'en suis où ?

    Et pour ma culture personnelle :
    - c'est quoi mon problème pour poster des rapports corrects ?
    - quelle contamination ai-je subit ?
    - et quelle est la cause potentielle aux problèmes que j'ai eu ?

    Merci beaucoup de tes réponses.
    a b 8 Sécurité
    17 Janvier 2008 19:48:17

    Citation :
    Mais tant que j'y suis à faire du ménage, tu penses que j'en suis où ?

    A la fin je pense.

    Citation :
    - c'est quoi mon problème pour poster des rapports corrects ?

    Ça doit benir d'une option dans le Bloc-Notes.

    Citation :
    - et quelle est la cause potentielle aux problèmes que j'ai eu ?

    Cracks, p2p ?
    18 Janvier 2008 07:39:03

    Encore merci bien.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS