Pleins de petits spyware

Résolu
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   -  
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,
Je suis nouveau sur ce forum mais j'ai souvent lu vos article quand je bloquais sur tel ou tel probleme.

Aujourd'hui et depuis quelques jours, j'ai des dossiers qui se sont installer dans programme file que je n'arrive pas a supprimer.

Comme je sais que vos sujet sont tres souvent personnalisé au demandeur, c'est pourquoi j'ouvre ce topic.

J'ai besoin de votre aide en gros.

Je tiens a préciser que je suis novice en informatique.

Merci d'avance a tous
A voir également:

110 réponses

Précédent
Réponse 21 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Rapport GenProc 2.633 [1] - 30/09/2009 à 22:52:02
@ Windows XP Service Pack 3 - Mode normal
@ Mozilla Firefox (3.0.14) [Navigateur par défaut]

Dans CCleaner, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures" ; par la suite, laisse-le avec ses réglages par défaut. C'est tout.

# Etape 1/ Télécharge :

- Lop S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 (Eric 71 & Angeldark) sur ton Bureau.


Redémarre en mode sans échec comme indiqué ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; Choisis ta session courante *** armand *** (pour retrouver le rapport, clique sur le raccourci "Rapport GenProc[1]" sur ton bureau).


# Etape 2/

Double-clique sur Lop S&D pour lancer l'installation, séléctionne la langue souhaitée, puis choisis l'Option 2 - Suppression - et patiente jusqu'à ce qu'il ait terminé.

# Etape 3/

Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

# Etape 4/

Redémarre normalement et poste, dans la même réponse :

- Le contenu du rapport lopR.txt situé dans C:\ ;
- Un nouveau rapport HijackThis ;
- Un nouveau rapport GenProc ;

Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

~~ Arguments de la procédure ~~


# Détections [1] GenProc 2.633 30/09/2009 à 22:52:09
Lop:le 30/09/2009 à 22:54:19 "C:\WINDOWS\Tasks\????????9???????.job"

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 22:55:15 ~~
0
Réponse 22 / 110
Xplode Messages postés 8820 Date d'inscription   Statut Contributeur sécurité Dernière intervention   726
 
Suis les indications du rapport GenProc et poste les rapports comme indiqué.
0
Réponse 23 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Oui, pardon j'ai voulu aller trop vite....

Je fais comment pour Hijackthis?
0
Réponse 24 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 2400+ )
BIOS : Version 1.00
USER : armand ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1351 [VPS 090929-0] 4.8.1351 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:1 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:54 Go (Free:27 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 30/09/2009|23:05 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\WINDOWS\Tasks\AF5C16B291AF8F76.job
Supprime! - C:\DOCUME~1\SVERIN~1\APPLIC~1\grimfl~1
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[07/11/2006|22:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[31/01/2007|21:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[03/02/2008|09:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\SUPERAntiSpyware.com
[07/11/2006|22:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Tenebril
[31/01/2007|21:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso

[12/09/2009|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[10/05/2009|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[11/06/2008|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/06/2009|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/01/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[21/01/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[20/12/2007|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[26/01/2008|23:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[08/02/2009|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[12/09/2009|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[12/09/2009|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[26/07/2007|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Inside Web Memo Upload
[25/09/2009|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[26/01/2008|23:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[18/06/2008|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogMeIn
[30/09/2009|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[25/09/2009|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/09/2009|22:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[14/09/2009|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
[25/09/2009|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NokiaMusic
[10/10/2008|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[25/09/2009|14:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[08/08/2005|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[26/01/2008|23:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[30/09/2009|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[23/01/2008|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[07/11/2006|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tenebril
[07/12/2006|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[25/01/2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[20/04/2008|19:27] C:\DOCUME~1\armand\APPLIC~1\Adobe
[11/06/2008|22:53] C:\DOCUME~1\armand\APPLIC~1\AdobeUM
[30/04/2005|21:50] C:\DOCUME~1\armand\APPLIC~1\Ahead
[12/09/2009|13:31] C:\DOCUME~1\armand\APPLIC~1\Apple Computer
[28/09/2009|12:28] C:\DOCUME~1\armand\APPLIC~1\Azureus
[27/01/2008|20:56] C:\DOCUME~1\armand\APPLIC~1\Brother
[25/04/2005|22:20] C:\DOCUME~1\armand\APPLIC~1\FotoWire
[26/09/2009|18:30] C:\DOCUME~1\armand\APPLIC~1\GARMIN
[04/09/2005|23:33] C:\DOCUME~1\armand\APPLIC~1\Google
[08/09/2009|16:17] C:\DOCUME~1\armand\APPLIC~1\GrabIt
[16/05/2006|13:17] C:\DOCUME~1\armand\APPLIC~1\Help
[27/03/2005|01:28] C:\DOCUME~1\armand\APPLIC~1\Identities
[26/01/2008|23:22] C:\DOCUME~1\armand\APPLIC~1\InstallShield
[26/03/2005|20:21] C:\DOCUME~1\armand\APPLIC~1\InterTrust
[14/10/2006|20:01] C:\DOCUME~1\armand\APPLIC~1\Lavasoft
[26/06/2007|21:01] C:\DOCUME~1\armand\APPLIC~1\Leadertech
[05/04/2005|13:34] C:\DOCUME~1\armand\APPLIC~1\Macromedia
[30/09/2009|16:47] C:\DOCUME~1\armand\APPLIC~1\Malwarebytes
[10/04/2005|21:10] C:\DOCUME~1\armand\APPLIC~1\Media Player Classic
[19/11/2008|22:52] C:\DOCUME~1\armand\APPLIC~1\Microsoft
[05/09/2008|10:47] C:\DOCUME~1\armand\APPLIC~1\Mozilla
[08/12/2007|02:15] C:\DOCUME~1\armand\APPLIC~1\NewsLeecher
[14/09/2009|12:36] C:\DOCUME~1\armand\APPLIC~1\Nokia
[14/09/2009|12:54] C:\DOCUME~1\armand\APPLIC~1\Nokia Multimedia Player
[25/09/2009|14:23] C:\DOCUME~1\armand\APPLIC~1\NSeries
[25/09/2009|16:27] C:\DOCUME~1\armand\APPLIC~1\PC Suite
[14/11/2008|20:20] C:\DOCUME~1\armand\APPLIC~1\Samsung
[17/11/2005|18:22] C:\DOCUME~1\armand\APPLIC~1\Sun
[30/09/2009|20:57] C:\DOCUME~1\armand\APPLIC~1\SUPERAntiSpyware.com
[12/09/2009|10:28] C:\DOCUME~1\armand\APPLIC~1\Talkback
[07/11/2006|13:55] C:\DOCUME~1\armand\APPLIC~1\Tenebril
[12/09/2009|10:28] C:\DOCUME~1\armand\APPLIC~1\Thunderbird
[24/08/2008|14:23] C:\DOCUME~1\armand\APPLIC~1\vlc
[01/02/2007|22:56] C:\DOCUME~1\armand\APPLIC~1\Vso

[27/03/2005|01:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[21/04/2008|21:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/10/2006|20:36] C:\DOCUME~1\LOGMEI~1\APPLIC~1\Microsoft

[27/03/2005|01:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[04/04/2005|20:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[24/02/2008|12:07] C:\DOCUME~1\SVERIN~1\APPLIC~1\Adobe
[17/12/2007|20:46] C:\DOCUME~1\SVERIN~1\APPLIC~1\AdobeUM
[21/04/2005|22:49] C:\DOCUME~1\SVERIN~1\APPLIC~1\Ahead
[31/12/2008|20:00] C:\DOCUME~1\SVERIN~1\APPLIC~1\Apple Computer
[20/12/2007|14:36] C:\DOCUME~1\SVERIN~1\APPLIC~1\Azureus
[27/01/2008|21:35] C:\DOCUME~1\SVERIN~1\APPLIC~1\Brother
[03/06/2006|19:31] C:\DOCUME~1\SVERIN~1\APPLIC~1\FilmLoop
[04/09/2005|23:19] C:\DOCUME~1\SVERIN~1\APPLIC~1\Google
[07/06/2006|08:39] C:\DOCUME~1\SVERIN~1\APPLIC~1\Help
[31/03/2005|18:11] C:\DOCUME~1\SVERIN~1\APPLIC~1\Identities
[22/06/2005|22:26] C:\DOCUME~1\SVERIN~1\APPLIC~1\Lavasoft
[05/04/2005|18:46] C:\DOCUME~1\SVERIN~1\APPLIC~1\Macromedia
[21/04/2005|20:09] C:\DOCUME~1\SVERIN~1\APPLIC~1\Media Player Classic
[15/10/2008|17:06] C:\DOCUME~1\SVERIN~1\APPLIC~1\Microsoft
[05/09/2008|12:44] C:\DOCUME~1\SVERIN~1\APPLIC~1\Mozilla
[13/04/2006|09:40] C:\DOCUME~1\SVERIN~1\APPLIC~1\Software Slow
[10/10/2005|20:18] C:\DOCUME~1\SVERIN~1\APPLIC~1\Sun
[12/09/2009|10:37] C:\DOCUME~1\SVERIN~1\APPLIC~1\Talkback
[28/12/2006|00:02] C:\DOCUME~1\SVERIN~1\APPLIC~1\Teleca
[12/09/2009|10:37] C:\DOCUME~1\SVERIN~1\APPLIC~1\Thunderbird

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[30/09/2009 22:16][--a------] C:\WINDOWS\tasks\WGASetup.job
[23/02/2009 08:18][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[30/09/2009 22:59][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[02/12/2007|12:38] C:\Program Files\Adobe
[30/09/2009|22:36] C:\Program Files\Ad-Remover
[26/03/2005|20:33] C:\Program Files\Ahead
[20/03/2009|17:50] C:\Program Files\Alwil Software
[08/10/2008|21:30] C:\Program Files\Apple Software Update
[10/05/2007|23:38] C:\Program Files\AviSynth 2.5
[26/09/2009|15:27] C:\Program Files\Azureus
[10/05/2009|18:49] C:\Program Files\Bonjour
[26/01/2008|23:23] C:\Program Files\Brother
[11/09/2009|11:57] C:\Program Files\CCleaner
[26/03/2005|20:35] C:\Program Files\CyberLink
[26/09/2009|18:29] C:\Program Files\DIFX
[17/05/2005|12:19] C:\Program Files\directx
[17/04/2005|15:08] C:\Program Files\DivX
[16/04/2005|14:16] C:\Program Files\ffdshow
[30/09/2009|20:57] C:\Program Files\Fichiers communs
[18/05/2008|22:26] C:\Program Files\FilmLoop Player
[02/12/2007|12:38] C:\Program Files\Free
[24/06/2009|08:46] C:\Program Files\Free Audio Pack
[13/01/2008|16:33] C:\Program Files\Google
[23/03/2008|13:26] C:\Program Files\GrabIt
[12/09/2009|10:22] C:\Program Files\IncrediMail
[14/11/2008|20:36] C:\Program Files\InstallShield Installation Information
[19/11/2008|21:30] C:\Program Files\Internet Explorer
[12/09/2009|13:25] C:\Program Files\iPod
[26/09/2009|15:30] C:\Program Files\iTunes
[12/09/2009|12:27] C:\Program Files\iTunes iPod
[28/09/2009|10:50] C:\Program Files\Java
[14/10/2006|20:01] C:\Program Files\Lavasoft
[13/01/2008|16:34] C:\Program Files\LGGSM
[25/04/2005|22:20] C:\Program Files\Logitech
[30/09/2009|10:50] C:\Program Files\LogMeIn
[30/09/2009|16:47] C:\Program Files\Malwarebytes' Anti-Malware
[10/04/2005|21:09] C:\Program Files\Media Player Classic
[09/09/2008|10:55] C:\Program Files\Messenger
[25/05/2009|14:18] C:\Program Files\Microsoft
[25/01/2008|23:30] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[27/03/2005|01:24] C:\Program Files\microsoft frontpage
[05/10/2008|18:28] C:\Program Files\Microsoft Office
[25/01/2008|22:57] C:\Program Files\Microsoft SQL Server Compact Edition
[26/03/2005|20:12] C:\Program Files\Microsoft Visual Studio
[05/10/2008|18:29] C:\Program Files\Microsoft Works
[05/10/2008|18:26] C:\Program Files\Microsoft.NET
[02/06/2006|12:45] C:\Program Files\MIKSOFT
[09/09/2008|10:50] C:\Program Files\Movie Maker
[30/09/2009|23:05] C:\Program Files\Mozilla Firefox
[19/11/2008|21:35] C:\Program Files\MSBuild
[09/09/2008|10:50] C:\Program Files\msn
[27/03/2005|01:20] C:\Program Files\MSN Gaming Zone
[26/03/2005|20:10] C:\Program Files\MSOCache
[15/08/2007|21:01] C:\Program Files\MSXML 4.0
[25/09/2009|14:17] C:\Program Files\MSXML 6.0
[30/09/2009|15:06] C:\Program Files\Navilog1
[01/12/2007|19:42] C:\Program Files\NETGEAR
[09/09/2008|10:45] C:\Program Files\NetMeeting
[25/09/2009|14:41] C:\Program Files\Nokia
[26/01/2008|23:21] C:\Program Files\Nuance
[23/08/2009|20:34] C:\Program Files\Outlook Express
[12/11/2005|14:29] C:\Program Files\PhotoFiltre
[09/12/2007|12:19] C:\Program Files\QuickPar
[12/09/2009|13:24] C:\Program Files\QuickTime
[19/11/2008|21:34] C:\Program Files\Reference Assemblies
[12/09/2009|12:08] C:\Program Files\Safari
[14/06/2007|21:56] C:\Program Files\Samsung
[26/01/2008|23:20] C:\Program Files\ScanSoft
[27/03/2005|01:20] C:\Program Files\Services en ligne
[03/12/2006|23:34] C:\Program Files\SiS VGA Utilities V3.71
[03/12/2006|23:33] C:\Program Files\sisagp
[11/09/2008|23:09] C:\Program Files\SlySoft
[31/03/2009|12:31] C:\Program Files\Spybot - Search & Destroy
[30/09/2009|22:18] C:\Program Files\SUPERAntiSpyware
[08/06/2008|19:37] C:\Program Files\SuperCopier
[30/09/2009|14:35] C:\Program Files\trend micro
[27/03/2005|01:28] C:\Program Files\Uninstall Information
[12/09/2009|12:09] C:\Program Files\Utilitaire de configuration iPhone
[26/02/2008|14:30] C:\Program Files\VideoLAN
[28/09/2009|11:14] C:\Program Files\WinAVI MP4 Converter
[25/05/2009|14:23] C:\Program Files\Windows Live
[25/05/2009|14:18] C:\Program Files\Windows Live SkyDrive
[07/12/2006|12:36] C:\Program Files\Windows Media Connect 2
[25/09/2009|13:40] C:\Program Files\Windows Media Player
[20/11/2008|00:17] C:\Program Files\Windows NT
[27/03/2005|01:20] C:\Program Files\WindowsUpdate
[28/05/2005|13:37] C:\Program Files\WinRAR
[27/03/2005|01:24] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/06/2008|22:55] C:\Program Files\Fichiers communs\Adobe
[26/03/2005|20:33] C:\Program Files\Fichiers communs\Ahead
[12/09/2009|13:25] C:\Program Files\Fichiers communs\Apple
[18/03/2007|19:02] C:\Program Files\Fichiers communs\Atlence
[21/01/2008|09:41] C:\Program Files\Fichiers communs\AVSMedia
[05/10/2008|18:28] C:\Program Files\Fichiers communs\DESIGNER
[25/04/2005|22:20] C:\Program Files\Fichiers communs\FotoWire
[26/01/2008|23:20] C:\Program Files\Fichiers communs\InstallShield
[13/02/2006|21:17] C:\Program Files\Fichiers communs\Java
[25/04/2005|22:19] C:\Program Files\Fichiers communs\Logitech
[05/03/2009|15:27] C:\Program Files\Fichiers communs\Microsoft Shared
[27/03/2005|01:21] C:\Program Files\Fichiers communs\MSSoap
[25/09/2009|14:14] C:\Program Files\Fichiers communs\muvee Technologies
[25/09/2009|14:41] C:\Program Files\Fichiers communs\Nokia
[27/03/2005|01:15] C:\Program Files\Fichiers communs\ODBC
[26/01/2008|23:20] C:\Program Files\Fichiers communs\ScanSoft Shared
[27/03/2005|01:22] C:\Program Files\Fichiers communs\Services
[27/03/2005|01:15] C:\Program Files\Fichiers communs\SpeechEngines
[10/04/2005|19:29] C:\Program Files\Fichiers communs\Symantec Shared
[05/10/2008|18:37] C:\Program Files\Fichiers communs\System
[14/06/2007|21:54] C:\Program Files\Fichiers communs\Teleca Shared
[25/05/2009|14:12] C:\Program Files\Fichiers communs\Windows Live
[25/01/2008|22:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[30/09/2009|20:57] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 11 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-30 23:07:59
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 6

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1][D:5]-> C:\DOCUME~1\armand\LOCALS~1\Temp
[F:43][D:0]-> C:\DOCUME~1\armand\Cookies
[F:288][D:4]-> C:\DOCUME~1\armand\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 30/09/2009|23:09 - Option : [2]

--------------------\\ Fin du rapport a 23:09:53


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:21:33, on 30/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\armand\Bureau\Logiciel\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {0A87E45F-537A-40B4-B812-E2544C21A09F} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http:\\www.numericable.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O18 - Protocol: bw+0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {536ACCD4-7069-44FD-A249-F0DD4A04E92F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 110
Xplode Messages postés 8820 Date d'inscription   Statut Contributeur sécurité Dernière intervention   726
 
Je continuerais l'analyse demain, bonne soirée à toi.
0
Réponse 26 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Merci, a toi aussi
0
Réponse 27 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Salut Xplode, je suis de retour, si tu es là bien sur
0
Réponse 28 / 110
Xplode Messages postés 8820 Date d'inscription   Statut Contributeur sécurité Dernière intervention   726
 
Salut Chris, fais ceci maintenant :

List&kill'em ---->

[x] Télécharge List&Kill'em ( par Gen-Hackman ) à cette adresse : http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.exe

[x] Lance le (clic droit "executer en tant qu'administrateur" pour Vista)

[x] Choisis la langue puis choisis l'option 1 = Mode Recherche

[x] Laisse l'outil scanner

[x] A la fin du scan, le rapport s'ouvrira, copie/colle le dans ta prochaine réponse

-------------------------------

ESET Nod32 Scan en ligne ----->

[x] Rends toi sur ce site : https://www.eset.com/

/!\ Il faut que tu utilises internet explorer pour faire l'analyse en ligne /!\

[x] Coche " Oui, j'accepte.... " puis cliques sur " Start ".

[x] Attend un peu le chargement de la page, puis clique sur le bandeau jaune en haut de
l'écran " Ce site nécessite.... OnlineScanner.cab... "

-> Clique sur " Installer le contrôle ActiveX "
-> Confirme ensuite en cliquant sur " Installer " dans la petite fenêtre qui s'ouvre.

[x] Clique sur paramètre avancé, puis coche " Rechercher les applications potentiellement dangereuses " , vérifie que les deux premieres cases sont elles aussi cochées.

[x] Le scanner se mettra à jour, celà peut prendre un certain temps

[x] L'analyse va ensuite s'effectuer.

[x] Copie/Colle le rapport dans ton prochain message. ( C:\ESET\...\log.txt )
0
Réponse 29 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Je ne trouve pas Internet Explorer sur mon pc.
0
Réponse 30 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Voici pour le 1er:
List'em by g3n-h@ckm@n 1.0.3.2

updated on 25.09.2009 ::::: 23.54


Microsoft Windows XP [version 5.1.2600]


01/10/2009 12:05:48,76


Nom de l'h“te: ARMAND-LGARTN8P
Nom du systŠme d'exploitation: Microsoft Windows XP Professionnel
Version du systŠme: 5.1.2600 Service Pack 3 version 2600
Fabricant du systŠme d'exploitation: Microsoft Corporation
Configuration du systŠme d'exploitation: Station de travail autonome
Type de version du systŠme d'exploitation: Uniprocessor Free
Propri‚taire enregistr‚ÿ: armand
Organisation enregistr‚eÿ:
Identificateur de produit: 55274-649-6478953-23570
Date d'installation originale: 27/03/2005, 00:26:30
Dur‚e d'activit‚ systŠme: 0 jours, 1 heures, 4 minutes, 30 secondes
Fabricant du systŠme: American Megatrends Inc.
ModŠle du systŠme: K7S41GX
Type du systŠme: X86-based PC
Processeur(s): 1 processeur(s) install‚(s).
[01]: x86 Family 6 Model 8 Stepping 1 AuthenticAMD ~1672 MHz
Version du BIOS: AMIINT - 1000
R‚pertoire Windows: C:\WINDOWS
R‚pertoire systŠme: C:\WINDOWS\system32
P‚riph‚rique d'amor‡age: \Device\HarddiskVolume1
Option r‚gionale du systŠme: fr;Fran‡ais (France)
ParamŠtres r‚gionaux d'entr‚eÿ: fr;Fran‡ais (France)
Fuseau horaire: N/D
M‚moire physique totale: 959 Mo
M‚moire physique disponible: 458 Mo
M‚moire virtuelle : taille maximale: 2ÿ048 Mo
M‚moire virtuelle : disponible: 2ÿ008 Mo
M‚moire virtuelle : en cours d'utilisation: 40 Mo
Emplacements des fichiers d'‚change: C:\pagefile.sys
Domaine: WORKGROUP
Serveur d'ouverture de session: \\ARMAND-LGARTN8P
Correctif(s): 156 Corrections install‚es.
[01]: File 1
[02]: File 1
[03]: File 1
[04]: File 1
[05]: File 1
[06]: File 1
[07]: File 1
[08]: File 1
[09]: File 1
[10]: File 1
[11]: File 1
[12]: File 1
[13]: File 1
[14]: File 1
[15]: File 1
[16]: File 1
[17]: File 1
[18]: File 1
[19]: File 1
[20]: File 1
[21]: File 1
[22]: File 1
[23]: File 1
[24]: File 1
[25]: File 1
[26]: File 1
[27]: File 1
[28]: File 1
[29]: File 1
[30]: File 1
[31]: File 1
[32]: File 1
[33]: File 1
[34]: File 1
[35]: File 1
[36]: File 1
[37]: File 1
[38]: File 1
[39]: File 1
[40]: File 1
[41]: File 1
[42]: File 1
[43]: File 1
[44]: File 1
[45]: File 1
[46]: File 1
[47]: File 1
[48]: File 1
[49]: File 1
[50]: File 1
[51]: File 1
[52]: File 1
[53]: File 1
[54]: File 1
[55]: File 1
[56]: File 1
[57]: File 1
[58]: File 1
[59]: File 1
[60]: File 1
[61]: File 1
[62]: File 1
[63]: File 1
[64]: File 1
[65]: File 1
[66]: File 1
[67]: File 1
[68]: File 1
[69]: Q147222
[70]: M928366 - Update
[71]: S867460 - Update
[72]: Q927978
[73]: Q936181
[74]: Q954430
[75]: KB929399
[76]: KB952069_WM9
[77]: KB968816_WM9
[78]: KB973540_WM9
[79]: KB911565
[80]: KB917734_WMP10
[81]: KB936782_WMP10
[82]: KB925398_WMP64
[83]: KB923689
[84]: KB941569
[85]: MSCompPackV1 - Update
[86]: KB811113 - Service Pack
[87]: KB936929 - Service Pack
[88]: KB923561 - Update
[89]: KB938464 - Update
[90]: KB946648 - Update
[91]: KB950759 - Update
[92]: KB950760 - Update
[93]: KB950762 - Update
[94]: KB950974 - Update
[95]: KB951066 - Update
[96]: KB951072-v2 - Update
[97]: KB951376 - Update
[98]: KB951376-v2 - Update
[99]: KB951698 - Update
[100]: KB951748 - Update
[101]: KB951978 - Update
[102]: KB952004 - Update
[103]: KB952287 - Update
[104]: KB952954 - Update
[105]: KB953838 - Update
[106]: KB953839 - Update
[107]: KB954211 - Update
[108]: KB954459 - Update
[109]: KB954550-v5 - Update
[110]: KB954600 - Update
[111]: KB955069 - Update
[112]: KB955839 - Update
[113]: KB956390 - Update
[114]: KB956391 - Update
[115]: KB956572 - Update
[116]: KB956744 - Update
[117]: KB956802 - Update
[118]: KB956803 - Update
[119]: KB956841 - Update
[120]: KB956844 - Update
[121]: KB957095 - Update
[122]: KB957097 - Update
[123]: KB958215 - Update
[124]: KB958644 - Update
[125]: KB958687 - Update
[126]: KB958690 - Update
[127]: KB959426 - Update
[128]: KB960225 - Update
[129]: KB960714 - Update
[130]: KB960715 - Update
[131]: KB960803 - Update
[132]: KB960859 - Update
[133]: KB961118 - Update
[134]: KB961371 - Update
[135]: KB961373 - Update
[136]: KB961501 - Update
[137]: KB961503 - Update
[138]: KB963027 - Update
[139]: KB967715 - Update
[140]: KB968389 - Update
[141]: KB968537 - Update
[142]: KB969897 - Update
[143]: KB969898 - Update
[144]: KB970238 - Update
[145]: KB970653-v3 - Update
[146]: KB971557 - Update
[147]: KB971633 - Update
[148]: KB971657 - Update
[149]: KB971961 - Update
[150]: KB972260 - Update
[151]: KB973346 - Update
[152]: KB973354 - Update
[153]: KB973507 - Update
[154]: KB973815 - Update
[155]: KB973869 - Update
[156]: XpsEPSC
Carte(s) r‚seau: 3 carte(s) r‚seau install‚e(s).
[01]: Carte Fast Ethernet PCI de base SiS 900
Nom de la connexion : Connexion au r‚seau local
[02]: NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter
Nom de la connexion : Wifi
DHCP activ‚ : Oui
Serveur DHCP : 192.168.0.254
Adresse(s) IP
[01] : 192.168.0.3
[03]: Carte r‚seau 1394
Nom de la connexion : Connexion 1394
DHCP activ‚ : Oui
Serveur DHCP : N/D
Adresse(s) IP

Nom de l'image PIDÿ Nom de la sessio Num‚ro d Utilisation
========================= ====== ================ ======== ============
System Idle Process 0 Console 0 16 Ko
System 4 Console 0 212 Ko
smss.exe 700 Console 0 400 Ko
csrss.exe 752 Console 0 4ÿ584 Ko
winlogon.exe 776 Console 0 4ÿ300 Ko
services.exe 820 Console 0 3ÿ488 Ko
lsass.exe 832 Console 0 6ÿ188 Ko
svchost.exe 1004 Console 0 5ÿ084 Ko
svchost.exe 1052 Console 0 4ÿ380 Ko
svchost.exe 1148 Console 0 33ÿ432 Ko
svchost.exe 1184 Console 0 3ÿ244 Ko
svchost.exe 1336 Console 0 3ÿ592 Ko
svchost.exe 1436 Console 0 3ÿ024 Ko
aswUpdSv.exe 1736 Console 0 224 Ko
ashServ.exe 1784 Console 0 24ÿ448 Ko
spoolsv.exe 544 Console 0 5ÿ100 Ko
svchost.exe 616 Console 0 3ÿ352 Ko
AppleMobileDeviceService. 652 Console 0 3ÿ236 Ko
mDNSResponder.exe 668 Console 0 3ÿ560 Ko
jqs.exe 756 Console 0 1ÿ380 Ko
ramaint.exe 1128 Console 0 3ÿ220 Ko
LogMeIn.exe 1584 Console 0 12ÿ292 Ko
explorer.exe 1456 Console 0 26ÿ772 Ko
LMIGuardian.exe 1976 Console 0 2ÿ216 Ko
MDM.EXE 1936 Console 0 2ÿ892 Ko
LogMeInSystray.exe 1476 Console 0 6ÿ784 Ko
LMIGuardian.exe 1684 Console 0 2ÿ216 Ko
svchost.exe 2012 Console 0 4ÿ592 Ko
ashMaiSv.exe 1628 Console 0 2ÿ828 Ko
ashWebSv.exe 1692 Console 0 14ÿ948 Ko
ashDisp.exe 1996 Console 0 1ÿ688 Ko
LVCOMSX.EXE 1896 Console 0 4ÿ164 Ko
pptd40nt.exe 2072 Console 0 2ÿ560 Ko
BrMfcWnd.exe 2120 Console 0 5ÿ132 Ko
iTunesHelper.exe 2176 Console 0 12ÿ904 Ko
jusched.exe 2188 Console 0 5ÿ160 Ko
ctfmon.exe 2272 Console 0 3ÿ520 Ko
msnmsgr.exe 2352 Console 0 12ÿ264 Ko
alg.exe 2464 Console 0 3ÿ484 Ko
SUPERANTISPYWARE.EXE 2472 Console 0 568 Ko
sistray.exe 2548 Console 0 3ÿ120 Ko
BrMfcMon.exe 2780 Console 0 3ÿ396 Ko
IMApp.exe 3044 Console 0 5ÿ280 Ko
iPodService.exe 3732 Console 0 4ÿ008 Ko
firefox.exe 3944 Console 0 89ÿ064 Ko
wlcomm.exe 2624 Console 0 27ÿ984 Ko
List_Killem.exe 3672 Console 0 4ÿ992 Ko
cmd.exe 2924 Console 0 1ÿ700 Ko
wmiprvse.exe 2376 Console 0 8ÿ064 Ko
wmiprvse.exe 552 Console 0 4ÿ800 Ko
tasklist.exe 1232 Console 0 4ÿ480 Ko

Infections :
==========


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"C:\Documents and Settings\All Users\Application Data\.zreglib"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe"
"C:\WINDOWS\jautoexp.dat"
C:\WINDOWS\System32\SET10C.tmp
C:\WINDOWS\System32\SET6F.tmp
C:\WINDOWS\System32\SET71.tmp
C:\WINDOWS\System32\SET7D.tmp
C:\WINDOWS\System32\SETB7.tmp
C:\WINDOWS\System32\SETB9.tmp
C:\WINDOWS\System32\SETBE.tmp
C:\WINDOWS\System32\SETC5.tmp
C:\Documents and Settings\armand\LOCAL Settings\Temp\SSUPDATE.EXE

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\Classes\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}

¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

AD-R.EXE-33226EB0.pf
ADOBE GAMMA LOADER.EXE-0A47CFD1.pf
ALG.EXE-0F138680.pf
ARMAND_CM.EXE-224FADE5.pf
ARMAND_GENPROC.EXE-382AFEF6.pf
ASHMAISV.EXE-12E27032.pf
ASHWEBSV.EXE-0548EF0A.pf
ATTRIB.EXE-39EAFB02.pf
AVAST.SETUP-032170A8.pf
BRMFCMON.EXE-10EF0A6D.pf
CCLEANER.EXE-0BCE437C.pf
CHCP.COM-18156052.pf
CMD.EXE-087B4001.pf
CSCRIPT.EXE-1C26180C.pf
CURL.EXE-1EBD8939.pf
DEFRAG.EXE-273F131E.pf
DFRGNTFS.EXE-269967DF.pf
EREG.EXE-2EE3596B.pf
ERUNT.COM-3A876921.pf
EXPLORER.EXE-082F38A9.pf
FIND.EXE-0EC32F1E.pf
FINDSTR.EXE-0CA6274B.pf
FIREFOX.EXE-28641590.pf
GENPROC.EXE-012E2BCC.pf
GENPROC.EXE-3401B1AA.pf
GETVERSION.EXE-2F6861E1.pf
GREP.COM-30632777.pf
GREP.EXE-04C46782.pf
HELPSVC.EXE-2878DDA2.pf
HIJACKTHIS.EXE-35D13637.pf
IMAPI.EXE-0BF740A4.pf
IMAPP.EXE-093362B0.pf
IMNOTFY.EXE-39B9FFE6.pf
INCMAIL.EXE-1D49117E.pf
INDEXSEARCH.EXE-1C3940E7.pf
IPODSERVICE.EXE-3192DE38.pf
JAVA.EXE-0C263507.pf
JQSNOTIFY.EXE-24AE4A36.pf
Layout.ini
LIST_KILLEM.EXE-219C007B.pf
LMIGUARDIAN.EXE-0464E754.pf
LOGMEIN.EXE-20F68633.pf
LOGMEINSYSTRAY.EXE-0C00DC48.pf
LOGONUI.EXE-0AF22957.pf
LOGONUI.EXE-2E13DEAF.pf
MBR.EXE-15F95684.pf
MDM.EXE-1EFE14A5.pf
MODE.COM-31685BAE.pf
MSIEXEC.EXE-2F8A8CAE.pf
MSNMSGR.EXE-030AB647.pf
NIRCMD.COM-35BF857A.pf
NOTEPAD.EXE-336351A9.pf
NTOSBOOT-B00DFAAD.pf
PING.EXE-31216D26.pf
PROCESS.COM-0458B762.pf
PV.COM-006EB813.pf
READER_SL.EXE-3614FA6E.pf
REG.EXE-0D2A95F7.pf
REGDACL.COM-3B1D4525.pf
REGEDIT.EXE-1B606482.pf
REGSVR32.EXE-25EEFE2F.pf
RUNDLL32.EXE-3790AFE6.pf
SDSHRED.EXE-33F5A67C.pf
SED.COM-281CC846.pf
SED.EXE-214E0DA3.pf
SISTRAY.EXE-245DBCED.pf
SNDREC32.EXE-309776A8.pf
SNDVOL32.EXE-383480B7.pf
SORT.EXE-194AE83C.pf
SPYBOTSD.EXE-1344276B.pf
SSBKGDUPDATE.EXE-070949C7.pf
SSUPDATE.EXE-23AE56F3.pf
SUPERANTISPYWARE.EXE-07994D9B.pf
SUPERANTISPYWARE4.28.1010.EXE-09E3CAF3.pf
SVCHOST.EXE-3530F672.pf
SWREG.COM-3A277B41.pf
SWREG.EXE-26D6CD16.pf
SWSC.COM-0DAE31A0.pf
SYSTEMINFO.EXE-32ED1FAB.pf
TASKLIST.EXE-10D94B23.pf
TEATIMER.EXE-1F57E47A.pf
UNIQ.EXE-0125BC89.pf
VERCLSID.EXE-3667BD89.pf
WLCOMM.EXE-04AE9009.pf
WMIAPSRV.EXE-1E2270A5.pf
WMIPRVSE.EXE-28F301A9.pf
WSCRIPT.EXE-32960AB9.pf
WUAUCLT.EXE-399A8E72.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 31 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
C'est normal que le 2eme Scan soit super long?
0
Réponse 32 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Et voici pour le 2eme.
Je précise qu'il avait fait un 1er scan que j'ai stopper en cours de route et il avait trouvé 2 éléments qu'il a supprimé.
Je l'ai relancé et voici le rapport :


ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=6.00.2900.5512 (xpsp.080413-2105)
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=67fac5a321f9c84a9332276ed2aef025
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-10-01 11:46:45
# local_time=2009-10-01 01:46:45 (+0100, Paris, Madrid (heure d'été))
# country="France"
# lang=1036
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=769 21 100 100 98485156250
# scanned=50683
# found=2
# cleaned=2
# scan_time=5077
C:\Documents and Settings\armand\Bureau\Logiciel\AD-R.exe Win32/PrcView application (supprimé - mis en quarantaine) 00000000000000000000000000000000 C
C:\Program Files\Ad-Remover\Process.com Win32/PrcView application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
esets_scanner_update returned -1 esets_gle=53251
# version=6
# iexplore.exe=6.00.2900.5512 (xpsp.080413-2105)
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=67fac5a321f9c84a9332276ed2aef025
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-10-01 02:08:23
# local_time=2009-10-01 04:08:23 (+0100, Paris, Madrid (heure d'été))
# country="France"
# lang=1036
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=769 21 100 100 183459062500
# scanned=92033
# found=0
# cleaned=0
# scan_time=8454
0
Réponse 33 / 110
Xplode Messages postés 8820 Date d'inscription   Statut Contributeur sécurité Dernière intervention   726
 
Re,

[x] Relance List&kill'em mais choisis cette fois ci l'option n°2 ( Destruction )

[x] Patiente pendant le scan

[x] Copie/Colle le rapport qui s'ouvrira dans ta prochain réponse

-------------

SuperAntiSpyware ---->

[x] Télécharge SuperAntiSpyware à cette adresse : http://dl.commentcamarche.net/www.commentcamarche.net/download/files/SUPERAntiSpyware4.28.1010.exe

[x] Suis la procédure d'installation

[x] Séléctionne " French " dans la fenêtre " language " qui s'ouvrira

[x] Clique sur " Oui " dans la fenêtre qui te demanderas si tu veux mettre à jour SuperAntiSpyware

[x] Dans la fenêtre de configuration qui s'ouvrira avec la MaJ , laisse les options par défaut et clique sur suivant.

[x] Au menu principal, séléctionne " Scanner votre ordinateur "

[x] A droite de la fenêtre, coche " Executer scan complet " puis clique sur " Suivant "

[x] Patiente pendant le scan

[x] Si des éléments sont détectés, vérifie qu'ils sont tous cochés plus clique sur suivant

[x] Il te sera peut être proposé de redémarrer, fais le.

[x] Relance SaS, puis clique sur " Préférences "

[x] Va dans l'onglet " Statistiques/Journaux de bord "

[x] Clique sur le rapport puis sur " Voir le journal de bord "

[x] Copie/Colle son contenu ( CTRL+A pour tout séléctionner, CTRL+C pour copier, CTRL+V pour coller ) dans ton prochain message.
0
Réponse 34 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Infections :
==========


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\Classes\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}

¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

Layout.ini
NTOSBOOT-B00DFAAD.pf
REG.EXE-0D2A95F7.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 35 / 110
Xplode Messages postés 8820 Date d'inscription   Statut Contributeur sécurité Dernière intervention   726
 
J'attend le rapport de SuperAntiSpyware
0
Réponse 36 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 10/01/2009 at 08:44 PM

Application Version : 4.29.1002

Core Rules Database Version : 4136
Trace Rules Database Version: 2068

Scan type : Complete Scan
Total Scan Time : 01:06:57

Memory items scanned : 552
Memory threats detected : 0
Registry items scanned : 6271
Registry threats detected : 0
File items scanned : 24770
File threats detected : 7

Adware.Tracking Cookie
C:\Documents and Settings\armand\Cookies\armand@ads.monster[1].txt
C:\Documents and Settings\armand\Cookies\armand@xiti[1].txt
C:\Documents and Settings\armand\Cookies\armand@smartadserver[1].txt
C:\Documents and Settings\armand\Cookies\armand@atdmt[2].txt
C:\Documents and Settings\armand\Cookies\armand@weborama[1].txt
C:\Documents and Settings\armand\Cookies\armand@aimfar.solution.weborama[1].txt

Adware.Vundo/Variant-MSFake
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2A4F2A3F-7E54-42E0-8837-3DA71EA4F05F}\RP1296\A0218585.EXE
0
Réponse 37 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
T'es là mon sauveur????? Xplode bien sur...
0
Réponse 38 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Xplode, t'es là?
0
Réponse 39 / 110
Xplode Messages postés 8820 Date d'inscription   Statut Contributeur sécurité Dernière intervention   726
 
Salut, désolé de ne pas avoir pu répondre plus tôt mais j'avais cours.

Reposte maintenant un log d'RSIT
0
Réponse 40 / 110
Chris2410 Messages postés 125 Date d'inscription   Statut Membre Dernière intervention   2
 
Excuse moi d'etre aussi insistant et envahissant.....
0

Discussions similaires

Petit carré noir sur l'écran
Vivien -
Vivien -

1 réponse
Carrés blancs
Asiriix -
Asiriix -

3 réponses
petits carrés non identifiés PCNI
Mactor -
Mactor -

1 réponse