Win 32 undo - Page 2

Résolu
Précédent
  • 1
  • 2
  1. Utilisateur anonyme
     
    Salut
    Pour suivre
    ( surtout pour le CFScript en fait ;))
    0
  2. Utilisateur anonyme
     
    Salut cyril !!
    0
    1. sousou
       
      JE PENSE QUE C EST CA LE RAPPORT PARCE QU APRES MON ORDI S EST ETEINT ComboFix 08-06-03.4 - sakina chouaibi 2008-06-04 20:33:42.1 - NTFSx86
      Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.200 [GMT 2:00]
      Endroit: C:\Users\sakina chouaibi\Desktop\ComboFix.exe
      * Création d'un nouveau point de restauration
      .

      (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\Windows\system32\jusched.exe
      C:\Windows\system32\MSINET.oca

      .
      ((((((((((((((((((((((((((((( Fichiers créés 2008-05-04 to 2008-06-04 ))))))))))))))))))))))))))))))))))))
      .

      Pas de nouveau fichier créé dans cet espace de temps

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-06-04 16:42 --------- d-----w C:\Program Files\Navilog1
      2008-06-04 16:22 --------- d-----w C:\Users\sakina chouaibi\AppData\Roaming\Malwarebytes
      2008-06-04 16:22 --------- d-----w C:\ProgramData\Malwarebytes
      2008-06-04 16:22 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
      2008-05-30 11:42 --------- d-----w C:\Program Files\RamBoost XP
      2008-05-29 23:06 34,296 ----a-w C:\Windows\system32\drivers\mbamcatchme.sys
      2008-05-29 23:06 15,864 ----a-w C:\Windows\system32\drivers\mbam.sys
      2008-05-26 16:58 --------- d-----w C:\Users\sakina chouaibi\AppData\Roaming\LimeWire
      2008-05-26 12:30 --------- d-----w C:\Users\sakina chouaibi\AppData\Roaming\IMVU
      2008-05-24 16:28 254 ----a-w C:\Users\sakina chouaibi\AppData\Roaming\wklnhst.dat
      2008-05-23 08:49 --------- d-----w C:\Program Files\Google
      2008-05-22 19:19 --------- d-----w C:\Program Files\Java
      2008-05-22 19:17 --------- d-----w C:\Program Files\Common Files\Real
      2008-05-22 19:11 --------- d-----w C:\Program Files\VideoLAN
      2008-05-22 19:03 --------- d-----w C:\ProgramData\Skype
      2008-05-22 18:30 --------- d---a-w C:\ProgramData\TEMP
      2008-05-19 09:01 --------- d-----w C:\Program Files\VirusEffaceur
      2008-05-19 08:56 --------- d-----w C:\Program Files\Common Files\VirusEffaceur
      2008-05-18 19:41 --------- d-----w C:\Users\sakina chouaibi\AppData\Roaming\Talkback
      2008-05-18 19:14 466 ----a-w C:\Users\sakina chouaibi\117.bat
      2008-05-18 18:53 --------- d-----w C:\Program Files\Sun
      2008-05-18 18:20 --------- d-----w C:\Program Files\Real
      2008-05-18 17:10 --------- d-----w C:\Program Files\Clear History
      2008-05-18 16:45 --------- d-----w C:\Program Files\LimeWire
      2008-05-16 09:18 --------- d-----w C:\Program Files\Windows Mail
      2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
      2008-05-13 11:06 --------- d-----w C:\Program Files\QuickTime
      2008-05-13 11:05 --------- d-----w C:\ProgramData\Apple Computer
      2008-05-08 17:13 --------- d-----w C:\Program Files\Macrogaming
      2008-05-08 17:11 --------- d-----w C:\Program Files\Paint.NET
      2008-05-04 19:12 --------- d-----w C:\Program Files\IMVU
      2008-04-27 08:15 4,981 ----a-w C:\Windows\System32\gnc.exe
      2008-04-12 10:19 --------- d-----w C:\Program Files\Common Files\Adobe
      2008-03-08 04:30 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
      2008-03-08 04:30 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
      2008-03-08 04:30 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
      2008-03-08 04:30 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
      2008-03-08 04:30 1,686,528 ----a-w C:\Windows\System32\gameux.dll
      2008-03-08 00:37 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
      2008-03-08 00:22 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
      2007-12-06 11:08 174 --sha-w C:\Program Files\desktop.ini
      .

      ------- Sigcheck -------

      .
      ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 12:00 1232896]
      "WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 14:34 2159104 C:\Windows\System32\oobefldr.dll]
      "HPAdvisor"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2007-06-01 13:40 1783400]
      "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
      "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
      "BitComet"="C:\Program Files\BitComet\BitComet.exe" [ ]
      "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-18 20:01 68856]
      "LSA Shellu"="C:\Users\sakina chouaibi\lsass.exe" [ ]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
      "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
      "RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 13:06 4669440 C:\Windows\RtHDVCpl.exe]
      "HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 13:13 71176]
      "SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2007-04-07 02:56 54936]
      "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
      "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-06 21:15 86016]
      "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-06 21:15 8466432]
      "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-06 21:15 81920]
      "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
      "lxczbmgr.exe"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2007-04-19 16:45 74672]
      "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
      "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
      "Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]

      C:\Users\sakina chouaibi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      IMVU.lnk - C:\Program Files\IMVU\IMVUClient.exe [2008-04-30 22:33:42 49408]

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
      Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-01-18 18:38:02 67128]
      WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WiFiStation.exe [2008-01-19 15:52:05 98304]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "EnableLUA"= 0 (0x0)

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
      "{E067E5C8-7D8B-41A2-A6CB-F54079980872}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{89933E35-6D81-4238-A5F7-185F6D4222E2}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{A5980DA6-46AD-4C5B-B024-C6FA44543BDB}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{4AC8E676-B37D-44F3-881F-665A8A041F45}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{526FD6D6-8DFB-4D6D-B4F0-39708F324C3F}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{523C2EA6-4163-4F52-A4E7-1C7E832B641B}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{C98875A3-280B-49EE-8B32-380DAEA3F46E}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
      "{2A7CC38E-E9D5-493A-A48F-BD03BE46A625}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
      "{2A519B7D-0302-4625-9FAA-77546F98A15A}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{61E08031-3601-45E2-9E27-A86A5DE10DDD}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{74288CE7-23A4-452B-AB1A-84C16BD12E01}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{2F03BBBA-3963-4017-806F-A5ABD8A2FCD1}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{18BC1B77-0039-4C62-AF6F-B6BB6DC7164F}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{3B4981AA-D1F7-4836-93BD-64B6DF5A2FE6}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{ED65F762-CC7C-4CCB-8022-F457D821D3BF}"= UDP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
      "{40A9F95C-5767-41E3-BA95-0954C27045C0}"= TCP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
      "{21B56439-2E4C-40BE-B94C-EE330B859591}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe:Printer Status Window
      "{D3319DBC-FC8F-4713-8F89-8C1F47F14C54}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe:Printer Status Window
      "{13AC2D71-B86E-4C00-9122-170CBA27EA97}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
      "{2926AEEE-95A5-4CE9-B2D2-CF7ED8359624}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
      "{0B47F698-594C-43DB-9302-7B1DA793717A}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
      "{29F53DF0-4543-4B60-A135-D677DE54EBBB}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
      "TCP Query User{09AD9316-EF87-4317-9045-991F41D66D05}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
      "UDP Query User{A162AB97-CA33-4FCD-8FB8-C9C8937C56B3}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
      "TCP Query User{77634EFB-CFB1-4834-8E25-77DC8ED7ED2D}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
      "UDP Query User{C81BFF66-5C36-467B-84D3-443CF76E59A1}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
      "TCP Query User{877D206E-D008-4179-B970-B9C9A198C2E1}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
      "UDP Query User{A7F1FF94-C9F6-446B-8906-09DE79C13A41}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
      "{2CB49183-E3E1-4CE4-AE13-3BC3FBEF8D70}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
      "{B74040E8-11B0-4F38-9B30-1725FF16C6A7}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
      "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

      R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
      R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
      R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]
      R2 lxcz_device;lxcz_device;C:\Windows\system32\lxczcoms.exe [2007-04-19 16:43]
      R3 netr73;Hercules Wireless USB Dongle Driver for Vista;C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 18:01]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a12ea18-0964-11dd-9842-001921433d38}]
      \shell\AutoRun\command - J:\setup/setup.exe

      .
      Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
      "2008-06-04 09:10:30 C:\Windows\Tasks\User_Feed_Synchronization-{BBBA4531-E9D5-478C-BCD7-C13F1F652500}.job"
      - C:\Windows\system32\msfeedssync.exe
      .
      **************************************************************************

      catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-06-04 20:37:18
      Windows 6.0.6000 NTFS

      Balayage processus cachés ...

      Balayage caché autostart entries ...

      Balayage des fichiers cachés ...


      **************************************************************************
      .
      Temps d'accomplissement: 2008-06-04 20:39:43
      ComboFix-quarantined-files.txt 2008-06-04 18:38:38

      Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
      Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

      163 --- E O F --- 2008-06-04 15:04:28
      0
  3. Utilisateur anonyme
     
    oui c est bien le rapport refais un scan hijackthis et poste le rapport stp
    0
    1. sousou
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 21:04:31, on 04/06/2008
      Platform: Windows Vista (WinNT 6.00.1904)
      MSIE: Internet Explorer v7.00 (7.00.6000.16643)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\hp\support\hpsysdrv.exe
      C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Windows\System32\rundll32.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
      C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
      C:\Windows\system32\schtasks.exe
      C:\Windows\System32\rundll32.exe
      C:\Windows\ehome\ehmsas.exe
      C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
      C:\Windows\system32\conime.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Windows Media Player\wmpnscfg.exe
      C:\Windows\system32\NOTEPAD.EXE
      C:\Users\sakina chouaibi\Desktop\HiJackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O1 - Hosts: ::1 localhost
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
      O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
      O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
      O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
      O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [LSA Shellu] C:\Users\sakina chouaibi\lsass.exe
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
      O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - Global Startup: WiFi Station.lnk = C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\sakina chouaibi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
      O13 - Gopher Prefix:
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
      O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader4.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
      O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
      0
  4. Utilisateur anonyme
     
    OK je regarde tout ça (combofix et hijackthis) et te dis la suite patience
    0
    1. sousou
       
      ok merci en tout cas je vais enfin pouvoir me fumer une petit clopinette !!!! je t aten sur la pointe des orteils
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Copie le texte ci-dessous :

    File::
    C:\Users\sakina chouaibi\AppData\Roaming\wklnhst.dat
    C:\Users\sakina chouaibi\lsass.exe

    Folder::
    C:\Program Files\VirusEffaceur
    C:\Program Files\Common Files\VirusEffaceur

    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LSA Shellu"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"=-

    Ouvre le Bloc-Notes puis colle le texte copié.
    (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

    http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

    Cela va relancer Combofix,

    Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

    Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

    Ne touche à rien tant que le scan n'est pas terminé.

    Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

    S'il n'y a pas de rédémarrage, poste quand même les rapports.
    0
    1. sousou
       
      Alors je ne sais pas si tu es la ce soir en tout cas (tu vas te dire elle est trop conne celle la) hier j ai attendu ta reponse jusqua 00h00 et je me suis dis que tu avais du t endormir ce matin j ai fait un tour pour voir si tu avais pas repondu et ce soir c est pareil et je vien juste de m apercevoir qu il y avait 2 page lol !!!!en tout cas j ai compris ce que tu voulais me faire faire mais je voulais juste savoir dans quel bloc notes je dois collé le texte que tu ma mis
      est ce que c est dans le rapport de combofix ou hijackthis????? merci si tu me repond encore!!!!!!
      0
    2. sousou
       
      je trouve pas mon demarrer en bas??? c est normal
      0
  7. Utilisateur anonyme
     
    ok redémarre le pc

    ensuite refais un scan hijackthis et post le rapport stp
    0
    1. sousou
       
      salut chiquitine29 alors mon ordi hier etait vraiment au ralenti c est pour ca que je t envoie le rapport que ce matin ComboFix 08-06-03.4 - sakina chouaibi 2008-06-05 22:56:01.3 - NTFSx86
      Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.241 [GMT 2:00]
      Endroit: C:\Users\sakina chouaibi\Desktop\ComboFix.exe
      .

      ((((((((((((((((((((((((((((( Fichiers créés 2008-05-05 to 2008-06-05 ))))))))))))))))))))))))))))))))))))
      .

      Pas de nouveau fichier créé dans cet espace de temps

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-06-04 16:42 --------- d-----w C:\Program Files\Navilog1
      2008-06-04 16:22 --------- d-----w C:\Users\sakina chouaibi\AppData\Roaming\Malwarebytes
      2008-06-04 16:22 --------- d-----w C:\ProgramData\Malwarebytes
      2008-06-04 16:22 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
      2008-05-30 11:42 --------- d-----w C:\Program Files\RamBoost XP
      2008-05-29 23:06 34,296 ----a-w C:\Windows\system32\drivers\mbamcatchme.sys
      2008-05-29 23:06 15,864 ----a-w C:\Windows\system32\drivers\mbam.sys
      2008-05-26 16:58 --------- d-----w C:\Users\sakina chouaibi\AppData\Roaming\LimeWire
      2008-05-26 12:30 --------- d-----w C:\Users\sakina chouaibi\AppData\Roaming\IMVU
      2008-05-23 08:49 --------- d-----w C:\Program Files\Google
      2008-05-22 19:19 --------- d-----w C:\Program Files\Java
      2008-05-22 19:17 --------- d-----w C:\Program Files\Common Files\Real
      2008-05-22 19:11 --------- d-----w C:\Program Files\VideoLAN
      2008-05-22 19:03 --------- d-----w C:\ProgramData\Skype
      2008-05-22 18:30 --------- d---a-w C:\ProgramData\TEMP
      2008-05-18 19:41 --------- d-----w C:\Users\sakina chouaibi\AppData\Roaming\Talkback
      2008-05-18 19:14 466 ----a-w C:\Users\sakina chouaibi\117.bat
      2008-05-18 18:53 --------- d-----w C:\Program Files\Sun
      2008-05-18 18:20 --------- d-----w C:\Program Files\Real
      2008-05-18 17:10 --------- d-----w C:\Program Files\Clear History
      2008-05-18 16:45 --------- d-----w C:\Program Files\LimeWire
      2008-05-16 09:18 --------- d-----w C:\Program Files\Windows Mail
      2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
      2008-05-13 11:06 --------- d-----w C:\Program Files\QuickTime
      2008-05-13 11:05 --------- d-----w C:\ProgramData\Apple Computer
      2008-05-08 17:13 --------- d-----w C:\Program Files\Macrogaming
      2008-05-08 17:11 --------- d-----w C:\Program Files\Paint.NET
      2008-05-04 19:12 --------- d-----w C:\Program Files\IMVU
      2008-04-27 08:15 4,981 ----a-w C:\Windows\System32\gnc.exe
      2008-04-12 10:19 --------- d-----w C:\Program Files\Common Files\Adobe
      2008-03-08 04:30 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
      2008-03-08 04:30 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
      2008-03-08 04:30 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
      2008-03-08 04:30 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
      2008-03-08 04:30 1,686,528 ----a-w C:\Windows\System32\gameux.dll
      2008-03-08 00:37 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
      2008-03-08 00:22 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
      2007-12-06 11:08 174 --sha-w C:\Program Files\desktop.ini
      .

      ------- Sigcheck -------

      .
      ((((((((((((((((((((((((((((( snapshot_2008-06-05_22.36.29,32 )))))))))))))))))))))))))))))))))))))))))
      .
      - 2008-06-05 14:30:16 67,584 --s-a-w C:\Windows\bootstat.dat
      + 2008-06-05 20:54:03 67,584 --s-a-w C:\Windows\bootstat.dat
      - 2008-06-05 08:48:56 695,888 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
      + 2008-06-05 20:52:55 695,888 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
      - 2008-06-05 14:18:04 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
      + 2008-06-05 20:54:05 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
      - 2008-06-05 14:18:04 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
      + 2008-06-05 20:54:05 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
      - 2008-06-05 14:18:16 40,960 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\rtdrvmon.exe
      + 2008-06-05 20:54:22 40,960 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\rtdrvmon.exe
      - 2008-06-05 14:19:40 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
      + 2008-06-05 20:56:47 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
      + 2008-06-05 20:56:47 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
      - 2008-06-05 14:20:12 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
      + 2008-06-05 20:56:42 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
      - 2008-06-05 14:20:12 7,690 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3919040077-950827169-1870375633-1000_UserData.bin
      + 2008-06-05 20:56:46 7,690 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3919040077-950827169-1870375633-1000_UserData.bin
      - 2008-06-05 14:20:12 53,790 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
      + 2008-06-05 20:56:46 53,814 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
      - 2008-06-05 14:20:09 51,146 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
      + 2008-06-05 20:56:17 51,146 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
      .
      ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 12:00 1232896]
      "WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 14:34 2159104 C:\Windows\System32\oobefldr.dll]
      "HPAdvisor"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2007-06-01 13:40 1783400]
      "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
      "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
      "BitComet"="C:\Program Files\BitComet\BitComet.exe" [ ]
      "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-18 20:01 68856]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
      "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
      "RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 13:06 4669440 C:\Windows\RtHDVCpl.exe]
      "HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 13:13 71176]
      "SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2007-04-07 02:56 54936]
      "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
      "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-06 21:15 86016]
      "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-06 21:15 8466432]
      "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-06 21:15 81920]
      "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
      "lxczbmgr.exe"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2007-04-19 16:45 74672]
      "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
      "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]

      C:\Users\sakina chouaibi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      IMVU.lnk - C:\Program Files\IMVU\IMVUClient.exe [2008-04-30 22:33:42 49408]

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
      Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-01-18 18:38:02 67128]
      WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WiFiStation.exe [2008-01-19 15:52:05 98304]

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
      "{E067E5C8-7D8B-41A2-A6CB-F54079980872}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{89933E35-6D81-4238-A5F7-185F6D4222E2}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{A5980DA6-46AD-4C5B-B024-C6FA44543BDB}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{4AC8E676-B37D-44F3-881F-665A8A041F45}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{526FD6D6-8DFB-4D6D-B4F0-39708F324C3F}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{523C2EA6-4163-4F52-A4E7-1C7E832B641B}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.5
      "{C98875A3-280B-49EE-8B32-380DAEA3F46E}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
      "{2A7CC38E-E9D5-493A-A48F-BD03BE46A625}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
      "{2A519B7D-0302-4625-9FAA-77546F98A15A}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{61E08031-3601-45E2-9E27-A86A5DE10DDD}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{74288CE7-23A4-452B-AB1A-84C16BD12E01}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{2F03BBBA-3963-4017-806F-A5ABD8A2FCD1}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{18BC1B77-0039-4C62-AF6F-B6BB6DC7164F}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{3B4981AA-D1F7-4836-93BD-64B6DF5A2FE6}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
      "{ED65F762-CC7C-4CCB-8022-F457D821D3BF}"= UDP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
      "{40A9F95C-5767-41E3-BA95-0954C27045C0}"= TCP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
      "{21B56439-2E4C-40BE-B94C-EE330B859591}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe:Printer Status Window
      "{D3319DBC-FC8F-4713-8F89-8C1F47F14C54}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe:Printer Status Window
      "{13AC2D71-B86E-4C00-9122-170CBA27EA97}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
      "{2926AEEE-95A5-4CE9-B2D2-CF7ED8359624}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
      "{0B47F698-594C-43DB-9302-7B1DA793717A}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
      "{29F53DF0-4543-4B60-A135-D677DE54EBBB}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
      "TCP Query User{09AD9316-EF87-4317-9045-991F41D66D05}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
      "UDP Query User{A162AB97-CA33-4FCD-8FB8-C9C8937C56B3}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
      "TCP Query User{77634EFB-CFB1-4834-8E25-77DC8ED7ED2D}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
      "UDP Query User{C81BFF66-5C36-467B-84D3-443CF76E59A1}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
      "TCP Query User{877D206E-D008-4179-B970-B9C9A198C2E1}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
      "UDP Query User{A7F1FF94-C9F6-446B-8906-09DE79C13A41}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
      "{2CB49183-E3E1-4CE4-AE13-3BC3FBEF8D70}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
      "{B74040E8-11B0-4F38-9B30-1725FF16C6A7}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
      "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

      R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
      R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
      R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]
      R2 lxcz_device;lxcz_device;C:\Windows\system32\lxczcoms.exe [2007-04-19 16:43]
      R3 netr73;Hercules Wireless USB Dongle Driver for Vista;C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 18:01]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a12ea18-0964-11dd-9842-001921433d38}]
      \shell\AutoRun\command - J:\setup/setup.exe

      .
      Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
      "2008-06-04 19:32:21 C:\Windows\Tasks\User_Feed_Synchronization-{BBBA4531-E9D5-478C-BCD7-C13F1F652500}.job"
      - C:\Windows\system32\msfeedssync.exe
      .
      **************************************************************************

      catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-06-05 23:00:08
      Windows 6.0.6000 NTFS

      Balayage processus cachés ...

      Balayage caché autostart entries ...

      Balayage des fichiers cachés ...


      **************************************************************************
      .
      Temps d'accomplissement: 2008-06-05 23:57:12
      ComboFix-quarantined-files.txt 2008-06-05 21:33:51
      ComboFix2.txt 2008-06-05 20:38:16
      ComboFix3.txt 2008-06-04 18:39:44

      Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
      Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

      175 --- E O F --- 2008-06-04 15:04:28
      0
  8. Utilisateur anonyme
     
    SI St je suis la bonjours

    refais un scan hijackthis et post le rapport stp

    et dis moi comment va le pc stp
    0
    1. sousou
       
      voila chiquitine mon ordi va mieux que hier il etait vraiment trop lent lmais j ai l impression que ca va mieu voila Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 12:06:02, on 06/06/2008
      Platform: Windows Vista (WinNT 6.00.1904)
      MSIE: Internet Explorer v7.00 (7.00.6000.16643)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\hp\support\hpsysdrv.exe
      C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Windows\System32\rundll32.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
      C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      C:\Windows\system32\schtasks.exe
      C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Windows\System32\rundll32.exe
      C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
      C:\Windows\ehome\ehmsas.exe
      C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
      C:\Windows\system32\conime.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Windows\system32\NOTEPAD.EXE
      C:\Users\sakina chouaibi\Desktop\HiJackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O1 - Hosts: ::1 localhost
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
      O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
      O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
      O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
      O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - Global Startup: WiFi Station.lnk = C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\sakina chouaibi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
      O13 - Gopher Prefix:
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
      O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader4.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
      O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
      0
  9. Utilisateur anonyme
     
    ok désinstal java car pas a jours et instal cette version :

    https://www.java.com/fr/download/manual.jsp

    ensuite refais un scan hijackthis et poste le rapport stp
    0
    1. sousou
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 12:50:01, on 06/06/2008
      Platform: Windows Vista (WinNT 6.00.1904)
      MSIE: Internet Explorer v7.00 (7.00.6000.16643)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\hp\support\hpsysdrv.exe
      C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Windows\System32\rundll32.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
      C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      C:\Windows\system32\schtasks.exe
      C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Windows\System32\rundll32.exe
      C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
      C:\Windows\ehome\ehmsas.exe
      C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
      C:\Windows\system32\conime.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Users\sakina chouaibi\Desktop\HiJackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O1 - Hosts: ::1 localhost
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
      O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
      O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
      O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
      O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - Global Startup: WiFi Station.lnk = C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
      O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\sakina chouaibi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
      O13 - Gopher Prefix:
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
      O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader4.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
      O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
      0
  10. Utilisateur anonyme
     
    oui c ça

    refais un scan hijackthis et post le rapport stp
    0
    1. sousou
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 13:34:37, on 06/06/2008
      Platform: Windows Vista (WinNT 6.00.1904)
      MSIE: Internet Explorer v7.00 (7.00.6000.16643)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\hp\support\hpsysdrv.exe
      C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Windows\System32\rundll32.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
      C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
      C:\Windows\System32\rundll32.exe
      C:\Windows\ehome\ehmsas.exe
      C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
      C:\Windows\system32\conime.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Windows\system32\wuauclt.exe
      C:\Users\sakina chouaibi\Desktop\HiJackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O1 - Hosts: ::1 localhost
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
      O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
      O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
      O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
      O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - Global Startup: WiFi Station.lnk = C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
      O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\sakina chouaibi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
      O13 - Gopher Prefix:
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
      O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
      0
  11. Utilisateur anonyme
     
    re
    refais un scan hijackthis et poste le rapport stp
    0
    1. sousou
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 18:23:26, on 06/06/2008
      Platform: Windows Vista (WinNT 6.00.1904)
      MSIE: Internet Explorer v7.00 (7.00.6000.16643)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\hp\support\hpsysdrv.exe
      C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Windows\System32\rundll32.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
      C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
      C:\Windows\System32\rundll32.exe
      C:\Windows\ehome\ehmsas.exe
      C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
      C:\Windows\system32\conime.exe
      C:\Windows\system32\wuauclt.exe
      C:\Windows\System32\mobsync.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Users\sakina chouaibi\Desktop\HiJackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O1 - Hosts: ::1 localhost
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
      O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
      O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
      O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
      O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - Global Startup: WiFi Station.lnk = C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
      O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\sakina chouaibi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
      O13 - Gopher Prefix:
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
      O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
      0
  12. Utilisateur anonyme
     
    navilog supprime le depuis le panneau de configuration

    Qbox va dans ordinateur et supprime le

    Si tu es satisfait de mon intervention

    et que tu n as plus de probleme

    change le statut du sujet en résolu stp

    pour cela va en haut sur ta premiere question et la tu as le choix
    0
    1. sousou
       
      et comment je fais pour quitter le dernier?
      0
  13. Utilisateur anonyme
     
    hein ?? explique ;;;;.......
    0
    1. sousou
       
      pour quitter toolscleaner jai peur de fermé avec la croix et de ne pas avoir de rapport pour t envoyé
      0
  14. Utilisateur anonyme
     
    PAS grave pour le rapport ferme toolcleaner et verifie si hijackthis et compagnie ont disparu
    0
    1. sousou
       
      alors hijackthis combofix et l autre ont ete effacé il me restemalwarebyte toolscleaner avg ccleaner et les document qui vont avec ! crois tu que je dois effacer tout ca de moi meme??? est ce que ca ne va pas faire ralentir mon ordi?? et a ton avi qu et ce que je dois garder comme antivirus avast ou avg antispyware???
      0
  15. Utilisateur anonyme
     
    hi hi

    toolcleaner vire le les rapports aussi

    malewarebyte et ccleaner garde les et fais des scan de temps en temps

    pour ton antivirus tu peux garder avast mais je te conseil antivir:

    http://www.commentcamarche.net/download/telecharger-55-antivir

    gratuit en anglais mais simple

    Pour désinstaller Avast telecharge cet outil

    https://www.avast.com/fr-fr/uninstall-utility

    si tu pas d autres questions met resolu stp

    A découvrir : Estopa, Rosario Flores, La oreja de van gogh.. Bonne écoute
    0
    1. sousou
       
      je ne vois plus ou je met resolu je n ai plus d autre question et je tien a te remercier beaucoup de m avoir accordé trois jour pour m expliquer malgres que je ne sais tjrs pas si tu es une fille ou garcon !!! en tout cas merci beaucoup j espere que je n aurai plus jamais de virus et finalement si jai une derniere question est ce que avec tout ca tu as vu comment j ai attrper ces virus??
      0
  16. Utilisateur anonyme
     
    hi hi garçon ou fille ?? mystere .....

    Comment t as attrapé ces saloperies ?? lors d etelechargements surement

    pour mettre résolu tu peux pas car tu n es pas enregistré

    ciao et bon surf
    0
  17. ahlalia Messages postés 10 Statut Membre
     
    bonjour essai avec kapersky tu telecharge la version d'evaluasion et dit moi koi
    0
Précédent
  • 1
  • 2