Hijackthis merci de maider

jowel -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour, est-ce que quel qu'un peut analyser mon log Hijackthis, merci a lavance. :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:18, on 2008-09-11
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Aliant\NETASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Gpl bin.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Mix Info] C:\DOCUME~1\jowel\APPLIC~1\ITCHID~1\Hole jump.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Net Assistant.lnk = C:\Program Files\Aliant\Net Assistant\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)

--
End of file - 8949 bytes
Configuration: Windows XP
Internet Explorer 6.0

18 réponses

  1. jowel
     
    --------------------\\ Lop S&D 4.2.4-2 XP/Vista

    "C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
    Option : [1] ( 2008-09-11|20:14 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [2008-08-14|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [2008-08-14|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2008-09-10|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [2008-09-01|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eGames
    [2008-09-09|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    [2008-08-24|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
    [2008-09-02|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2008-08-10|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [2008-08-04|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [2008-08-04|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [2008-08-04|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2008-09-02|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2008-08-14|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [2008-08-19|10:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
    [2008-09-11|01:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
    [2008-08-27|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Outspark
    [2008-08-19|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [2008-09-11|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [2008-09-11|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
    [2008-08-19|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2008-09-11|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [2008-08-27|01:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [2008-08-23|20:40] C:\DOCUME~1\jowel\APPLIC~1\Ace
    [2008-09-02|13:47] C:\DOCUME~1\jowel\APPLIC~1\Adobe
    [2008-08-25|17:38] C:\DOCUME~1\jowel\APPLIC~1\Apple Computer
    [2008-09-10|22:35] C:\DOCUME~1\jowel\APPLIC~1\AVGTOOLBAR
    [2008-09-03|12:07] C:\DOCUME~1\jowel\APPLIC~1\DivX
    [2008-08-30|19:04] C:\DOCUME~1\jowel\APPLIC~1\DNA
    [2008-09-01|15:34] C:\DOCUME~1\jowel\APPLIC~1\eGames
    [2008-08-24|16:24] C:\DOCUME~1\jowel\APPLIC~1\Go-Go Gourmet Chef of the Year
    [2008-09-02|13:47] C:\DOCUME~1\jowel\APPLIC~1\Google
    [2008-08-04|13:36] C:\DOCUME~1\jowel\APPLIC~1\Identities
    [2008-09-10|21:33] C:\DOCUME~1\jowel\APPLIC~1\itch idol
    [2008-09-11|16:57] C:\DOCUME~1\jowel\APPLIC~1\LimeWire
    [2008-08-29|15:23] C:\DOCUME~1\jowel\APPLIC~1\Macromedia
    [2008-09-10|21:26] C:\DOCUME~1\jowel\APPLIC~1\Microsoft
    [2008-09-09|23:13] C:\DOCUME~1\jowel\APPLIC~1\OpenOffice.org2
    [2008-09-04|11:21] C:\DOCUME~1\jowel\APPLIC~1\Pi Eye Games
    [2008-09-06|19:16] C:\DOCUME~1\jowel\APPLIC~1\Roxio
    [2008-08-24|14:04] C:\DOCUME~1\jowel\APPLIC~1\SulusGames
    [2008-09-11|11:26] C:\DOCUME~1\jowel\APPLIC~1\uTorrent
    [2008-09-11|01:42] C:\DOCUME~1\jowel\APPLIC~1\Winamp

    [2008-09-10|21:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [2008-09-10|21:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [2008-08-28|17:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [2008-09-11 20:00][--ah-----] C:\WINDOWS\tasks\A8E2AA73918120EB.job
    [2008-09-08 10:00][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2008-09-11 19:29][--a------] C:\WINDOWS\tasks\HP Usg Daily.job
    [2008-09-11 11:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [2001-08-23 09:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( A8E2AA73918120EB.job )=( c:\docume~1\jowel\applic~1\itchid~1\Blahplanjugs.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [2008-08-25|01:17] C:\Program Files\After The End
    [2008-08-25|21:50] C:\Program Files\Air Strike 2
    [2008-08-27|01:34] C:\Program Files\Air Strike II Gulf Thunder
    [2008-08-19|12:22] C:\Program Files\Aliant
    [2008-08-24|18:46] C:\Program Files\Alien Outbreak 2 Invasion
    [2008-09-11|11:40] C:\Program Files\Alwil Software
    [2008-09-10|21:58] C:\Program Files\Apple Software Update
    [2008-08-25|11:57] C:\Program Files\AstroAvenger
    [2008-08-30|14:52] C:\Program Files\ATI Technologies
    [2008-09-10|21:28] C:\Program Files\AVG
    [2008-08-25|20:50] C:\Program Files\Battle Castles
    [2008-08-14|09:53] C:\Program Files\Bonjour
    [2008-09-10|21:59] C:\Program Files\Circle Developement
    [2008-09-01|13:26] C:\Program Files\Common Files
    [2008-08-04|13:26] C:\Program Files\ComPlus Applications
    [2008-08-24|17:22] C:\Program Files\Crimsonland
    [2008-08-25|21:43] C:\Program Files\Devastation Zone Troopers
    [2008-09-10|22:01] C:\Program Files\DivX
    [2008-09-10|22:01] C:\Program Files\DNA
    [2008-08-30|18:17] C:\Program Files\Electronic Arts
    [2008-09-01|20:39] C:\Program Files\Evil Invasion
    [2008-09-02|20:33] C:\Program Files\Google
    [2008-08-25|01:07] C:\Program Files\Gunner 2
    [2008-08-27|01:46] C:\Program Files\Heavy Weapon
    [2008-08-10|19:28] C:\Program Files\Hewlett-Packard
    [2008-08-10|19:28] C:\Program Files\HP
    [2008-08-30|14:52] C:\Program Files\InstallShield Installation Information
    [2008-09-04|14:48] C:\Program Files\Internet Explorer
    [2008-08-14|09:53] C:\Program Files\iPod
    [2008-09-09|10:54] C:\Program Files\itch idol
    [2008-09-10|22:04] C:\Program Files\iTunes
    [2008-08-09|18:29] C:\Program Files\Java
    [2008-09-02|13:37] C:\Program Files\Jets N Guns
    [2008-09-02|12:16] C:\Program Files\Kungfu Master
    [2008-08-27|13:03] C:\Program Files\Larva Mortus
    [2008-09-11|14:47] C:\Program Files\LimeWire
    [2008-08-04|22:49] C:\Program Files\Logitech
    [2008-08-27|01:24] C:\Program Files\Master of Defense
    [2008-09-10|22:05] C:\Program Files\Messenger
    [2008-09-11|01:14] C:\Program Files\Messenger Plus! Live
    [2008-08-27|01:53] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2008-08-04|13:30] C:\Program Files\microsoft frontpage
    [2008-08-29|18:45] C:\Program Files\Mighty Rodent
    [2008-08-19|12:23] C:\Program Files\Motive
    [2008-09-10|22:06] C:\Program Files\Movie Maker
    [2008-08-04|13:25] C:\Program Files\MSN
    [2008-08-04|13:26] C:\Program Files\MSN Gaming Zone
    [2008-09-11|01:14] C:\Program Files\MSN Messenger
    [2008-08-27|01:51] C:\Program Files\MSXML 4.0
    [2008-08-27|01:53] C:\Program Files\MSXML 6.0
    [2008-09-10|22:06] C:\Program Files\NetMeeting
    [2008-08-04|13:28] C:\Program Files\Online Services
    [2008-08-04|15:59] C:\Program Files\OpenOffice.org 2.1
    [2008-09-04|14:46] C:\Program Files\Outlook Express
    [2008-08-27|19:54] C:\Program Files\Outspark
    [2008-09-04|11:20] C:\Program Files\Project Xenoclone
    [2008-09-10|22:14] C:\Program Files\QuickTime
    [2008-09-08|00:20] C:\Program Files\Rage Of Magic 2
    [2008-08-19|15:29] C:\Program Files\ReflexiveArcade
    [2008-08-29|18:45] C:\Program Files\RIP
    [2008-08-29|19:10] C:\Program Files\RIP 3 The Last Hero
    [2008-09-01|20:39] C:\Program Files\RIP Strike Back
    [2008-08-04|14:17] C:\Program Files\Roxio
    [2008-08-19|16:41] C:\Program Files\Sallys Spa
    [2008-09-10|22:16] C:\Program Files\Sigma_Team
    [2008-09-11|10:49] C:\Program Files\Spybot - Search & Destroy
    [2008-08-25|01:00] C:\Program Files\Star Defender 4
    [2008-09-11|20:04] C:\Program Files\Trend Micro
    [2008-08-04|13:36] C:\Program Files\Uninstall Information
    [2008-09-11|11:23] C:\Program Files\uTorrent
    [2008-09-11|01:44] C:\Program Files\Winamp
    [2008-09-11|01:44] C:\Program Files\Winamp Remote
    [2008-08-19|13:06] C:\Program Files\Windows Live
    [2008-09-10|22:16] C:\Program Files\Windows Media Connect 2
    [2008-09-10|22:16] C:\Program Files\Windows Media Player
    [2008-09-10|22:16] C:\Program Files\Windows NT
    [2008-08-04|13:28] C:\Program Files\WindowsUpdate
    [2008-08-04|13:30] C:\Program Files\xerox
    [2008-08-25|00:22] C:\Program Files\Zombie Shooter

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [2008-08-14|09:52] C:\Program Files\Common Files\Apple
    [2008-08-25|01:01] C:\Program Files\Common Files\DirectX
    [2008-09-01|13:26] C:\Program Files\Common Files\Download Manager
    [2008-08-10|19:27] C:\Program Files\Common Files\HP
    [2008-08-04|22:49] C:\Program Files\Common Files\InstallShield
    [2008-08-09|11:37] C:\Program Files\Common Files\Java
    [2008-09-10|22:00] C:\Program Files\Common Files\LogiShrd
    [2008-08-30|18:17] C:\Program Files\Common Files\Microsoft Shared
    [2008-09-10|22:00] C:\Program Files\Common Files\Motive
    [2008-08-04|13:27] C:\Program Files\Common Files\MSSoap
    [2008-08-04|10:14] C:\Program Files\Common Files\ODBC
    [2008-08-04|14:18] C:\Program Files\Common Files\Roxio Shared
    [2008-08-04|13:27] C:\Program Files\Common Files\Services
    [2008-08-04|10:14] C:\Program Files\Common Files\SpeechEngines
    [2008-09-04|14:46] C:\Program Files\Common Files\System
    [2008-08-19|13:07] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 50 Processes )

    iexplore.exe ~ [PID:1916]
    iexplore.exe ~ [PID:2116]
    iexplore.exe ~ [PID:5256]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Gpl bin.exe
    C:\DOCUME~1\jowel\APPLIC~1\itchid~1
    C:\Program Files\itchid~1
    C:\DOCUME~1\jowel\LOCALS~1\Temp\msgpl_8f5a.tmp
    C:\DOCUME~1\jowel\LOCALS~1\Temp\msgpl_eaae.tmp
    C:\DOCUME~1\jowel\LOCALS~1\Temp\nsaC.tmp
    C:\DOCUME~1\jowel\LOCALS~1\Temp\nsxE.tmp
    C:\DOCUME~1\jowel\LOCALS~1\Temp\nsz8.tmp
    C:\Program Files\Circle Developement
    C:\DOCUME~1\jowel\Cookies\jowel@adopt.euroclick[1].txt
    C:\WINDOWS\Tasks\A8E2AA73918120EB.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Mix Info"="C:\\DOCUME~1\\jowel\\APPLIC~1\\ITCHID~1\\Hole jump.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "bend logo clock film"="C:\\Documents and Settings\\All Users\\Application Data\\Frag great bend logo\\Gpl bin.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-11 20:16:04
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:40][D:31]-> C:\DOCUME~1\jowel\LOCALS~1\Temp
    [F:70][D:0]-> C:\DOCUME~1\jowel\Cookies
    [F:16743][D:20]-> C:\DOCUME~1\jowel\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 2008-09-11|20:18 - Option : [1]

    --------------------\\ Fin du rapport a 20:18:09

    Merci :)
    0
  2. jowel
     
    --------------------\\ Lop S&D 4.2.4-2 XP/Vista

    "C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
    Option : [1] ( 2008-09-11|20:14 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [2008-08-14|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [2008-08-14|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2008-09-10|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [2008-09-01|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eGames
    [2008-09-09|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    [2008-08-24|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
    [2008-09-02|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2008-08-10|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [2008-08-04|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [2008-08-04|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [2008-08-04|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2008-09-02|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2008-08-14|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [2008-08-19|10:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
    [2008-09-11|01:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
    [2008-08-27|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Outspark
    [2008-08-19|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [2008-09-11|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [2008-09-11|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
    [2008-08-19|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2008-09-11|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [2008-08-27|01:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [2008-08-23|20:40] C:\DOCUME~1\jowel\APPLIC~1\Ace
    [2008-09-02|13:47] C:\DOCUME~1\jowel\APPLIC~1\Adobe
    [2008-08-25|17:38] C:\DOCUME~1\jowel\APPLIC~1\Apple Computer
    [2008-09-10|22:35] C:\DOCUME~1\jowel\APPLIC~1\AVGTOOLBAR
    [2008-09-03|12:07] C:\DOCUME~1\jowel\APPLIC~1\DivX
    [2008-08-30|19:04] C:\DOCUME~1\jowel\APPLIC~1\DNA
    [2008-09-01|15:34] C:\DOCUME~1\jowel\APPLIC~1\eGames
    [2008-08-24|16:24] C:\DOCUME~1\jowel\APPLIC~1\Go-Go Gourmet Chef of the Year
    [2008-09-02|13:47] C:\DOCUME~1\jowel\APPLIC~1\Google
    [2008-08-04|13:36] C:\DOCUME~1\jowel\APPLIC~1\Identities
    [2008-09-10|21:33] C:\DOCUME~1\jowel\APPLIC~1\itch idol
    [2008-09-11|16:57] C:\DOCUME~1\jowel\APPLIC~1\LimeWire
    [2008-08-29|15:23] C:\DOCUME~1\jowel\APPLIC~1\Macromedia
    [2008-09-10|21:26] C:\DOCUME~1\jowel\APPLIC~1\Microsoft
    [2008-09-09|23:13] C:\DOCUME~1\jowel\APPLIC~1\OpenOffice.org2
    [2008-09-04|11:21] C:\DOCUME~1\jowel\APPLIC~1\Pi Eye Games
    [2008-09-06|19:16] C:\DOCUME~1\jowel\APPLIC~1\Roxio
    [2008-08-24|14:04] C:\DOCUME~1\jowel\APPLIC~1\SulusGames
    [2008-09-11|11:26] C:\DOCUME~1\jowel\APPLIC~1\uTorrent
    [2008-09-11|01:42] C:\DOCUME~1\jowel\APPLIC~1\Winamp

    [2008-09-10|21:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [2008-09-10|21:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [2008-08-28|17:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [2008-09-11 20:00][--ah-----] C:\WINDOWS\tasks\A8E2AA73918120EB.job
    [2008-09-08 10:00][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2008-09-11 19:29][--a------] C:\WINDOWS\tasks\HP Usg Daily.job
    [2008-09-11 11:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [2001-08-23 09:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( A8E2AA73918120EB.job )=( c:\docume~1\jowel\applic~1\itchid~1\Blahplanjugs.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [2008-08-25|01:17] C:\Program Files\After The End
    [2008-08-25|21:50] C:\Program Files\Air Strike 2
    [2008-08-27|01:34] C:\Program Files\Air Strike II Gulf Thunder
    [2008-08-19|12:22] C:\Program Files\Aliant
    [2008-08-24|18:46] C:\Program Files\Alien Outbreak 2 Invasion
    [2008-09-11|11:40] C:\Program Files\Alwil Software
    [2008-09-10|21:58] C:\Program Files\Apple Software Update
    [2008-08-25|11:57] C:\Program Files\AstroAvenger
    [2008-08-30|14:52] C:\Program Files\ATI Technologies
    [2008-09-10|21:28] C:\Program Files\AVG
    [2008-08-25|20:50] C:\Program Files\Battle Castles
    [2008-08-14|09:53] C:\Program Files\Bonjour
    [2008-09-10|21:59] C:\Program Files\Circle Developement
    [2008-09-01|13:26] C:\Program Files\Common Files
    [2008-08-04|13:26] C:\Program Files\ComPlus Applications
    [2008-08-24|17:22] C:\Program Files\Crimsonland
    [2008-08-25|21:43] C:\Program Files\Devastation Zone Troopers
    [2008-09-10|22:01] C:\Program Files\DivX
    [2008-09-10|22:01] C:\Program Files\DNA
    [2008-08-30|18:17] C:\Program Files\Electronic Arts
    [2008-09-01|20:39] C:\Program Files\Evil Invasion
    [2008-09-02|20:33] C:\Program Files\Google
    [2008-08-25|01:07] C:\Program Files\Gunner 2
    [2008-08-27|01:46] C:\Program Files\Heavy Weapon
    [2008-08-10|19:28] C:\Program Files\Hewlett-Packard
    [2008-08-10|19:28] C:\Program Files\HP
    [2008-08-30|14:52] C:\Program Files\InstallShield Installation Information
    [2008-09-04|14:48] C:\Program Files\Internet Explorer
    [2008-08-14|09:53] C:\Program Files\iPod
    [2008-09-09|10:54] C:\Program Files\itch idol
    [2008-09-10|22:04] C:\Program Files\iTunes
    [2008-08-09|18:29] C:\Program Files\Java
    [2008-09-02|13:37] C:\Program Files\Jets N Guns
    [2008-09-02|12:16] C:\Program Files\Kungfu Master
    [2008-08-27|13:03] C:\Program Files\Larva Mortus
    [2008-09-11|14:47] C:\Program Files\LimeWire
    [2008-08-04|22:49] C:\Program Files\Logitech
    [2008-08-27|01:24] C:\Program Files\Master of Defense
    [2008-09-10|22:05] C:\Program Files\Messenger
    [2008-09-11|01:14] C:\Program Files\Messenger Plus! Live
    [2008-08-27|01:53] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2008-08-04|13:30] C:\Program Files\microsoft frontpage
    [2008-08-29|18:45] C:\Program Files\Mighty Rodent
    [2008-08-19|12:23] C:\Program Files\Motive
    [2008-09-10|22:06] C:\Program Files\Movie Maker
    [2008-08-04|13:25] C:\Program Files\MSN
    [2008-08-04|13:26] C:\Program Files\MSN Gaming Zone
    [2008-09-11|01:14] C:\Program Files\MSN Messenger
    [2008-08-27|01:51] C:\Program Files\MSXML 4.0
    [2008-08-27|01:53] C:\Program Files\MSXML 6.0
    [2008-09-10|22:06] C:\Program Files\NetMeeting
    [2008-08-04|13:28] C:\Program Files\Online Services
    [2008-08-04|15:59] C:\Program Files\OpenOffice.org 2.1
    [2008-09-04|14:46] C:\Program Files\Outlook Express
    [2008-08-27|19:54] C:\Program Files\Outspark
    [2008-09-04|11:20] C:\Program Files\Project Xenoclone
    [2008-09-10|22:14] C:\Program Files\QuickTime
    [2008-09-08|00:20] C:\Program Files\Rage Of Magic 2
    [2008-08-19|15:29] C:\Program Files\ReflexiveArcade
    [2008-08-29|18:45] C:\Program Files\RIP
    [2008-08-29|19:10] C:\Program Files\RIP 3 The Last Hero
    [2008-09-01|20:39] C:\Program Files\RIP Strike Back
    [2008-08-04|14:17] C:\Program Files\Roxio
    [2008-08-19|16:41] C:\Program Files\Sallys Spa
    [2008-09-10|22:16] C:\Program Files\Sigma_Team
    [2008-09-11|10:49] C:\Program Files\Spybot - Search & Destroy
    [2008-08-25|01:00] C:\Program Files\Star Defender 4
    [2008-09-11|20:04] C:\Program Files\Trend Micro
    [2008-08-04|13:36] C:\Program Files\Uninstall Information
    [2008-09-11|11:23] C:\Program Files\uTorrent
    [2008-09-11|01:44] C:\Program Files\Winamp
    [2008-09-11|01:44] C:\Program Files\Winamp Remote
    [2008-08-19|13:06] C:\Program Files\Windows Live
    [2008-09-10|22:16] C:\Program Files\Windows Media Connect 2
    [2008-09-10|22:16] C:\Program Files\Windows Media Player
    [2008-09-10|22:16] C:\Program Files\Windows NT
    [2008-08-04|13:28] C:\Program Files\WindowsUpdate
    [2008-08-04|13:30] C:\Program Files\xerox
    [2008-08-25|00:22] C:\Program Files\Zombie Shooter

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [2008-08-14|09:52] C:\Program Files\Common Files\Apple
    [2008-08-25|01:01] C:\Program Files\Common Files\DirectX
    [2008-09-01|13:26] C:\Program Files\Common Files\Download Manager
    [2008-08-10|19:27] C:\Program Files\Common Files\HP
    [2008-08-04|22:49] C:\Program Files\Common Files\InstallShield
    [2008-08-09|11:37] C:\Program Files\Common Files\Java
    [2008-09-10|22:00] C:\Program Files\Common Files\LogiShrd
    [2008-08-30|18:17] C:\Program Files\Common Files\Microsoft Shared
    [2008-09-10|22:00] C:\Program Files\Common Files\Motive
    [2008-08-04|13:27] C:\Program Files\Common Files\MSSoap
    [2008-08-04|10:14] C:\Program Files\Common Files\ODBC
    [2008-08-04|14:18] C:\Program Files\Common Files\Roxio Shared
    [2008-08-04|13:27] C:\Program Files\Common Files\Services
    [2008-08-04|10:14] C:\Program Files\Common Files\SpeechEngines
    [2008-09-04|14:46] C:\Program Files\Common Files\System
    [2008-08-19|13:07] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 50 Processes )

    iexplore.exe ~ [PID:1916]
    iexplore.exe ~ [PID:2116]
    iexplore.exe ~ [PID:5256]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Gpl bin.exe
    C:\DOCUME~1\jowel\APPLIC~1\itchid~1
    C:\Program Files\itchid~1
    C:\DOCUME~1\jowel\LOCALS~1\Temp\msgpl_8f5a.tmp
    C:\DOCUME~1\jowel\LOCALS~1\Temp\msgpl_eaae.tmp
    C:\DOCUME~1\jowel\LOCALS~1\Temp\nsaC.tmp
    C:\DOCUME~1\jowel\LOCALS~1\Temp\nsxE.tmp
    C:\DOCUME~1\jowel\LOCALS~1\Temp\nsz8.tmp
    C:\Program Files\Circle Developement
    C:\DOCUME~1\jowel\Cookies\jowel@adopt.euroclick[1].txt
    C:\WINDOWS\Tasks\A8E2AA73918120EB.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Mix Info"="C:\\DOCUME~1\\jowel\\APPLIC~1\\ITCHID~1\\Hole jump.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "bend logo clock film"="C:\\Documents and Settings\\All Users\\Application Data\\Frag great bend logo\\Gpl bin.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-11 20:16:04
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:40][D:31]-> C:\DOCUME~1\jowel\LOCALS~1\Temp
    [F:70][D:0]-> C:\DOCUME~1\jowel\Cookies
    [F:16743][D:20]-> C:\DOCUME~1\jowel\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 2008-09-11|20:18 - Option : [1]

    --------------------\\ Fin du rapport a 20:18:09

    Merci :)
    0
  3. jowel
     
    --------------------\\ Lop S&D 4.2.4-2 XP/Vista

    "C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
    Option : [2] ( 2008-09-11|20:21 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Gpl bin.exe
    Supprime! - C:\DOCUME~1\jowel\LOCALS~1\Temp\msgpl_8f5a.tmp
    Supprime! - C:\DOCUME~1\jowel\LOCALS~1\Temp\msgpl_eaae.tmp
    Supprime! - C:\DOCUME~1\jowel\LOCALS~1\Temp\nsaC.tmp
    Supprime! - C:\DOCUME~1\jowel\LOCALS~1\Temp\nsxE.tmp
    Supprime! - C:\DOCUME~1\jowel\LOCALS~1\Temp\nsz8.tmp
    Supprime! - C:\DOCUME~1\jowel\Cookies\jowel@adopt.euroclick[1].txt
    Supprime! - C:\WINDOWS\Tasks\A8E2AA73918120EB.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    Supprime! - C:\DOCUME~1\jowel\APPLIC~1\itchid~1
    Supprime! - C:\Program Files\itchid~1
    Supprime! - C:\Program Files\Circle Developement
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [2008-08-14|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [2008-08-14|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2008-09-10|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [2008-09-01|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eGames
    [2008-08-24|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
    [2008-09-02|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2008-08-10|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [2008-08-04|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [2008-08-04|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [2008-08-04|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2008-09-02|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2008-08-14|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [2008-08-19|10:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
    [2008-09-11|01:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
    [2008-08-27|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Outspark
    [2008-08-19|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [2008-09-11|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [2008-09-11|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
    [2008-08-19|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2008-09-11|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [2008-08-27|01:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [2008-08-23|20:40] C:\DOCUME~1\jowel\APPLIC~1\Ace
    [2008-09-02|13:47] C:\DOCUME~1\jowel\APPLIC~1\Adobe
    [2008-08-25|17:38] C:\DOCUME~1\jowel\APPLIC~1\Apple Computer
    [2008-09-10|22:35] C:\DOCUME~1\jowel\APPLIC~1\AVGTOOLBAR
    [2008-09-03|12:07] C:\DOCUME~1\jowel\APPLIC~1\DivX
    [2008-08-30|19:04] C:\DOCUME~1\jowel\APPLIC~1\DNA
    [2008-09-01|15:34] C:\DOCUME~1\jowel\APPLIC~1\eGames
    [2008-08-24|16:24] C:\DOCUME~1\jowel\APPLIC~1\Go-Go Gourmet Chef of the Year
    [2008-09-02|13:47] C:\DOCUME~1\jowel\APPLIC~1\Google
    [2008-08-04|13:36] C:\DOCUME~1\jowel\APPLIC~1\Identities
    [2008-09-11|16:57] C:\DOCUME~1\jowel\APPLIC~1\LimeWire
    [2008-08-29|15:23] C:\DOCUME~1\jowel\APPLIC~1\Macromedia
    [2008-09-10|21:26] C:\DOCUME~1\jowel\APPLIC~1\Microsoft
    [2008-09-09|23:13] C:\DOCUME~1\jowel\APPLIC~1\OpenOffice.org2
    [2008-09-04|11:21] C:\DOCUME~1\jowel\APPLIC~1\Pi Eye Games
    [2008-09-06|19:16] C:\DOCUME~1\jowel\APPLIC~1\Roxio
    [2008-08-24|14:04] C:\DOCUME~1\jowel\APPLIC~1\SulusGames
    [2008-09-11|11:26] C:\DOCUME~1\jowel\APPLIC~1\uTorrent
    [2008-09-11|01:42] C:\DOCUME~1\jowel\APPLIC~1\Winamp

    [2008-09-10|21:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [2008-09-10|21:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [2008-08-28|17:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [2008-09-08 10:00][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2008-09-11 19:29][--a------] C:\WINDOWS\tasks\HP Usg Daily.job
    [2008-09-11 11:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [2001-08-23 09:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [2008-08-25|01:17] C:\Program Files\After The End
    [2008-08-25|21:50] C:\Program Files\Air Strike 2
    [2008-08-27|01:34] C:\Program Files\Air Strike II Gulf Thunder
    [2008-08-19|12:22] C:\Program Files\Aliant
    [2008-08-24|18:46] C:\Program Files\Alien Outbreak 2 Invasion
    [2008-09-11|11:40] C:\Program Files\Alwil Software
    [2008-09-10|21:58] C:\Program Files\Apple Software Update
    [2008-08-25|11:57] C:\Program Files\AstroAvenger
    [2008-08-30|14:52] C:\Program Files\ATI Technologies
    [2008-09-10|21:28] C:\Program Files\AVG
    [2008-08-25|20:50] C:\Program Files\Battle Castles
    [2008-08-14|09:53] C:\Program Files\Bonjour
    [2008-09-01|13:26] C:\Program Files\Common Files
    [2008-08-04|13:26] C:\Program Files\ComPlus Applications
    [2008-08-24|17:22] C:\Program Files\Crimsonland
    [2008-08-25|21:43] C:\Program Files\Devastation Zone Troopers
    [2008-09-10|22:01] C:\Program Files\DivX
    [2008-09-10|22:01] C:\Program Files\DNA
    [2008-08-30|18:17] C:\Program Files\Electronic Arts
    [2008-09-01|20:39] C:\Program Files\Evil Invasion
    [2008-09-02|20:33] C:\Program Files\Google
    [2008-08-25|01:07] C:\Program Files\Gunner 2
    [2008-08-27|01:46] C:\Program Files\Heavy Weapon
    [2008-08-10|19:28] C:\Program Files\Hewlett-Packard
    [2008-08-10|19:28] C:\Program Files\HP
    [2008-08-30|14:52] C:\Program Files\InstallShield Installation Information
    [2008-09-04|14:48] C:\Program Files\Internet Explorer
    [2008-08-14|09:53] C:\Program Files\iPod
    [2008-09-10|22:04] C:\Program Files\iTunes
    [2008-08-09|18:29] C:\Program Files\Java
    [2008-09-02|13:37] C:\Program Files\Jets N Guns
    [2008-09-02|12:16] C:\Program Files\Kungfu Master
    [2008-08-27|13:03] C:\Program Files\Larva Mortus
    [2008-09-11|14:47] C:\Program Files\LimeWire
    [2008-08-04|22:49] C:\Program Files\Logitech
    [2008-08-27|01:24] C:\Program Files\Master of Defense
    [2008-09-10|22:05] C:\Program Files\Messenger
    [2008-09-11|01:14] C:\Program Files\Messenger Plus! Live
    [2008-08-27|01:53] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2008-08-04|13:30] C:\Program Files\microsoft frontpage
    [2008-08-29|18:45] C:\Program Files\Mighty Rodent
    [2008-08-19|12:23] C:\Program Files\Motive
    [2008-09-10|22:06] C:\Program Files\Movie Maker
    [2008-08-04|13:25] C:\Program Files\MSN
    [2008-08-04|13:26] C:\Program Files\MSN Gaming Zone
    [2008-09-11|01:14] C:\Program Files\MSN Messenger
    [2008-08-27|01:51] C:\Program Files\MSXML 4.0
    [2008-08-27|01:53] C:\Program Files\MSXML 6.0
    [2008-09-10|22:06] C:\Program Files\NetMeeting
    [2008-08-04|13:28] C:\Program Files\Online Services
    [2008-08-04|15:59] C:\Program Files\OpenOffice.org 2.1
    [2008-09-04|14:46] C:\Program Files\Outlook Express
    [2008-08-27|19:54] C:\Program Files\Outspark
    [2008-09-04|11:20] C:\Program Files\Project Xenoclone
    [2008-09-10|22:14] C:\Program Files\QuickTime
    [2008-09-08|00:20] C:\Program Files\Rage Of Magic 2
    [2008-08-19|15:29] C:\Program Files\ReflexiveArcade
    [2008-08-29|18:45] C:\Program Files\RIP
    [2008-08-29|19:10] C:\Program Files\RIP 3 The Last Hero
    [2008-09-01|20:39] C:\Program Files\RIP Strike Back
    [2008-08-04|14:17] C:\Program Files\Roxio
    [2008-08-19|16:41] C:\Program Files\Sallys Spa
    [2008-09-10|22:16] C:\Program Files\Sigma_Team
    [2008-09-11|10:49] C:\Program Files\Spybot - Search & Destroy
    [2008-08-25|01:00] C:\Program Files\Star Defender 4
    [2008-09-11|20:04] C:\Program Files\Trend Micro
    [2008-08-04|13:36] C:\Program Files\Uninstall Information
    [2008-09-11|11:23] C:\Program Files\uTorrent
    [2008-09-11|01:44] C:\Program Files\Winamp
    [2008-09-11|01:44] C:\Program Files\Winamp Remote
    [2008-08-19|13:06] C:\Program Files\Windows Live
    [2008-09-10|22:16] C:\Program Files\Windows Media Connect 2
    [2008-09-10|22:16] C:\Program Files\Windows Media Player
    [2008-09-10|22:16] C:\Program Files\Windows NT
    [2008-08-04|13:28] C:\Program Files\WindowsUpdate
    [2008-08-04|13:30] C:\Program Files\xerox
    [2008-08-25|00:22] C:\Program Files\Zombie Shooter

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [2008-08-14|09:52] C:\Program Files\Common Files\Apple
    [2008-08-25|01:01] C:\Program Files\Common Files\DirectX
    [2008-09-01|13:26] C:\Program Files\Common Files\Download Manager
    [2008-08-10|19:27] C:\Program Files\Common Files\HP
    [2008-08-04|22:49] C:\Program Files\Common Files\InstallShield
    [2008-08-09|11:37] C:\Program Files\Common Files\Java
    [2008-09-10|22:00] C:\Program Files\Common Files\LogiShrd
    [2008-08-30|18:17] C:\Program Files\Common Files\Microsoft Shared
    [2008-09-10|22:00] C:\Program Files\Common Files\Motive
    [2008-08-04|13:27] C:\Program Files\Common Files\MSSoap
    [2008-08-04|10:14] C:\Program Files\Common Files\ODBC
    [2008-08-04|14:18] C:\Program Files\Common Files\Roxio Shared
    [2008-08-04|13:27] C:\Program Files\Common Files\Services
    [2008-08-04|10:14] C:\Program Files\Common Files\SpeechEngines
    [2008-09-04|14:46] C:\Program Files\Common Files\System
    [2008-08-19|13:07] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 46 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-11 20:22:52
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:42][D:23]-> C:\DOCUME~1\jowel\LOCALS~1\Temp
    [F:69][D:0]-> C:\DOCUME~1\jowel\Cookies
    [F:16790][D:20]-> C:\DOCUME~1\jowel\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 2008-09-11|20:18 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 2008-09-11|20:24 - Option : [2]

    --------------------\\ Fin du rapport a 20:24:17

    Meric vieu :)
    0
  4. jowel
     
    Malwarebytes' Anti-Malware 1.28
    Database version: 1141
    Windows 5.1.2600 Service Pack 3

    2008-09-11 20:48:10
    mbam-log-2008-09-11 (20-48-10).txt

    Scan type: Quick Scan
    Objects scanned: 58893
    Time elapsed: 17 minute(s), 15 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 1
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    Thanks buddy
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jowel
     
    Revoici mon log HiJackThis, est-ce que quel qu'un peut le reverifier? Question detre sure que je ne suis plus infecter :) merci a lavance de votre aide et de votre temps :D

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:04:26, on 2008-09-12
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Winamp Remote\bin\OrbTray.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\Program Files\QuickTime\QuickTimePlayer.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
    R3 - URLSearchHook: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
    O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Aliant\NETASS~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Net Assistant.lnk = C:\Program Files\Aliant\Net Assistant\bin\matcli.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
    0
  7. jowel
     
    Voici mon rapport hijackthis apres redemarrage, merci mon vieux ;)

    ---

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:19:12, on 2008-09-12
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Winamp Remote\bin\OrbTray.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Internet Explorer\iexplore.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
    R3 - URLSearchHook: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Aliant\NETASS~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - Global Startup: Net Assistant.lnk = C:\Program Files\Aliant\Net Assistant\bin\matcli.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
    0
  8. jowel
     
    Mauvaise version de windows. update en francais sur un windows anglais... jai du telecharger IE 7. les mise a jours son en progression, je te tien au courant dans quel que secondes
    0
  9. jowel
     
    Bon le voici... :)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:59:44, on 2008-09-12
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Winamp Remote\bin\OrbTray.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
    R3 - URLSearchHook: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: Sigma Team Toolbar - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - C:\Program Files\Sigma_Team\tbSig0.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Aliant\NETASS~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - Global Startup: Net Assistant.lnk = C:\Program Files\Aliant\Net Assistant\bin\matcli.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
    0
  10. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Salut,

    Important : Désactive TeaTimer, le résident de Spybot, il va gêner la désinfection en empêchant la modification des BHO.

    ---> Démarre Spybot, clique sur Mode, coche Mode avancé
    ---> A gauche, clique sur Outils, puis sur Résident
    ---> Décoche la case devant Résident "TeaTimer" :
    http://apu.mabul.org/up/5/apu-5-gpdx9e06cwz2dypom2q7n6nc.jpg
    ---> Quitte Spybot

    Note : Je te conseille de ne pas le réactiver, il a été incapable d'empêcher l'infection de ton PC.

    ---> Télécharge Lop S&D sur ton Bureau
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
    ---> Double-clique dessus pour lancer l'installation
    ---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    ---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
    ---> Patiente jusqu'à la fin du scan
    ---> Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

    Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
    http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
    -1
  11. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Relance Lop S&D
    ---> Choisis cette fois-ci l'option 2 (Suppression)
    ---> Ne ferme pas la fenêtre lors de la suppression !
    ---> Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    -1
  12. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Désinstalle Lop S&D

    ---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
    http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
    -1
  13. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Désinstalle Avast et garde AVG.
    -1
  14. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Mets à jour Internet Explorer :
    http://www.microsoft.com/downloads/details.aspx?FamilyId=9AE91EBE-3385-447C-8A30-081805B2F90B&displaylang=fr

    ---> Relance HijackThis et choisis Do a system scan only

    ---> Coche les cases qui sont devant les lignes suivantes :

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

    O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

    O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

    O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)

    ---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

    ---> Redémarre ton PC et poste un nouveau rapport HijackThis
    -1
  15. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Tu n'as pas mis à jour Internet Explorer.
    -1
  16. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Ok.
    -1
  17. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Plus de problème ?
    -1
  18. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Ok ;)
    -1