Sujet Précédent Sujet Suivant

Pub intemprestives et antivirus windows 2009

Fermé
philjofr Messages postés 25 Date d'inscription lundi 3 novembre 2008 Statut Membre Dernière intervention 15 décembre 2010 - 3 nov. 2008 à 12:54
 Utilisateur anonyme - 4 nov. 2008 à 20:53
Bonjour,

je viens ici car j'ai besoin d'aide:
J'ai un pb de fe^tre intempsetives qui dure depuis des mois et je n'en peux plus...j'ai essayer d'installer anvilog mais c'est impossible car il semble qu'un fichier ne peut être copier. De plus en ce moment je n'arr^te pas de recevoir la fen^tre me proposant l'antivirus windows 2009 et ça me gave (je sais que c'est un virus...)
si quelqu'un peu me venir en aide,
merci d'avance,
>Philjofr
A voir également:

54 réponses

Précédent
Réponse 41 / 54
philjofr
3 nov. 2008 à 21:48
voici le histjack de control....je lance a l'instant Tcleaner
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:43:52, on 03/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CCleaner\ccleaner.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\ntvdm.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mwww.yahoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: (no name) - {33E4BDD5-F3D0-4BE6-A4AB-DF1320CF86EC} - (no file)
O2 - BHO: (no name) - {38434192-B415-43F8-B55A-94CE516B9784} - (no file)
O2 - BHO: (no name) - {4816822F-6BB2-4314-A4DA-D5909E06D766} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7BA3FECD-693C-452A-84C5-C0F47552B6F7} - (no file)
O2 - BHO: (no name) - {8DF8454C-9CE4-402A-8A7C-24707CE61FD4} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\Windows Live Toolbar\stmain.dll
O2 - BHO: (no name) - {A0A39315-9982-44F4-91D1-86E7CEA7E512} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: (no name) - {DC71E2D8-63FB-4302-9472-046BF6BA2F65} - (no file)
O2 - BHO: (no name) - {E6DE5385-105C-4209-ADC4-BB350A388402} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {EA493A70-7653-41F0-BFF6-564780474B4D} - (no file)
O2 - BHO: (no name) - {ebca3b29-a035-4ed6-b9a1-e0cc70d6a1a4} - (no file)
O2 - BHO: (no name) - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - (no file)
O2 - BHO: (no name) - {FA4E2625-26F9-4E67-B18A-B2E86A8702E9} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [887386d2] rundll32.exe "C:\WINDOWS\system32\bebwqpoc.dll",b
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: iifGxVPH - C:\WINDOWS\
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 42 / 54
philjofr
3 nov. 2008 à 21:51
Tools clener ne reponds pas...est-ce qu'un nettoyage avec CCleaner peut faire l'affaire?
0
Réponse 43 / 54
Utilisateur anonyme
3 nov. 2008 à 21:56
Re,

Attend pas encore fini.

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
SDFix (créé par AndyManchesta)
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.

Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

• Redémarre ton ordinateur

• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).

• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.

• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".

• Choisis ton compte.

• Puis, ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.

• Appuie sur une touche pour commencer le processus de nettoyage.

• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

• Appuie sur une touche pour redémarrer le PC.

• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

TUTORIAL

• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau rapport Hijackthis !
0
Réponse 44 / 54
philjofr
3 nov. 2008 à 22:39
cijoint le rapport SDfix:

[b]SDFix: Version 1.239 [/b]
Run by Jo on 03/11/2008 at 22:07

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\WINDOWS\system32\upds.log - Deleted



Folder C:\WINDOWS\system32\svcd - Removed


Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-03 22:25:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\iVisit\\iVisit.exe"="C:\\Program Files\\iVisit\\iVisit.exe:*:Enabled: iVisit "
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Thu 8 May 2008 24 ..SH. --- "C:\WINDOWS\S0282DDBB.tmp"
Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Mon 7 Jul 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 7 Jul 2008 4,891,472 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 7 Jul 2008 2,156,368 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Fri 16 Jun 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 16 Mar 2008 203,776 A..H. --- "C:\Documents and Settings\Jo\Bureau\Documents de tous\Document Philippe\~WRL2142.tmp"
Sun 16 Mar 2008 898,560 A..H. --- "C:\Documents and Settings\Jo\Bureau\Documents de tous\Document Philippe\~WRL2790.tmp"
Sun 16 Mar 2008 105,472 A..H. --- "C:\Documents and Settings\Jo\Bureau\Documents de tous\Document Philippe\~WRL3112.tmp"

[b]Finished![/b]

et le rapport histjack qui va bien:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:36:53, on 03/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mwww.yahoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: (no name) - {33E4BDD5-F3D0-4BE6-A4AB-DF1320CF86EC} - (no file)
O2 - BHO: (no name) - {38434192-B415-43F8-B55A-94CE516B9784} - (no file)
O2 - BHO: (no name) - {4816822F-6BB2-4314-A4DA-D5909E06D766} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7BA3FECD-693C-452A-84C5-C0F47552B6F7} - (no file)
O2 - BHO: (no name) - {8DF8454C-9CE4-402A-8A7C-24707CE61FD4} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\Windows Live Toolbar\stmain.dll
O2 - BHO: (no name) - {A0A39315-9982-44F4-91D1-86E7CEA7E512} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: (no name) - {DC71E2D8-63FB-4302-9472-046BF6BA2F65} - (no file)
O2 - BHO: (no name) - {E6DE5385-105C-4209-ADC4-BB350A388402} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {EA493A70-7653-41F0-BFF6-564780474B4D} - (no file)
O2 - BHO: (no name) - {ebca3b29-a035-4ed6-b9a1-e0cc70d6a1a4} - (no file)
O2 - BHO: (no name) - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - (no file)
O2 - BHO: (no name) - {FA4E2625-26F9-4E67-B18A-B2E86A8702E9} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [887386d2] rundll32.exe "C:\WINDOWS\system32\bebwqpoc.dll",b
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: iifGxVPH - C:\WINDOWS\
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 54
Utilisateur anonyme
3 nov. 2008 à 22:48
Re,

Télécharge Lop S&D ici :

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Double-clique dessus pour lancer l'installation

Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau

Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )

Patiente jusqu'à la fin du scan

Poste le rapport généré ( C:lopR.txt )
0
Réponse 46 / 54
philjofr
3 nov. 2008 à 22:55
et voici le rapport lop....je vais pas tarder a aller au lit...crois-tu qu'il y en a encore pour longtemps?

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.93GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Jo ( Administrator )
BOOT : Normal boot
Antivirus : ZoneAlarm Security Suite Antivirus 7.0.462.000 (Activated)
Firewall : ZoneAlarm Security Suite Firewall 7.0.462.000 (Activated)
C:\ (Local Disk) - NTFS - Total:161 Go (Free:83 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 03/11/2008|22:50 )

--------------------\\ Listing des dossiers dans APPLIC~1

[02/09/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/07/2005|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[02/11/2006|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[18/12/2007|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[11/07/2005|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[08/05/2007|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/05/2007|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[21/04/2007|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[28/08/2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[11/07/2008|08:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[07/08/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/10/2006|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[03/11/2006|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[28/08/2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[29/01/2007|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[11/07/2005|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[22/10/2005|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[06/08/2008|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\services
[27/07/2008|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[15/12/2007|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[26/10/2008|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[03/09/2007|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[01/01/2006|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[14/05/2006|10:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/04/2008|04:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/05/2007|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[22/10/2005|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[26/02/2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[11/07/2005|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[12/07/2005|09:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[11/07/2005|14:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[11/07/2005|16:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[17/01/2008|17:26] C:\DOCUME~1\Jo\APPLIC~1\Adobe
[23/10/2005|19:04] C:\DOCUME~1\Jo\APPLIC~1\AdobeUM
[03/05/2006|09:39] C:\DOCUME~1\Jo\APPLIC~1\Ahead
[01/01/2006|18:23] C:\DOCUME~1\Jo\APPLIC~1\Aim
[23/10/2005|13:22] C:\DOCUME~1\Jo\APPLIC~1\ArcSoft
[23/10/2005|15:45] C:\DOCUME~1\Jo\APPLIC~1\AVG7
[18/12/2007|21:03] C:\DOCUME~1\Jo\APPLIC~1\AVS4YOU
[12/07/2005|09:16] C:\DOCUME~1\Jo\APPLIC~1\CyberLink
[03/05/2006|15:17] C:\DOCUME~1\Jo\APPLIC~1\DeepBurner
[04/04/2007|20:45] C:\DOCUME~1\Jo\APPLIC~1\DivX
[01/01/2007|23:10] C:\DOCUME~1\Jo\APPLIC~1\EoRezo
[04/01/2008|09:59] C:\DOCUME~1\Jo\APPLIC~1\EPSON
[04/04/2006|17:55] C:\DOCUME~1\Jo\APPLIC~1\funkitron
[21/04/2007|21:25] C:\DOCUME~1\Jo\APPLIC~1\Google
[11/11/2005|10:28] C:\DOCUME~1\Jo\APPLIC~1\Help
[11/07/2005|14:25] C:\DOCUME~1\Jo\APPLIC~1\Identities
[22/10/2005|13:44] C:\DOCUME~1\Jo\APPLIC~1\InterTrust
[03/11/2006|14:12] C:\DOCUME~1\Jo\APPLIC~1\Lavasoft
[19/02/2007|10:45] C:\DOCUME~1\Jo\APPLIC~1\Leadertech
[22/10/2005|14:25] C:\DOCUME~1\Jo\APPLIC~1\Macromedia
[11/07/2008|08:47] C:\DOCUME~1\Jo\APPLIC~1\MailFrontier
[07/08/2008|09:42] C:\DOCUME~1\Jo\APPLIC~1\Malwarebytes
[08/07/2007|13:26] C:\DOCUME~1\Jo\APPLIC~1\Microsoft
[22/10/2005|13:47] C:\DOCUME~1\Jo\APPLIC~1\Microsoft Web Folders
[12/09/2008|20:00] C:\DOCUME~1\Jo\APPLIC~1\Mozilla
[02/04/2007|17:40] C:\DOCUME~1\Jo\APPLIC~1\Musicmatch
[28/08/2008|10:46] C:\DOCUME~1\Jo\APPLIC~1\Nokia
[28/08/2008|10:46] C:\DOCUME~1\Jo\APPLIC~1\PC Suite
[23/11/2006|21:45] C:\DOCUME~1\Jo\APPLIC~1\Shareaza
[15/12/2007|16:57] C:\DOCUME~1\Jo\APPLIC~1\Sony Corporation
[24/10/2005|19:15] C:\DOCUME~1\Jo\APPLIC~1\Sun
[28/04/2007|09:52] C:\DOCUME~1\Jo\APPLIC~1\TaoUSign
[18/06/2008|14:23] C:\DOCUME~1\Jo\APPLIC~1\Viewpoint
[03/05/2006|07:53] C:\DOCUME~1\Jo\APPLIC~1\vlc
[03/05/2006|20:20] C:\DOCUME~1\Jo\APPLIC~1\Vso
[10/06/2007|18:40] C:\DOCUME~1\Jo\APPLIC~1\Yahoo!

[22/10/2005|15:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[02/11/2006|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[02/11/2006|21:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[03/11/2008 22:34][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
[03/11/2008 22:32][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[06/04/2008|14:20] C:\Program Files\ABBYY FineReader 6.0 Sprint
[02/09/2007|10:27] C:\Program Files\Adobe
[03/05/2006|19:27] C:\Program Files\Ahead
[27/07/2008|12:12] C:\Program Files\AIM
[22/10/2005|13:43] C:\Program Files\ArcSoft
[03/05/2006|15:16] C:\Program Files\Astonsoft
[18/12/2007|21:42] C:\Program Files\AVI MPEG RM WMV Joiner
[03/05/2006|20:26] C:\Program Files\Avi2Dvd
[04/04/2007|20:40] C:\Program Files\AviSynth 2.5
[18/12/2007|21:42] C:\Program Files\AVS4YOU
[06/08/2008|18:46] C:\Program Files\AxBx
[24/02/2006|11:20] C:\Program Files\Camfrog
[17/07/2006|16:54] C:\Program Files\CCleaner
[28/07/2008|21:42] C:\Program Files\CDBurnerXP Pro 3
[03/11/2006|01:14] C:\Program Files\Common Files
[03/11/2006|13:45] C:\Program Files\ComPlus Applications
[11/07/2005|16:32] C:\Program Files\CyberLink
[28/08/2008|10:42] C:\Program Files\DIFX
[03/05/2006|23:01] C:\Program Files\DIKO
[04/04/2007|21:08] C:\Program Files\DivX
[30/03/2008|17:51] C:\Program Files\e-Carte Bleue La Banque Postale
[08/05/2007|12:57] C:\Program Files\Elaborate Bytes
[23/05/2007|08:42] C:\Program Files\eMule
[01/01/2007|23:10] C:\Program Files\eoRezo
[03/09/2007|11:32] C:\Program Files\EPSON
[11/07/2005|16:12] C:\Program Files\FenAffiche
[03/11/2008|20:10] C:\Program Files\Fichiers communs
[03/05/2006|10:54] C:\Program Files\Gabest
[22/04/2007|08:32] C:\Program Files\Google
[11/07/2005|14:32] C:\Program Files\HighMAT CD Writing Wizard
[17/02/2007|10:44] C:\Program Files\IncrediMail
[30/07/2008|21:58] C:\Program Files\InstallShield Installation Information
[23/06/2008|21:48] C:\Program Files\Internet Explorer
[26/10/2008|14:10] C:\Program Files\iVisit
[24/10/2005|19:14] C:\Program Files\Java
[08/05/2008|16:36] C:\Program Files\Kodak
[03/11/2006|14:11] C:\Program Files\Lavasoft
[17/01/2006|18:25] C:\Program Files\Logitech
[07/08/2008|09:42] C:\Program Files\Malwarebytes' Anti-Malware
[03/11/2008|21:39] C:\Program Files\Messenger
[02/08/2007|21:56] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22/10/2005|13:51] C:\Program Files\microsoft frontpage
[22/10/2005|18:37] C:\Program Files\Microsoft Office
[18/04/2008|03:55] C:\Program Files\Microsoft SQL Server Compact Edition
[09/03/2008|17:23] C:\Program Files\Mindscape
[08/02/2007|14:02] C:\Program Files\Montparnasse Multimedia - France T‚l‚com
[11/07/2005|14:23] C:\Program Files\Movie Maker
[14/09/2008|20:56] C:\Program Files\Mozilla Firefox
[09/12/2006|12:59] C:\Program Files\MP3 Player Utilities 3.75
[22/09/2007|11:32] C:\Program Files\MSN
[11/07/2005|14:22] C:\Program Files\MSN Gaming Zone
[19/11/2006|23:04] C:\Program Files\MSXML 4.0
[02/04/2007|17:41] C:\Program Files\Musicmatch
[04/07/2007|09:39] C:\Program Files\Nathan
[03/11/2008|21:31] C:\Program Files\Navilog1
[08/08/2006|17:33] C:\Program Files\NC NUMERICABLE
[19/09/2008|19:13] C:\Program Files\N‚mopolis
[11/07/2005|14:23] C:\Program Files\NetMeeting
[03/11/2006|13:41] C:\Program Files\Network Associates
[30/12/2005|21:14] C:\Program Files\New Star Soccer 3
[28/08/2008|12:14] C:\Program Files\Nokia
[09/04/2006|10:57] C:\Program Files\Oberon Media
[03/11/2006|13:45] C:\Program Files\Online Services
[02/08/2007|21:55] C:\Program Files\Outlook Express
[03/04/2006|20:47] C:\Program Files\PacificPoker
[23/06/2008|17:50] C:\Program Files\PartyGaming
[28/08/2008|10:42] C:\Program Files\PC Connectivity Solution
[15/11/2007|22:01] C:\Program Files\PDFCreator
[15/11/2007|22:00] C:\Program Files\PDFCreator Toolbar
[11/07/2005|14:32] C:\Program Files\Phoenix Technologies Ltd
[03/11/2008|12:13] C:\Program Files\PokerStars
[03/11/2008|12:13] C:\Program Files\PokerStars.NET
[29/01/2007|17:42] C:\Program Files\QuickTime
[22/10/2005|18:42] C:\Program Files\Real
[08/05/2007|10:45] C:\Program Files\Real Clone DVD
[11/07/2005|15:57] C:\Program Files\Realtek AC97
[04/04/2007|21:09] C:\Program Files\Ripp-it_AM
[13/04/2008|10:15] C:\Program Files\Services en ligne
[23/11/2006|21:45] C:\Program Files\Shareaza
[27/07/2008|12:04] C:\Program Files\Skype
[27/07/2008|12:00] C:\Program Files\SlySoft
[22/10/2005|13:52] C:\Program Files\Snapshot Viewer
[15/12/2007|16:45] C:\Program Files\Sony
[03/08/2006|18:58] C:\Program Files\Sony Corporation
[07/08/2008|08:55] C:\Program Files\Spybot - Search & Destroy
[27/07/2008|12:08] C:\Program Files\The Game Factory
[02/04/2007|17:44] C:\Program Files\Thomson
[18/10/2007|20:41] C:\Program Files\TooX
[03/11/2008|21:33] C:\Program Files\Trend Micro
[11/07/2005|14:28] C:\Program Files\Uninstall Information
[03/05/2006|07:44] C:\Program Files\VideoLAN
[01/01/2006|18:22] C:\Program Files\Viewpoint
[22/09/2007|16:47] C:\Program Files\Virtools Web Player 3.5
[03/05/2006|20:21] C:\Program Files\VSO
[16/03/2008|11:39] C:\Program Files\Vsoft
[11/07/2005|14:28] C:\Program Files\Windows Journal Viewer
[23/06/2008|21:51] C:\Program Files\Windows Live
[18/04/2008|03:55] C:\Program Files\Windows Live Favorites
[09/05/2007|20:42] C:\Program Files\Windows Live Safety Center
[18/04/2008|04:09] C:\Program Files\Windows Live Toolbar
[22/10/2005|19:06] C:\Program Files\Windows Media Components
[11/07/2005|14:32] C:\Program Files\Windows Media Connect
[17/02/2006|23:20] C:\Program Files\Windows Media Player
[03/11/2006|13:54] C:\Program Files\Windows NT
[11/07/2005|14:23] C:\Program Files\WindowsUpdate
[11/07/2005|14:25] C:\Program Files\xerox
[20/07/2006|13:06] C:\Program Files\Yahoo!
[03/11/2006|15:25] C:\Program Files\Zone Labs
[26/02/2008|18:37] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[02/09/2007|10:29] C:\Program Files\Fichiers communs\Adobe
[11/07/2005|16:29] C:\Program Files\Fichiers communs\Ahead
[22/10/2005|18:33] C:\Program Files\Fichiers communs\AOL
[18/12/2007|21:42] C:\Program Files\Fichiers communs\AVSMedia
[11/07/2005|16:15] C:\Program Files\Fichiers communs\DESIGNER
[22/10/2005|13:39] C:\Program Files\Fichiers communs\EPSON
[03/09/2007|11:38] C:\Program Files\Fichiers communs\InstallShield
[24/10/2005|19:11] C:\Program Files\Fichiers communs\Java
[08/05/2008|16:36] C:\Program Files\Fichiers communs\Kodak
[03/08/2006|16:05] C:\Program Files\Fichiers communs\Logitech
[18/04/2008|03:49] C:\Program Files\Fichiers communs\Microsoft Shared
[11/07/2005|14:23] C:\Program Files\Fichiers communs\MSSoap
[03/11/2006|13:41] C:\Program Files\Fichiers communs\Network Associates
[11/07/2005|16:17] C:\Program Files\Fichiers communs\ODBC
[22/10/2005|13:42] C:\Program Files\Fichiers communs\Python
[22/10/2005|18:42] C:\Program Files\Fichiers communs\Real
[11/07/2005|14:23] C:\Program Files\Fichiers communs\Services
[03/08/2006|18:59] C:\Program Files\Fichiers communs\Sony Shared
[11/07/2005|16:17] C:\Program Files\Fichiers communs\SpeechEngines
[02/11/2008|23:00] C:\Program Files\Fichiers communs\Symantec Shared
[02/08/2007|21:55] C:\Program Files\Fichiers communs\System
[18/04/2008|03:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 51 Processes )

iexplore.exe ~ [PID:684]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-03 22:53:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 10

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Jo\Mes documents\Downloads\(DONE) dj kamel8 1 _crack_ [Tool].wma
C:\DOCUME~1\Jo\Mes documents\Downloads\(ECHOS) decidant (Crack) Special.Edition.wma
C:\DOCUME~1\Jo\Mes documents\Downloads\(ECHOS) funck disco (Crack) (Radio.Edit).wma
C:\DOCUME~1\Jo\Mes documents\Downloads\Metadata\(DONE) dj kamel8 1 _crack_ [Tool].wma.xml
C:\DOCUME~1\Jo\Mes documents\Downloads\Metadata\(ECHOS) decidant (Crack) Special.Edition.wma.xml
C:\DOCUME~1\Jo\Mes documents\Downloads\Metadata\(ECHOS) funck disco (Crack) (Radio.Edit).wma.xml


[F:58][D:0]-> C:\DOCUME~1\Jo\Cookies
[F:511][D:4]-> C:\DOCUME~1\Jo\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 03/11/2008|22:54 - Option : [1]

--------------------\\ Fin du rapport a 22:54:34
0
Réponse 47 / 54
philjofr
3 nov. 2008 à 22:55
et voici le rapport lop....je vais pas tarder a aller au lit...crois-tu qu'il y en a encore pour longtemps?

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.93GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Jo ( Administrator )
BOOT : Normal boot
Antivirus : ZoneAlarm Security Suite Antivirus 7.0.462.000 (Activated)
Firewall : ZoneAlarm Security Suite Firewall 7.0.462.000 (Activated)
C:\ (Local Disk) - NTFS - Total:161 Go (Free:83 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 03/11/2008|22:50 )

--------------------\\ Listing des dossiers dans APPLIC~1

[02/09/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/07/2005|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[02/11/2006|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[18/12/2007|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[11/07/2005|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[08/05/2007|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/05/2007|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[21/04/2007|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[28/08/2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[11/07/2008|08:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[07/08/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/10/2006|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[03/11/2006|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[28/08/2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[29/01/2007|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[11/07/2005|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[22/10/2005|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[06/08/2008|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\services
[27/07/2008|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[15/12/2007|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[26/10/2008|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[03/09/2007|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[01/01/2006|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[14/05/2006|10:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/04/2008|04:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/05/2007|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[22/10/2005|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[26/02/2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[11/07/2005|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[12/07/2005|09:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[11/07/2005|14:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[11/07/2005|16:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[17/01/2008|17:26] C:\DOCUME~1\Jo\APPLIC~1\Adobe
[23/10/2005|19:04] C:\DOCUME~1\Jo\APPLIC~1\AdobeUM
[03/05/2006|09:39] C:\DOCUME~1\Jo\APPLIC~1\Ahead
[01/01/2006|18:23] C:\DOCUME~1\Jo\APPLIC~1\Aim
[23/10/2005|13:22] C:\DOCUME~1\Jo\APPLIC~1\ArcSoft
[23/10/2005|15:45] C:\DOCUME~1\Jo\APPLIC~1\AVG7
[18/12/2007|21:03] C:\DOCUME~1\Jo\APPLIC~1\AVS4YOU
[12/07/2005|09:16] C:\DOCUME~1\Jo\APPLIC~1\CyberLink
[03/05/2006|15:17] C:\DOCUME~1\Jo\APPLIC~1\DeepBurner
[04/04/2007|20:45] C:\DOCUME~1\Jo\APPLIC~1\DivX
[01/01/2007|23:10] C:\DOCUME~1\Jo\APPLIC~1\EoRezo
[04/01/2008|09:59] C:\DOCUME~1\Jo\APPLIC~1\EPSON
[04/04/2006|17:55] C:\DOCUME~1\Jo\APPLIC~1\funkitron
[21/04/2007|21:25] C:\DOCUME~1\Jo\APPLIC~1\Google
[11/11/2005|10:28] C:\DOCUME~1\Jo\APPLIC~1\Help
[11/07/2005|14:25] C:\DOCUME~1\Jo\APPLIC~1\Identities
[22/10/2005|13:44] C:\DOCUME~1\Jo\APPLIC~1\InterTrust
[03/11/2006|14:12] C:\DOCUME~1\Jo\APPLIC~1\Lavasoft
[19/02/2007|10:45] C:\DOCUME~1\Jo\APPLIC~1\Leadertech
[22/10/2005|14:25] C:\DOCUME~1\Jo\APPLIC~1\Macromedia
[11/07/2008|08:47] C:\DOCUME~1\Jo\APPLIC~1\MailFrontier
[07/08/2008|09:42] C:\DOCUME~1\Jo\APPLIC~1\Malwarebytes
[08/07/2007|13:26] C:\DOCUME~1\Jo\APPLIC~1\Microsoft
[22/10/2005|13:47] C:\DOCUME~1\Jo\APPLIC~1\Microsoft Web Folders
[12/09/2008|20:00] C:\DOCUME~1\Jo\APPLIC~1\Mozilla
[02/04/2007|17:40] C:\DOCUME~1\Jo\APPLIC~1\Musicmatch
[28/08/2008|10:46] C:\DOCUME~1\Jo\APPLIC~1\Nokia
[28/08/2008|10:46] C:\DOCUME~1\Jo\APPLIC~1\PC Suite
[23/11/2006|21:45] C:\DOCUME~1\Jo\APPLIC~1\Shareaza
[15/12/2007|16:57] C:\DOCUME~1\Jo\APPLIC~1\Sony Corporation
[24/10/2005|19:15] C:\DOCUME~1\Jo\APPLIC~1\Sun
[28/04/2007|09:52] C:\DOCUME~1\Jo\APPLIC~1\TaoUSign
[18/06/2008|14:23] C:\DOCUME~1\Jo\APPLIC~1\Viewpoint
[03/05/2006|07:53] C:\DOCUME~1\Jo\APPLIC~1\vlc
[03/05/2006|20:20] C:\DOCUME~1\Jo\APPLIC~1\Vso
[10/06/2007|18:40] C:\DOCUME~1\Jo\APPLIC~1\Yahoo!

[22/10/2005|15:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[02/11/2006|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[02/11/2006|21:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[03/11/2008 22:34][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
[03/11/2008 22:32][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[06/04/2008|14:20] C:\Program Files\ABBYY FineReader 6.0 Sprint
[02/09/2007|10:27] C:\Program Files\Adobe
[03/05/2006|19:27] C:\Program Files\Ahead
[27/07/2008|12:12] C:\Program Files\AIM
[22/10/2005|13:43] C:\Program Files\ArcSoft
[03/05/2006|15:16] C:\Program Files\Astonsoft
[18/12/2007|21:42] C:\Program Files\AVI MPEG RM WMV Joiner
[03/05/2006|20:26] C:\Program Files\Avi2Dvd
[04/04/2007|20:40] C:\Program Files\AviSynth 2.5
[18/12/2007|21:42] C:\Program Files\AVS4YOU
[06/08/2008|18:46] C:\Program Files\AxBx
[24/02/2006|11:20] C:\Program Files\Camfrog
[17/07/2006|16:54] C:\Program Files\CCleaner
[28/07/2008|21:42] C:\Program Files\CDBurnerXP Pro 3
[03/11/2006|01:14] C:\Program Files\Common Files
[03/11/2006|13:45] C:\Program Files\ComPlus Applications
[11/07/2005|16:32] C:\Program Files\CyberLink
[28/08/2008|10:42] C:\Program Files\DIFX
[03/05/2006|23:01] C:\Program Files\DIKO
[04/04/2007|21:08] C:\Program Files\DivX
[30/03/2008|17:51] C:\Program Files\e-Carte Bleue La Banque Postale
[08/05/2007|12:57] C:\Program Files\Elaborate Bytes
[23/05/2007|08:42] C:\Program Files\eMule
[01/01/2007|23:10] C:\Program Files\eoRezo
[03/09/2007|11:32] C:\Program Files\EPSON
[11/07/2005|16:12] C:\Program Files\FenAffiche
[03/11/2008|20:10] C:\Program Files\Fichiers communs
[03/05/2006|10:54] C:\Program Files\Gabest
[22/04/2007|08:32] C:\Program Files\Google
[11/07/2005|14:32] C:\Program Files\HighMAT CD Writing Wizard
[17/02/2007|10:44] C:\Program Files\IncrediMail
[30/07/2008|21:58] C:\Program Files\InstallShield Installation Information
[23/06/2008|21:48] C:\Program Files\Internet Explorer
[26/10/2008|14:10] C:\Program Files\iVisit
[24/10/2005|19:14] C:\Program Files\Java
[08/05/2008|16:36] C:\Program Files\Kodak
[03/11/2006|14:11] C:\Program Files\Lavasoft
[17/01/2006|18:25] C:\Program Files\Logitech
[07/08/2008|09:42] C:\Program Files\Malwarebytes' Anti-Malware
[03/11/2008|21:39] C:\Program Files\Messenger
[02/08/2007|21:56] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22/10/2005|13:51] C:\Program Files\microsoft frontpage
[22/10/2005|18:37] C:\Program Files\Microsoft Office
[18/04/2008|03:55] C:\Program Files\Microsoft SQL Server Compact Edition
[09/03/2008|17:23] C:\Program Files\Mindscape
[08/02/2007|14:02] C:\Program Files\Montparnasse Multimedia - France T‚l‚com
[11/07/2005|14:23] C:\Program Files\Movie Maker
[14/09/2008|20:56] C:\Program Files\Mozilla Firefox
[09/12/2006|12:59] C:\Program Files\MP3 Player Utilities 3.75
[22/09/2007|11:32] C:\Program Files\MSN
[11/07/2005|14:22] C:\Program Files\MSN Gaming Zone
[19/11/2006|23:04] C:\Program Files\MSXML 4.0
[02/04/2007|17:41] C:\Program Files\Musicmatch
[04/07/2007|09:39] C:\Program Files\Nathan
[03/11/2008|21:31] C:\Program Files\Navilog1
[08/08/2006|17:33] C:\Program Files\NC NUMERICABLE
[19/09/2008|19:13] C:\Program Files\N‚mopolis
[11/07/2005|14:23] C:\Program Files\NetMeeting
[03/11/2006|13:41] C:\Program Files\Network Associates
[30/12/2005|21:14] C:\Program Files\New Star Soccer 3
[28/08/2008|12:14] C:\Program Files\Nokia
[09/04/2006|10:57] C:\Program Files\Oberon Media
[03/11/2006|13:45] C:\Program Files\Online Services
[02/08/2007|21:55] C:\Program Files\Outlook Express
[03/04/2006|20:47] C:\Program Files\PacificPoker
[23/06/2008|17:50] C:\Program Files\PartyGaming
[28/08/2008|10:42] C:\Program Files\PC Connectivity Solution
[15/11/2007|22:01] C:\Program Files\PDFCreator
[15/11/2007|22:00] C:\Program Files\PDFCreator Toolbar
[11/07/2005|14:32] C:\Program Files\Phoenix Technologies Ltd
[03/11/2008|12:13] C:\Program Files\PokerStars
[03/11/2008|12:13] C:\Program Files\PokerStars.NET
[29/01/2007|17:42] C:\Program Files\QuickTime
[22/10/2005|18:42] C:\Program Files\Real
[08/05/2007|10:45] C:\Program Files\Real Clone DVD
[11/07/2005|15:57] C:\Program Files\Realtek AC97
[04/04/2007|21:09] C:\Program Files\Ripp-it_AM
[13/04/2008|10:15] C:\Program Files\Services en ligne
[23/11/2006|21:45] C:\Program Files\Shareaza
[27/07/2008|12:04] C:\Program Files\Skype
[27/07/2008|12:00] C:\Program Files\SlySoft
[22/10/2005|13:52] C:\Program Files\Snapshot Viewer
[15/12/2007|16:45] C:\Program Files\Sony
[03/08/2006|18:58] C:\Program Files\Sony Corporation
[07/08/2008|08:55] C:\Program Files\Spybot - Search & Destroy
[27/07/2008|12:08] C:\Program Files\The Game Factory
[02/04/2007|17:44] C:\Program Files\Thomson
[18/10/2007|20:41] C:\Program Files\TooX
[03/11/2008|21:33] C:\Program Files\Trend Micro
[11/07/2005|14:28] C:\Program Files\Uninstall Information
[03/05/2006|07:44] C:\Program Files\VideoLAN
[01/01/2006|18:22] C:\Program Files\Viewpoint
[22/09/2007|16:47] C:\Program Files\Virtools Web Player 3.5
[03/05/2006|20:21] C:\Program Files\VSO
[16/03/2008|11:39] C:\Program Files\Vsoft
[11/07/2005|14:28] C:\Program Files\Windows Journal Viewer
[23/06/2008|21:51] C:\Program Files\Windows Live
[18/04/2008|03:55] C:\Program Files\Windows Live Favorites
[09/05/2007|20:42] C:\Program Files\Windows Live Safety Center
[18/04/2008|04:09] C:\Program Files\Windows Live Toolbar
[22/10/2005|19:06] C:\Program Files\Windows Media Components
[11/07/2005|14:32] C:\Program Files\Windows Media Connect
[17/02/2006|23:20] C:\Program Files\Windows Media Player
[03/11/2006|13:54] C:\Program Files\Windows NT
[11/07/2005|14:23] C:\Program Files\WindowsUpdate
[11/07/2005|14:25] C:\Program Files\xerox
[20/07/2006|13:06] C:\Program Files\Yahoo!
[03/11/2006|15:25] C:\Program Files\Zone Labs
[26/02/2008|18:37] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[02/09/2007|10:29] C:\Program Files\Fichiers communs\Adobe
[11/07/2005|16:29] C:\Program Files\Fichiers communs\Ahead
[22/10/2005|18:33] C:\Program Files\Fichiers communs\AOL
[18/12/2007|21:42] C:\Program Files\Fichiers communs\AVSMedia
[11/07/2005|16:15] C:\Program Files\Fichiers communs\DESIGNER
[22/10/2005|13:39] C:\Program Files\Fichiers communs\EPSON
[03/09/2007|11:38] C:\Program Files\Fichiers communs\InstallShield
[24/10/2005|19:11] C:\Program Files\Fichiers communs\Java
[08/05/2008|16:36] C:\Program Files\Fichiers communs\Kodak
[03/08/2006|16:05] C:\Program Files\Fichiers communs\Logitech
[18/04/2008|03:49] C:\Program Files\Fichiers communs\Microsoft Shared
[11/07/2005|14:23] C:\Program Files\Fichiers communs\MSSoap
[03/11/2006|13:41] C:\Program Files\Fichiers communs\Network Associates
[11/07/2005|16:17] C:\Program Files\Fichiers communs\ODBC
[22/10/2005|13:42] C:\Program Files\Fichiers communs\Python
[22/10/2005|18:42] C:\Program Files\Fichiers communs\Real
[11/07/2005|14:23] C:\Program Files\Fichiers communs\Services
[03/08/2006|18:59] C:\Program Files\Fichiers communs\Sony Shared
[11/07/2005|16:17] C:\Program Files\Fichiers communs\SpeechEngines
[02/11/2008|23:00] C:\Program Files\Fichiers communs\Symantec Shared
[02/08/2007|21:55] C:\Program Files\Fichiers communs\System
[18/04/2008|03:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 51 Processes )

iexplore.exe ~ [PID:684]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-03 22:53:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 10

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Jo\Mes documents\Downloads\(DONE) dj kamel8 1 _crack_ [Tool].wma
C:\DOCUME~1\Jo\Mes documents\Downloads\(ECHOS) decidant (Crack) Special.Edition.wma
C:\DOCUME~1\Jo\Mes documents\Downloads\(ECHOS) funck disco (Crack) (Radio.Edit).wma
C:\DOCUME~1\Jo\Mes documents\Downloads\Metadata\(DONE) dj kamel8 1 _crack_ [Tool].wma.xml
C:\DOCUME~1\Jo\Mes documents\Downloads\Metadata\(ECHOS) decidant (Crack) Special.Edition.wma.xml
C:\DOCUME~1\Jo\Mes documents\Downloads\Metadata\(ECHOS) funck disco (Crack) (Radio.Edit).wma.xml


[F:58][D:0]-> C:\DOCUME~1\Jo\Cookies
[F:511][D:4]-> C:\DOCUME~1\Jo\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 03/11/2008|22:54 - Option : [1]

--------------------\\ Fin du rapport a 22:54:34
0
Réponse 48 / 54
Utilisateur anonyme
3 nov. 2008 à 23:02
Re,

Fais ceci maintenant :


Nettoyage avec ToolBar S&D :

!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

Relances Toolbar-S&D en double-cliquant sur le raccourci.
-->Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".

Note : ne touches à rien lors de la suppression !

Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse


----------------------------------------------------------------------------------------------------------------------------------------------------------
---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.ccleaner.com/ccleaner/download

---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.
accompagné d'un nouveau rapport hijackthis pour analyse ...
0
Réponse 49 / 54
philjofr
3 nov. 2008 à 23:09
voilà le histjack apres le ccleaner:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:08:53, on 03/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mwww.yahoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: (no name) - {33E4BDD5-F3D0-4BE6-A4AB-DF1320CF86EC} - (no file)
O2 - BHO: (no name) - {38434192-B415-43F8-B55A-94CE516B9784} - (no file)
O2 - BHO: (no name) - {4816822F-6BB2-4314-A4DA-D5909E06D766} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7BA3FECD-693C-452A-84C5-C0F47552B6F7} - (no file)
O2 - BHO: (no name) - {8DF8454C-9CE4-402A-8A7C-24707CE61FD4} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\Windows Live Toolbar\stmain.dll
O2 - BHO: (no name) - {A0A39315-9982-44F4-91D1-86E7CEA7E512} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: (no name) - {DC71E2D8-63FB-4302-9472-046BF6BA2F65} - (no file)
O2 - BHO: (no name) - {E6DE5385-105C-4209-ADC4-BB350A388402} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {EA493A70-7653-41F0-BFF6-564780474B4D} - (no file)
O2 - BHO: (no name) - {ebca3b29-a035-4ed6-b9a1-e0cc70d6a1a4} - (no file)
O2 - BHO: (no name) - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - (no file)
O2 - BHO: (no name) - {FA4E2625-26F9-4E67-B18A-B2E86A8702E9} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: iifGxVPH - C:\WINDOWS\
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 50 / 54
philjofr
3 nov. 2008 à 23:09
voilà le histjack apres le ccleaner:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:08:53, on 03/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mwww.yahoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: (no name) - {33E4BDD5-F3D0-4BE6-A4AB-DF1320CF86EC} - (no file)
O2 - BHO: (no name) - {38434192-B415-43F8-B55A-94CE516B9784} - (no file)
O2 - BHO: (no name) - {4816822F-6BB2-4314-A4DA-D5909E06D766} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7BA3FECD-693C-452A-84C5-C0F47552B6F7} - (no file)
O2 - BHO: (no name) - {8DF8454C-9CE4-402A-8A7C-24707CE61FD4} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\Windows Live Toolbar\stmain.dll
O2 - BHO: (no name) - {A0A39315-9982-44F4-91D1-86E7CEA7E512} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: (no name) - {DC71E2D8-63FB-4302-9472-046BF6BA2F65} - (no file)
O2 - BHO: (no name) - {E6DE5385-105C-4209-ADC4-BB350A388402} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {EA493A70-7653-41F0-BFF6-564780474B4D} - (no file)
O2 - BHO: (no name) - {ebca3b29-a035-4ed6-b9a1-e0cc70d6a1a4} - (no file)
O2 - BHO: (no name) - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - (no file)
O2 - BHO: (no name) - {FA4E2625-26F9-4E67-B18A-B2E86A8702E9} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: iifGxVPH - C:\WINDOWS\
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 51 / 54
philjofr
3 nov. 2008 à 23:12
bon je vais aller au lit...mon ordi est maintenat tout propre...je te dois une fière chandelle!!!merci bcp Gloldorak et y'a pas de doute tu portes bien ton pseudo...rien ne te resiste...
tu nr m'as pas repondu pour l'antivius efficace..que vaut celui qui est a télécharger sur cette page: AvastPro4.8?
0
Réponse 52 / 54
Utilisateur anonyme
3 nov. 2008 à 23:20
Re,

Te conseil celui la antivir

Relance hijack et clique sur "Do a system scan only"
Ensuite recherche ces lignes et coches les cases

O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: (no name) - {33E4BDD5-F3D0-4BE6-A4AB-DF1320CF86EC} - (no file)
O2 - BHO: (no name) - {38434192-B415-43F8-B55A-94CE516B9784} - (no file)
O2 - BHO: (no name) - {4816822F-6BB2-4314-A4DA-D5909E06D766} - (no file)
O2 - BHO: (no name) - {7BA3FECD-693C-452A-84C5-C0F47552B6F7} - (no file)
O2 - BHO: (no name) - {8DF8454C-9CE4-402A-8A7C-24707CE61FD4} - (no file)
O2 - BHO: (no name) - {A0A39315-9982-44F4-91D1-86E7CEA7E512} - (no file)
O2 - BHO: (no name) - {DC71E2D8-63FB-4302-9472-046BF6BA2F65} - (no file)
O2 - BHO: (no name) - {E6DE5385-105C-4209-ADC4-BB350A388402} - (no file)
O2 - BHO: (no name) - {EA493A70-7653-41F0-BFF6-564780474B4D} - (no file)
O2 - BHO: (no name) - {ebca3b29-a035-4ed6-b9a1-e0cc70d6a1a4} - (no file)
O2 - BHO: (no name) - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - (no file)
O2 - BHO: (no name) - {FA4E2625-26F9-4E67-B18A-B2E86A8702E9} - (no file)


Ensuite clique sur "Fix checked"

=>>Ensuite refait un rapport hijackthis.

Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques

Télécharge toolscleaner sur ton Bureau :

toolscleaner

* Double-clique sur ToolsCleaner2.exe et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse


[color=red][b]Désactive et réactive la Restauration du système :/b/color

1 Dans la barre des tâches de Windows, clique sur Démarrer.

2 Clique avec le bouton droit de la souris sur Poste de travail puis clique sur Propriétés.

3 Dans l'onglet Restauration du système, coche "Désactiver la Restauration du système"

4 Clique sur Appliquer.

5 Ensuite décoche "Désactiver la restauration du systeme"

6 clique sur appliquer puis ok

7 vas créer un point de restauration dans accessoires----outils systeme----restauration du systeme.


Merci.
0
Réponse 53 / 54
philjofr
4 nov. 2008 à 18:47
bonjour goldorak,

mon ordi tourne comme un avion!!! J'ai fait un point de restauration comme tu me l'a préconisé et voici le rapport Tcleaner:

[ Rapport ToolsCleaner version 2.2.5 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\fixnavi.txt: trouvé !
C:\lopR.txt: trouvé !
C:\avenger.txt: trouvé !
C:\SDFIX: trouvé !
C:\Lop SD: trouvé !
C:\Vundofix backups: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\Jo\Bureau\SmitFraudFix.zip: trouvé !
C:\Documents and Settings\Jo\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Jo\Bureau\OtMoveIt2.exe: trouvé !
C:\Documents and Settings\Jo\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Jo\Bureau\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\Jo\Bureau\hijackthis.log: trouvé !
C:\Documents and Settings\Jo\Bureau\SmitFraudfix: trouvé !
C:\Documents and Settings\Jo\Bureau\Documents de tous\Document Philippe\vundoFix.exe: trouvé !
C:\Documents and Settings\Jo\Bureau\programme\SdFix.exe: trouvé !
C:\Documents and Settings\Jo\Bureau\programme\Navilog1.exe: trouvé !
C:\Documents and Settings\Jo\Bureau\programme\HJTInstall.exe: trouvé !
C:\Documents and Settings\Jo\Bureau\programme\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\Jo\Bureau\programme\SmitFraudfix: trouvé !
C:\Documents and Settings\Jo\Bureau\rapport 03 11 2008\fixnavi.txt: trouvé !
C:\Documents and Settings\Jo\Bureau\rapport 03 11 2008\lopR.txt: trouvé !
C:\Documents and Settings\Jo\Bureau\SmitfraudFix\SmitFraudfix: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\Jo\Bureau\SmitFraudFix.zip: supprimé !
C:\Documents and Settings\Jo\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Jo\Bureau\OtMoveIt2.exe: supprimé !
C:\Documents and Settings\Jo\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Jo\Bureau\SmitFraudFix.exe: supprimé !
C:\Documents and Settings\Jo\Bureau\Documents de tous\Document Philippe\vundoFix.exe: supprimé !
C:\Documents and Settings\Jo\Bureau\programme\SdFix.exe: supprimé !
C:\Documents and Settings\Jo\Bureau\programme\Navilog1.exe: supprimé !
C:\Documents and Settings\Jo\Bureau\programme\HJTInstall.exe: supprimé !
C:\Documents and Settings\Jo\Bureau\programme\SmitFraudFix.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\fixnavi.txt: supprimé !
C:\lopR.txt: supprimé !
C:\avenger.txt: supprimé !
C:\Documents and Settings\Jo\Bureau\hijackthis.log: supprimé !
C:\Documents and Settings\Jo\Bureau\rapport 03 11 2008\fixnavi.txt: supprimé !
C:\Documents and Settings\Jo\Bureau\rapport 03 11 2008\lopR.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\SDFIX: supprimé !
C:\Lop SD: supprimé !
C:\Vundofix backups: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\Jo\Bureau\SmitFraudfix: supprimé !
C:\Documents and Settings\Jo\Bureau\programme\SmitFraudfix: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Je vais installer Antivir, y a-t-il des choses spécifiques à faire pour qu'il marche et se mette a jour automatiquement? Dois-je désinstallé mon antivirus actuel?
Merci pour tes réponses précieuses,
A bientôt;
Philjofr
0
Réponse 54 / 54
Utilisateur anonyme
4 nov. 2008 à 20:53
Salut,

C:\Documents and Settings\Jo\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!

Ensuite désinstalle ton antivirus avant de mettre ANTIVIR.

@+
0