Fenêtre de pub
Forum Sécurité - Virus : Fenêtre de pub
Bonjour à tous voilà j'arrive pas a bloquer les fenêtres de pub elle me gache la vie je vous passe mon hijackthis
Merci de m'aider
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:07:14, on 23/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\yannick\LOCALS~1\Temp\Rar$EX00.812\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [AXIS TONS THE MP3] C:\Documents and Settings\All Users\Application Data\Readme Live Axis Tons\Kind gpl.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/adva [...] module.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_2_0.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 8737 bytes
Bonjour,
Télécharge Lop S&D.exe (Eric_71) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de LopS&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré (C:\lopR.txt*)
Répondre à Angeldark
oups déjà merci
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Award Medallion BIOS v6.00PG
USER : yannick ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 8.0.0.454 (Activated)
C:\ (Local Disk) - NTFS - Total : 186 Go Free : 147 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 23/09/2008|20:53 )
--------------------\\ Listing des dossiers dans APPLIC~1
[23/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[24/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[23/09/2008|07:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[15/09/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[17/09/2008|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[13/07/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[01/06/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/06/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MinigolfAdventures
[02/09/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
[07/09/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiberianStrikeX
[06/07/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra Online
[15/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[13/09/2008|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[06/05/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[24/03/2008|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/04/2008|21:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/03/2008|16:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/06/2008|11:52] C:\DOCUME~1\yannick\APPLIC~1\Adobe
[24/06/2008|20:52] C:\DOCUME~1\yannick\APPLIC~1\Alawar
[15/09/2008|22:01] C:\DOCUME~1\yannick\APPLIC~1\Apple Computer
[21/09/2008|09:31] C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp
[14/04/2008|16:16] C:\DOCUME~1\yannick\APPLIC~1\CamfrogWEB
[07/04/2008|16:57] C:\DOCUME~1\yannick\APPLIC~1\Help
[24/03/2008|16:08] C:\DOCUME~1\yannick\APPLIC~1\Identities
[13/07/2008|19:35] C:\DOCUME~1\yannick\APPLIC~1\InstallShield
[07/07/2008|22:21] C:\DOCUME~1\yannick\APPLIC~1\iWin
[04/04/2008|19:34] C:\DOCUME~1\yannick\APPLIC~1\Lavasoft
[02/04/2008|21:12] C:\DOCUME~1\yannick\APPLIC~1\Leadertech
[24/03/2008|20:48] C:\DOCUME~1\yannick\APPLIC~1\Macromedia
[18/04/2008|21:27] C:\DOCUME~1\yannick\APPLIC~1\Microsoft
[13/07/2008|17:13] C:\DOCUME~1\yannick\APPLIC~1\Mozilla
[06/07/2008|19:03] C:\DOCUME~1\yannick\APPLIC~1\Sierra Online
[02/04/2008|21:14] C:\DOCUME~1\yannick\APPLIC~1\Sonic
[22/06/2008|17:29] C:\DOCUME~1\yannick\APPLIC~1\Sun
[24/03/2008|21:47] C:\DOCUME~1\yannick\APPLIC~1\vlc
[15/06/2008|20:34] C:\DOCUME~1\yannick\APPLIC~1\WildTangent
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/09/2008 16:19][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[23/09/2008 07:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[13/09/2008|14:46] C:\Program Files\Adobe
[30/05/2008|17:03] C:\Program Files\Alwil Software
[13/07/2008|19:36] C:\Program Files\AMD
[05/08/2008|10:37] C:\Program Files\Apple Software Update
[13/07/2008|19:38] C:\Program Files\ATI Technologies
[02/09/2008|13:35] C:\Program Files\bolt eq comp
[14/07/2008|10:58] C:\Program Files\CA Yahoo! Anti-Spy
[20/07/2008|18:36] C:\Program Files\CFWebAdvancedU
[02/09/2008|13:35] C:\Program Files\Circle Developement
[24/03/2008|15:58] C:\Program Files\ComPlus Applications
[02/04/2008|21:31] C:\Program Files\DIFX
[22/09/2008|07:25] C:\Program Files\eMule
[14/07/2008|10:07] C:\Program Files\Fichiers communs
[13/07/2008|19:38] C:\Program Files\InstallShield Installation Information
[25/08/2008|20:03] C:\Program Files\Internet Explorer
[24/03/2008|20:39] C:\Program Files\Inventel
[23/09/2008|17:06] C:\Program Files\iPod
[23/09/2008|17:06] C:\Program Files\iTunes
[13/07/2008|19:50] C:\Program Files\Java
[15/09/2008|19:19] C:\Program Files\Kaspersky Lab
[24/03/2008|22:42] C:\Program Files\K-Lite Codec Pack
[17/09/2008|18:16] C:\Program Files\Lavasoft
[13/07/2008|18:24] C:\Program Files\ma-config.com
[28/08/2008|10:49] C:\Program Files\Messenger
[02/09/2008|13:35] C:\Program Files\Messenger Plus! Live
[24/03/2008|16:01] C:\Program Files\microsoft frontpage
[24/03/2008|20:28] C:\Program Files\Microsoft Office
[28/08/2008|10:46] C:\Program Files\Movie Maker
[15/09/2008|18:53] C:\Program Files\Mozilla Firefox
[24/03/2008|15:57] C:\Program Files\MSN
[24/03/2008|15:57] C:\Program Files\MSN Gaming Zone
[24/03/2008|22:31] C:\Program Files\MSXML 4.0
[28/08/2008|10:43] C:\Program Files\NetMeeting
[24/03/2008|15:57] C:\Program Files\Online Services
[24/03/2008|22:48] C:\Program Files\Orange
[28/08/2008|10:43] C:\Program Files\Outlook Express
[23/09/2008|17:04] C:\Program Files\QuickTime
[24/03/2008|20:37] C:\Program Files\Securitoo
[24/03/2008|15:59] C:\Program Files\Services en ligne
[02/04/2008|21:08] C:\Program Files\Sonic
[15/09/2008|19:16] C:\Program Files\Spybot - Search & Destroy
[23/09/2008|20:12] C:\Program Files\Trend Micro
[24/03/2008|16:08] C:\Program Files\Uninstall Information
[13/07/2008|19:37] C:\Program Files\VIA
[24/03/2008|21:46] C:\Program Files\VideoLAN
[23/09/2008|10:57] C:\Program Files\Wanadoo
[22/09/2008|22:49] C:\Program Files\WildGames
[24/03/2008|21:55] C:\Program Files\Windows Live
[04/05/2008|20:21] C:\Program Files\Windows Media Connect 2
[28/08/2008|10:43] C:\Program Files\Windows Media Player
[28/08/2008|10:43] C:\Program Files\Windows NT
[24/03/2008|15:59] C:\Program Files\WindowsUpdate
[24/03/2008|20:28] C:\Program Files\WinRAR
[24/03/2008|16:01] C:\Program Files\xerox
[13/07/2008|17:16] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[24/03/2008|22:21] C:\Program Files\Fichiers communs\Adobe
[23/09/2008|17:03] C:\Program Files\Fichiers communs\Apple
[24/03/2008|20:28] C:\Program Files\Fichiers communs\Designer
[13/07/2008|19:36] C:\Program Files\Fichiers communs\InstallShield
[22/06/2008|17:27] C:\Program Files\Fichiers communs\Java
[24/03/2008|23:42] C:\Program Files\Fichiers communs\Logitech
[25/03/2008|13:17] C:\Program Files\Fichiers communs\Microsoft Shared
[24/03/2008|15:58] C:\Program Files\Fichiers communs\MSSoap
[24/03/2008|16:44] C:\Program Files\Fichiers communs\ODBC
[24/03/2008|15:58] C:\Program Files\Fichiers communs\Services
[02/04/2008|21:09] C:\Program Files\Fichiers communs\Sonic
[24/03/2008|16:44] C:\Program Files\Fichiers communs\SpeechEngines
[02/04/2008|21:08] C:\Program Files\Fichiers communs\SureThing Shared
[28/08/2008|10:43] C:\Program Files\Fichiers communs\System
[24/03/2008|21:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[17/09/2008|18:15] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 46 Processes )
IEXPLORE.EXE ~ [PID:1112]
IEXPLORE.EXE ~ [PID:3692]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Kind gpl.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\yannick\Cookies\yannick@banner.cotedazurpalace[2].txt
C:\DOCUME~1\yannick\Cookies\yannick@cotedazurpalace[2].txt
C:\DOCUME~1\yannick\Cookies\yannick@adopt.euroclick[1].txt
C:\DOCUME~1\yannick\Cookies\yannick@32vegas[1].txt
C:\DOCUME~1\yannick\Cookies\yannick@banner.32vegas[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AXIS TONS THE MP3"="C:\\Documents and Settings\\All Users\\Application Data\\Readme Live Axis Tons\\Kind gpl.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 20:55:23
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 17
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\yannick\Mes documents\logitiels\Ahead.NeroLinux.v3.5.0.1.Incl-Keygen.rar
[F:160][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\Temp
[F:77][D:0]-> C:\DOCUME~1\yannick\Cookies
[F:2067][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 23/09/2008|20:56 - Option : [1]
--------------------\\ Fin du rapport a 20:56:56
Voilà
ET ENCORE MERCI DE LA RAPIDITEE
Message édité par labelette74 le 23-09-2008 à 21:03:12
Euh il n'est pas complet.
Répondre à Angeldark
il manque quoi?
j'ai rien d'autre
je recommence si tu veux?
Message édité par labelette74 le 23-09-2008 à 21:30:19
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Award Medallion BIOS v6.00PG
USER : yannick ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 8.0.0.454 (Activated)
C:\ (Local Disk) - NTFS - Total : 186 Go Free : 147 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 23/09/2008|21:29 )
--------------------\\ Listing des dossiers dans APPLIC~1
[23/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[24/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[23/09/2008|07:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[15/09/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[17/09/2008|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[13/07/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[01/06/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/06/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MinigolfAdventures
[02/09/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
[07/09/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiberianStrikeX
[06/07/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra Online
[15/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[13/09/2008|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[06/05/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[24/03/2008|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/04/2008|21:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/03/2008|16:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/06/2008|11:52] C:\DOCUME~1\yannick\APPLIC~1\Adobe
[24/06/2008|20:52] C:\DOCUME~1\yannick\APPLIC~1\Alawar
[15/09/2008|22:01] C:\DOCUME~1\yannick\APPLIC~1\Apple Computer
[21/09/2008|09:31] C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp
[14/04/2008|16:16] C:\DOCUME~1\yannick\APPLIC~1\CamfrogWEB
[07/04/2008|16:57] C:\DOCUME~1\yannick\APPLIC~1\Help
[24/03/2008|16:08] C:\DOCUME~1\yannick\APPLIC~1\Identities
[13/07/2008|19:35] C:\DOCUME~1\yannick\APPLIC~1\InstallShield
[07/07/2008|22:21] C:\DOCUME~1\yannick\APPLIC~1\iWin
[04/04/2008|19:34] C:\DOCUME~1\yannick\APPLIC~1\Lavasoft
[02/04/2008|21:12] C:\DOCUME~1\yannick\APPLIC~1\Leadertech
[24/03/2008|20:48] C:\DOCUME~1\yannick\APPLIC~1\Macromedia
[18/04/2008|21:27] C:\DOCUME~1\yannick\APPLIC~1\Microsoft
[13/07/2008|17:13] C:\DOCUME~1\yannick\APPLIC~1\Mozilla
[06/07/2008|19:03] C:\DOCUME~1\yannick\APPLIC~1\Sierra Online
[02/04/2008|21:14] C:\DOCUME~1\yannick\APPLIC~1\Sonic
[22/06/2008|17:29] C:\DOCUME~1\yannick\APPLIC~1\Sun
[24/03/2008|21:47] C:\DOCUME~1\yannick\APPLIC~1\vlc
[15/06/2008|20:34] C:\DOCUME~1\yannick\APPLIC~1\WildTangent
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/09/2008 16:19][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[23/09/2008 07:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[13/09/2008|14:46] C:\Program Files\Adobe
[30/05/2008|17:03] C:\Program Files\Alwil Software
[13/07/2008|19:36] C:\Program Files\AMD
[05/08/2008|10:37] C:\Program Files\Apple Software Update
[13/07/2008|19:38] C:\Program Files\ATI Technologies
[02/09/2008|13:35] C:\Program Files\bolt eq comp
[14/07/2008|10:58] C:\Program Files\CA Yahoo! Anti-Spy
[20/07/2008|18:36] C:\Program Files\CFWebAdvancedU
[02/09/2008|13:35] C:\Program Files\Circle Developement
[24/03/2008|15:58] C:\Program Files\ComPlus Applications
[02/04/2008|21:31] C:\Program Files\DIFX
[22/09/2008|07:25] C:\Program Files\eMule
[14/07/2008|10:07] C:\Program Files\Fichiers communs
[13/07/2008|19:38] C:\Program Files\InstallShield Installation Information
[25/08/2008|20:03] C:\Program Files\Internet Explorer
[24/03/2008|20:39] C:\Program Files\Inventel
[23/09/2008|17:06] C:\Program Files\iPod
[23/09/2008|17:06] C:\Program Files\iTunes
[13/07/2008|19:50] C:\Program Files\Java
[15/09/2008|19:19] C:\Program Files\Kaspersky Lab
[24/03/2008|22:42] C:\Program Files\K-Lite Codec Pack
[17/09/2008|18:16] C:\Program Files\Lavasoft
[13/07/2008|18:24] C:\Program Files\ma-config.com
[28/08/2008|10:49] C:\Program Files\Messenger
[02/09/2008|13:35] C:\Program Files\Messenger Plus! Live
[24/03/2008|16:01] C:\Program Files\microsoft frontpage
[24/03/2008|20:28] C:\Program Files\Microsoft Office
[28/08/2008|10:46] C:\Program Files\Movie Maker
[15/09/2008|18:53] C:\Program Files\Mozilla Firefox
[24/03/2008|15:57] C:\Program Files\MSN
[24/03/2008|15:57] C:\Program Files\MSN Gaming Zone
[24/03/2008|22:31] C:\Program Files\MSXML 4.0
[28/08/2008|10:43] C:\Program Files\NetMeeting
[24/03/2008|15:57] C:\Program Files\Online Services
[24/03/2008|22:48] C:\Program Files\Orange
[28/08/2008|10:43] C:\Program Files\Outlook Express
[23/09/2008|17:04] C:\Program Files\QuickTime
[24/03/2008|20:37] C:\Program Files\Securitoo
[24/03/2008|15:59] C:\Program Files\Services en ligne
[02/04/2008|21:08] C:\Program Files\Sonic
[15/09/2008|19:16] C:\Program Files\Spybot - Search & Destroy
[23/09/2008|20:12] C:\Program Files\Trend Micro
[24/03/2008|16:08] C:\Program Files\Uninstall Information
[13/07/2008|19:37] C:\Program Files\VIA
[24/03/2008|21:46] C:\Program Files\VideoLAN
[23/09/2008|10:57] C:\Program Files\Wanadoo
[22/09/2008|22:49] C:\Program Files\WildGames
[24/03/2008|21:55] C:\Program Files\Windows Live
[04/05/2008|20:21] C:\Program Files\Windows Media Connect 2
[28/08/2008|10:43] C:\Program Files\Windows Media Player
[28/08/2008|10:43] C:\Program Files\Windows NT
[24/03/2008|15:59] C:\Program Files\WindowsUpdate
[24/03/2008|20:28] C:\Program Files\WinRAR
[24/03/2008|16:01] C:\Program Files\xerox
[13/07/2008|17:16] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[24/03/2008|22:21] C:\Program Files\Fichiers communs\Adobe
[23/09/2008|17:03] C:\Program Files\Fichiers communs\Apple
[24/03/2008|20:28] C:\Program Files\Fichiers communs\Designer
[13/07/2008|19:36] C:\Program Files\Fichiers communs\InstallShield
[22/06/2008|17:27] C:\Program Files\Fichiers communs\Java
[24/03/2008|23:42] C:\Program Files\Fichiers communs\Logitech
[25/03/2008|13:17] C:\Program Files\Fichiers communs\Microsoft Shared
[24/03/2008|15:58] C:\Program Files\Fichiers communs\MSSoap
[24/03/2008|16:44] C:\Program Files\Fichiers communs\ODBC
[24/03/2008|15:58] C:\Program Files\Fichiers communs\Services
[02/04/2008|21:09] C:\Program Files\Fichiers communs\Sonic
[24/03/2008|16:44] C:\Program Files\Fichiers communs\SpeechEngines
[02/04/2008|21:08] C:\Program Files\Fichiers communs\SureThing Shared
[28/08/2008|10:43] C:\Program Files\Fichiers communs\System
[24/03/2008|21:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[17/09/2008|18:15] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 46 Processes )
IEXPLORE.EXE ~ [PID:1112]
IEXPLORE.EXE ~ [PID:3692]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Kind gpl.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\yannick\Cookies\yannick@banner.cotedazurpalace[2].txt
C:\DOCUME~1\yannick\Cookies\yannick@cotedazurpalace[2].txt
C:\DOCUME~1\yannick\Cookies\yannick@adopt.euroclick[1].txt
C:\DOCUME~1\yannick\Cookies\yannick@32vegas[1].txt
C:\DOCUME~1\yannick\Cookies\yannick@banner.32vegas[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AXIS TONS THE MP3"="C:\\Documents and Settings\\All Users\\Application Data\\Readme Live Axis Tons\\Kind gpl.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 21:31:36
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 17
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\yannick\Mes documents\logitiels\Ahead.NeroLinux.v3.5.0.1.Incl-Keygen.rar
[F:160][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\Temp
[F:83][D:0]-> C:\DOCUME~1\yannick\Cookies
[F:2462][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 23/09/2008|20:56 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 23/09/2008|21:33 - Option : [1]
--------------------\\ Fin du rapport a 21:33:19
Re,
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
Répondre à Angeldark
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Award Medallion BIOS v6.00PG
USER : yannick ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 8.0.0.454 (Activated)
C:\ (Local Disk) - NTFS - Total : 186 Go Free : 146 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [2] ( 24/09/2008|18:52 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Kind gpl.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[24/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[24/09/2008|08:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[15/09/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[17/09/2008|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[13/07/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[01/06/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/06/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MinigolfAdventures
[07/09/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiberianStrikeX
[06/07/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra Online
[15/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[13/09/2008|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[06/05/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[24/03/2008|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/04/2008|21:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/03/2008|16:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/06/2008|11:52] C:\DOCUME~1\yannick\APPLIC~1\Adobe
[24/06/2008|20:52] C:\DOCUME~1\yannick\APPLIC~1\Alawar
[15/09/2008|22:01] C:\DOCUME~1\yannick\APPLIC~1\Apple Computer
[21/09/2008|09:31] C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp
[14/04/2008|16:16] C:\DOCUME~1\yannick\APPLIC~1\CamfrogWEB
[07/04/2008|16:57] C:\DOCUME~1\yannick\APPLIC~1\Help
[24/03/2008|16:08] C:\DOCUME~1\yannick\APPLIC~1\Identities
[13/07/2008|19:35] C:\DOCUME~1\yannick\APPLIC~1\InstallShield
[07/07/2008|22:21] C:\DOCUME~1\yannick\APPLIC~1\iWin
[04/04/2008|19:34] C:\DOCUME~1\yannick\APPLIC~1\Lavasoft
[02/04/2008|21:12] C:\DOCUME~1\yannick\APPLIC~1\Leadertech
[24/03/2008|20:48] C:\DOCUME~1\yannick\APPLIC~1\Macromedia
[18/04/2008|21:27] C:\DOCUME~1\yannick\APPLIC~1\Microsoft
[13/07/2008|17:13] C:\DOCUME~1\yannick\APPLIC~1\Mozilla
[06/07/2008|19:03] C:\DOCUME~1\yannick\APPLIC~1\Sierra Online
[02/04/2008|21:14] C:\DOCUME~1\yannick\APPLIC~1\Sonic
[22/06/2008|17:29] C:\DOCUME~1\yannick\APPLIC~1\Sun
[24/03/2008|21:47] C:\DOCUME~1\yannick\APPLIC~1\vlc
[15/06/2008|20:34] C:\DOCUME~1\yannick\APPLIC~1\WildTangent
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/09/2008 16:19][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[24/09/2008 07:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[13/09/2008|14:46] C:\Program Files\Adobe
[30/05/2008|17:03] C:\Program Files\Alwil Software
[13/07/2008|19:36] C:\Program Files\AMD
[05/08/2008|10:37] C:\Program Files\Apple Software Update
[13/07/2008|19:38] C:\Program Files\ATI Technologies
[02/09/2008|13:35] C:\Program Files\bolt eq comp
[14/07/2008|10:58] C:\Program Files\CA Yahoo! Anti-Spy
[20/07/2008|18:36] C:\Program Files\CFWebAdvancedU
[24/03/2008|15:58] C:\Program Files\ComPlus Applications
[02/04/2008|21:31] C:\Program Files\DIFX
[24/09/2008|13:52] C:\Program Files\eMule
[14/07/2008|10:07] C:\Program Files\Fichiers communs
[13/07/2008|19:38] C:\Program Files\InstallShield Installation Information
[25/08/2008|20:03] C:\Program Files\Internet Explorer
[24/03/2008|20:39] C:\Program Files\Inventel
[23/09/2008|17:06] C:\Program Files\iPod
[23/09/2008|17:06] C:\Program Files\iTunes
[13/07/2008|19:50] C:\Program Files\Java
[15/09/2008|19:19] C:\Program Files\Kaspersky Lab
[24/03/2008|22:42] C:\Program Files\K-Lite Codec Pack
[17/09/2008|18:16] C:\Program Files\Lavasoft
[13/07/2008|18:24] C:\Program Files\ma-config.com
[28/08/2008|10:49] C:\Program Files\Messenger
[02/09/2008|13:35] C:\Program Files\Messenger Plus! Live
[24/03/2008|16:01] C:\Program Files\microsoft frontpage
[24/03/2008|20:28] C:\Program Files\Microsoft Office
[28/08/2008|10:46] C:\Program Files\Movie Maker
[15/09/2008|18:53] C:\Program Files\Mozilla Firefox
[24/03/2008|15:57] C:\Program Files\MSN
[24/03/2008|15:57] C:\Program Files\MSN Gaming Zone
[24/03/2008|22:31] C:\Program Files\MSXML 4.0
[28/08/2008|10:43] C:\Program Files\NetMeeting
[24/03/2008|15:57] C:\Program Files\Online Services
[24/03/2008|22:48] C:\Program Files\Orange
[28/08/2008|10:43] C:\Program Files\Outlook Express
[23/09/2008|17:04] C:\Program Files\QuickTime
[24/03/2008|20:37] C:\Program Files\Securitoo
[24/03/2008|15:59] C:\Program Files\Services en ligne
[02/04/2008|21:08] C:\Program Files\Sonic
[15/09/2008|19:16] C:\Program Files\Spybot - Search & Destroy
[23/09/2008|20:12] C:\Program Files\Trend Micro
[24/03/2008|16:08] C:\Program Files\Uninstall Information
[13/07/2008|19:37] C:\Program Files\VIA
[24/03/2008|21:46] C:\Program Files\VideoLAN
[24/09/2008|11:42] C:\Program Files\Wanadoo
[22/09/2008|22:49] C:\Program Files\WildGames
[24/03/2008|21:55] C:\Program Files\Windows Live
[04/05/2008|20:21] C:\Program Files\Windows Media Connect 2
[28/08/2008|10:43] C:\Program Files\Windows Media Player
[28/08/2008|10:43] C:\Program Files\Windows NT
[24/03/2008|15:59] C:\Program Files\WindowsUpdate
[24/03/2008|20:28] C:\Program Files\WinRAR
[24/03/2008|16:01] C:\Program Files\xerox
[13/07/2008|17:16] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[24/03/2008|22:21] C:\Program Files\Fichiers communs\Adobe
[23/09/2008|17:03] C:\Program Files\Fichiers communs\Apple
[24/03/2008|20:28] C:\Program Files\Fichiers communs\Designer
[13/07/2008|19:36] C:\Program Files\Fichiers communs\InstallShield
[22/06/2008|17:27] C:\Program Files\Fichiers communs\Java
[24/03/2008|23:42] C:\Program Files\Fichiers communs\Logitech
[25/03/2008|13:17] C:\Program Files\Fichiers communs\Microsoft Shared
[24/03/2008|15:58] C:\Program Files\Fichiers communs\MSSoap
[24/03/2008|16:44] C:\Program Files\Fichiers communs\ODBC
[24/03/2008|15:58] C:\Program Files\Fichiers communs\Services
[02/04/2008|21:09] C:\Program Files\Fichiers communs\Sonic
[24/03/2008|16:44] C:\Program Files\Fichiers communs\SpeechEngines
[02/04/2008|21:08] C:\Program Files\Fichiers communs\SureThing Shared
[28/08/2008|10:43] C:\Program Files\Fichiers communs\System
[24/03/2008|21:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[17/09/2008|18:15] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 42 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-24 18:53:24
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 17
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\yannick\Mes documents\logitiels\Ahead.NeroLinux.v3.5.0.1.Incl-Keygen.rar
[F:165][D:8]-> C:\DOCUME~1\yannick\LOCALS~1\Temp
[F:26][D:0]-> C:\DOCUME~1\yannick\Cookies
[F:190][D:5]-> C:\DOCUME~1\yannick\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 23/09/2008|20:56 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 23/09/2008|21:33 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 24/09/2008|18:54 - Option : [2]
--------------------\\ Fin du rapport a 18:54:32
C'est fait
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:54:09, on 24/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/adva [...] module.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_2_0.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 8403 bytes
Re,
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
C:\Program Files\bolt eq comp
|
- Relance Lop S&D.
- Choisis cette fois-ci l'option 4 (LopScript). Une page blanche va s'ouvrir, colle (Ctrl+V) le texte précedemment copié.
- Ferme cette page, il te sera demandé de l'enregistrer, accepte.
! Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Répondre à Angeldark
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Award Medallion BIOS v6.00PG
USER : yannick ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 8.0.0.454 (Activated)
C:\ (Local Disk) - NTFS - Total : 186 Go Free : 146 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [4] ( 25/09/2008|20:26 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script
C:\Program Files\bolt eq comp
C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\bolt eq comp
Supprime! - C:\DOCUME~1\yannick\APPLIC~1\bolt eq comp
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[24/03/2008|22:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/03/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[25/09/2008|10:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[15/09/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[17/09/2008|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[13/07/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[01/06/2008|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/06/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MinigolfAdventures
[07/09/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiberianStrikeX
[06/07/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra Online
[15/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[13/09/2008|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[06/05/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/03/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[24/03/2008|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/04/2008|21:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/03/2008|16:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/06/2008|11:52] C:\DOCUME~1\yannick\APPLIC~1\Adobe
[24/06/2008|20:52] C:\DOCUME~1\yannick\APPLIC~1\Alawar
[15/09/2008|22:01] C:\DOCUME~1\yannick\APPLIC~1\Apple Computer
[14/04/2008|16:16] C:\DOCUME~1\yannick\APPLIC~1\CamfrogWEB
[07/04/2008|16:57] C:\DOCUME~1\yannick\APPLIC~1\Help
[24/03/2008|16:08] C:\DOCUME~1\yannick\APPLIC~1\Identities
[13/07/2008|19:35] C:\DOCUME~1\yannick\APPLIC~1\InstallShield
[07/07/2008|22:21] C:\DOCUME~1\yannick\APPLIC~1\iWin
[04/04/2008|19:34] C:\DOCUME~1\yannick\APPLIC~1\Lavasoft
[02/04/2008|21:12] C:\DOCUME~1\yannick\APPLIC~1\Leadertech
[24/03/2008|20:48] C:\DOCUME~1\yannick\APPLIC~1\Macromedia
[18/04/2008|21:27] C:\DOCUME~1\yannick\APPLIC~1\Microsoft
[13/07/2008|17:13] C:\DOCUME~1\yannick\APPLIC~1\Mozilla
[06/07/2008|19:03] C:\DOCUME~1\yannick\APPLIC~1\Sierra Online
[02/04/2008|21:14] C:\DOCUME~1\yannick\APPLIC~1\Sonic
[22/06/2008|17:29] C:\DOCUME~1\yannick\APPLIC~1\Sun
[24/03/2008|21:47] C:\DOCUME~1\yannick\APPLIC~1\vlc
[15/06/2008|20:34] C:\DOCUME~1\yannick\APPLIC~1\WildTangent
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/09/2008 16:19][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/09/2008 10:44][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[13/09/2008|14:46] C:\Program Files\Adobe
[30/05/2008|17:03] C:\Program Files\Alwil Software
[13/07/2008|19:36] C:\Program Files\AMD
[05/08/2008|10:37] C:\Program Files\Apple Software Update
[13/07/2008|19:38] C:\Program Files\ATI Technologies
[14/07/2008|10:58] C:\Program Files\CA Yahoo! Anti-Spy
[20/07/2008|18:36] C:\Program Files\CFWebAdvancedU
[24/03/2008|15:58] C:\Program Files\ComPlus Applications
[02/04/2008|21:31] C:\Program Files\DIFX
[25/09/2008|14:25] C:\Program Files\eMule
[14/07/2008|10:07] C:\Program Files\Fichiers communs
[13/07/2008|19:38] C:\Program Files\InstallShield Installation Information
[25/08/2008|20:03] C:\Program Files\Internet Explorer
[24/03/2008|20:39] C:\Program Files\Inventel
[23/09/2008|17:06] C:\Program Files\iPod
[23/09/2008|17:06] C:\Program Files\iTunes
[13/07/2008|19:50] C:\Program Files\Java
[15/09/2008|19:19] C:\Program Files\Kaspersky Lab
[24/03/2008|22:42] C:\Program Files\K-Lite Codec Pack
[17/09/2008|18:16] C:\Program Files\Lavasoft
[13/07/2008|18:24] C:\Program Files\ma-config.com
[28/08/2008|10:49] C:\Program Files\Messenger
[02/09/2008|13:35] C:\Program Files\Messenger Plus! Live
[24/03/2008|16:01] C:\Program Files\microsoft frontpage
[24/03/2008|20:28] C:\Program Files\Microsoft Office
[28/08/2008|10:46] C:\Program Files\Movie Maker
[15/09/2008|18:53] C:\Program Files\Mozilla Firefox
[24/03/2008|15:57] C:\Program Files\MSN
[24/03/2008|15:57] C:\Program Files\MSN Gaming Zone
[24/03/2008|22:31] C:\Program Files\MSXML 4.0
[28/08/2008|10:43] C:\Program Files\NetMeeting
[24/03/2008|15:57] C:\Program Files\Online Services
[24/03/2008|22:48] C:\Program Files\Orange
[28/08/2008|10:43] C:\Program Files\Outlook Express
[23/09/2008|17:04] C:\Program Files\QuickTime
[24/03/2008|20:37] C:\Program Files\Securitoo
[24/03/2008|15:59] C:\Program Files\Services en ligne
[02/04/2008|21:08] C:\Program Files\Sonic
[15/09/2008|19:16] C:\Program Files\Spybot - Search & Destroy
[23/09/2008|20:12] C:\Program Files\Trend Micro
[24/03/2008|16:08] C:\Program Files\Uninstall Information
[13/07/2008|19:37] C:\Program Files\VIA
[24/03/2008|21:46] C:\Program Files\VideoLAN
[25/09/2008|12:04] C:\Program Files\Wanadoo
[22/09/2008|22:49] C:\Program Files\WildGames
[24/03/2008|21:55] C:\Program Files\Windows Live
[04/05/2008|20:21] C:\Program Files\Windows Media Connect 2
[28/08/2008|10:43] C:\Program Files\Windows Media Player
[28/08/2008|10:43] C:\Program Files\Windows NT
[24/03/2008|15:59] C:\Program Files\WindowsUpdate
[24/03/2008|20:28] C:\Program Files\WinRAR
[24/03/2008|16:01] C:\Program Files\xerox
[13/07/2008|17:16] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[24/03/2008|22:21] C:\Program Files\Fichiers communs\Adobe
[23/09/2008|17:03] C:\Program Files\Fichiers communs\Apple
[24/03/2008|20:28] C:\Program Files\Fichiers communs\Designer
[13/07/2008|19:36] C:\Program Files\Fichiers communs\InstallShield
[22/06/2008|17:27] C:\Program Files\Fichiers communs\Java
[24/03/2008|23:42] C:\Program Files\Fichiers communs\Logitech
[25/03/2008|13:17] C:\Program Files\Fichiers communs\Microsoft Shared
[24/03/2008|15:58] C:\Program Files\Fichiers communs\MSSoap
[24/03/2008|16:44] C:\Program Files\Fichiers communs\ODBC
[24/03/2008|15:58] C:\Program Files\Fichiers communs\Services
[02/04/2008|21:09] C:\Program Files\Fichiers communs\Sonic
[24/03/2008|16:44] C:\Program Files\Fichiers communs\SpeechEngines
[02/04/2008|21:08] C:\Program Files\Fichiers communs\SureThing Shared
[28/08/2008|10:43] C:\Program Files\Fichiers communs\System
[24/03/2008|21:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[17/09/2008|18:15] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 41 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-25 20:29:44
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 17
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\yannick\Mes documents\logitiels\Ahead.NeroLinux.v3.5.0.1.Incl-Keygen.rar
[F:163][D:6]-> C:\DOCUME~1\yannick\LOCALS~1\Temp
[F:28][D:0]-> C:\DOCUME~1\yannick\Cookies
[F:152][D:5]-> C:\DOCUME~1\yannick\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 23/09/2008|20:56 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 23/09/2008|21:33 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 24/09/2008|18:54 - Option : [2]
4 - "C:\Lop SD\LopR_4.txt" - 25/09/2008|20:31 - Option : [4]
--------------------\\ Fin du rapport a 20:31:04
Voilà
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:09:30, on 25/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/adva [...] module.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_2_0.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 8403 bytes
Re,
Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
|
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:42, on 26/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/adva [...] module.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_2_0.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 8208 bytes
j'ai fait ce que tu m'a dit je te repost un rapport hijackthis
Re,
Fix la ligne dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
O4 - HKCU\..\Run: [DEFY MAPI] C:\DOCUME~1\yannick\APPLIC~1\BOLTEQ~1\MeowThat.exe |
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:23, on 28/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/adva [...] module.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_2_0.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 8124 bytes
oki c'est fait
Tu as encore des soucis ?
Répondre à Angeldark
bah pour le moment plus aucun je te remercie de ta rapidité et de tes conseils sa à l'air de fonctionner merci merci merci
si je peux faire quelques choses n'hésite pas encore merci de ta disponibilitée
Je pense que c'est ok 
Répondre à Angeldark
encore merci bonne soirée
Bon surf.
Répondre à Angeldark
Il y a 2804 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
