le parapluie antivir reste fermé
Forum Sécurité - Virus : le parapluie antivir reste fermé
bonjour,
depuis quelques temps, le parapluie située à côté de l'heure d'antivir reste toujours fermé. Et lorsque j'allume mon ordinateur, un message d'alerte sécurité windows apparait mais se referme de suite.
Je m'adresse donc à vous pour savoir s'il ne s'agit pas d'un virus.
Je tiens aussi à signaler que quand je suis sur internet, je n'arrête pas de recevoir des pubs "cid" et que lorsque j'éteins mon ordinateur, un message apparait avec une barre de progression où il est écrit le programme n'a pas pu s'arrêter correctement.
D'avance merci.
voici le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:50:07, on 03/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Florian\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Application Data\Long slow road itch\store data.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [Barb mfcd] C:\DOCUME~1\Florian\APPLIC~1\PEAKDE~1\inter copy bib.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8898 bytes
Bonjour,
Télécharge Lop S&D.exe (Eric_71) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de LopS&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré (C:\lopR.txt*)
* le nom de la partition peut changer
Répondre à Angeldark
bonjour !
euh j'avais dit une bétise puisque le parapluie d'antivir est ouvert maintenant.
voici le rapport de lop S&D :
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2060 @ 1.60GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : Florian ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:73 Go (Free:56 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 06/12/2008|12:47 )
--------------------\\ Listing des dossiers dans APPLIC~1
[21/03/2008|17:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[30/06/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/06/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[21/03/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Atheros
[27/06/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[21/03/2008|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluebeam Software
[29/03/2008|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[03/12/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[30/03/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ktghsbij
[26/03/2008|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/11/2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[16/08/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[20/11/2008|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
[30/03/2008|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/03/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/11/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/06/2008|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[11/05/2008|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
[02/07/2008|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[17/04/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[22/03/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[26/03/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/03/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/04/2008|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/03/2008|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[21/03/2008|17:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/07/2008|16:31] C:\DOCUME~1\Florian\APPLIC~1\Adobe
[05/04/2008|20:34] C:\DOCUME~1\Florian\APPLIC~1\Ambient Design
[30/06/2008|12:04] C:\DOCUME~1\Florian\APPLIC~1\Apple Computer
[21/04/2008|11:41] C:\DOCUME~1\Florian\APPLIC~1\Google
[07/05/2008|14:33] C:\DOCUME~1\Florian\APPLIC~1\Grisoft
[21/03/2008|17:48] C:\DOCUME~1\Florian\APPLIC~1\Help
[21/03/2008|17:12] C:\DOCUME~1\Florian\APPLIC~1\Identities
[21/03/2008|18:03] C:\DOCUME~1\Florian\APPLIC~1\InstallShield
[16/08/2008|11:17] C:\DOCUME~1\Florian\APPLIC~1\Leadertech
[03/12/2008|18:19] C:\DOCUME~1\Florian\APPLIC~1\LimeWire
[22/03/2008|11:34] C:\DOCUME~1\Florian\APPLIC~1\Macromedia
[30/03/2008|16:37] C:\DOCUME~1\Florian\APPLIC~1\Malwarebytes
[15/08/2008|16:40] C:\DOCUME~1\Florian\APPLIC~1\Microsoft
[18/06/2008|19:31] C:\DOCUME~1\Florian\APPLIC~1\Mozilla
[21/03/2008|21:16] C:\DOCUME~1\Florian\APPLIC~1\MSNInstaller
[17/04/2008|14:29] C:\DOCUME~1\Florian\APPLIC~1\Nokia
[09/07/2008|20:19] C:\DOCUME~1\Florian\APPLIC~1\Nokia Multimedia Player
[11/05/2008|10:28] C:\DOCUME~1\Florian\APPLIC~1\PC Suite
[20/11/2008|22:10] C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date
[19/11/2008|18:03] C:\DOCUME~1\Florian\APPLIC~1\Real
[04/07/2008|18:04] C:\DOCUME~1\Florian\APPLIC~1\RetinaX
[21/03/2008|18:32] C:\DOCUME~1\Florian\APPLIC~1\SolidWorks
[06/07/2008|16:15] C:\DOCUME~1\Florian\APPLIC~1\Sun
[17/04/2008|13:58] C:\DOCUME~1\Florian\APPLIC~1\vlc
[02/07/2008|17:05] C:\DOCUME~1\Florian\APPLIC~1\Winamp
[21/03/2008|17:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/03/2008|17:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[03/12/2008 20:00][--ah-----] C:\WINDOWS\tasks\B258D0BC91137F50.job
[20/11/2008 13:09][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/12/2008 12:35][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( B258D0BC91137F50.job )=( c:\docume~1\florian\applic~1\peakde~1\1optionsixth.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[30/03/2008|16:25] C:\Program Files\Alwil Software
[05/04/2008|20:17] C:\Program Files\Ambient Design
[30/06/2008|11:59] C:\Program Files\Apple Software Update
[21/03/2008|18:50] C:\Program Files\Atheros
[21/03/2008|17:46] C:\Program Files\ATI Technologies
[17/07/2008|09:16] C:\Program Files\Audacity
[27/06/2008|11:48] C:\Program Files\Avira
[02/04/2008|14:47] C:\Program Files\AviSynth 2.5
[21/03/2008|18:29] C:\Program Files\Bluebeam Software
[22/07/2008|12:32] C:\Program Files\Capturino 1.4
[30/03/2008|19:16] C:\Program Files\CCleaner
[20/11/2008|22:09] C:\Program Files\Circle Developement
[21/03/2008|17:01] C:\Program Files\ComPlus Applications
[02/04/2008|16:30] C:\Program Files\Conduit
[16/04/2008|17:46] C:\Program Files\DIFX
[25/07/2008|20:42] C:\Program Files\eMule
[02/04/2008|14:47] C:\Program Files\eRightSoft
[20/11/2008|20:06] C:\Program Files\Fichiers communs
[17/07/2008|09:37] C:\Program Files\Free Audio Pack
[06/05/2008|21:35] C:\Program Files\FusionSoft DVD Player XP
[21/04/2008|11:40] C:\Program Files\Google
[07/05/2008|14:32] C:\Program Files\Grisoft
[10/04/2008|11:48] C:\Program Files\GT Interactive
[16/08/2008|11:18] C:\Program Files\InstallShield Installation Information
[20/06/2008|12:44] C:\Program Files\Internet Explorer
[30/03/2008|19:46] C:\Program Files\IVCsoft
[20/07/2008|09:39] C:\Program Files\Java
[16/08/2008|11:13] C:\Program Files\Labtec
[20/06/2008|15:17] C:\Program Files\Lavalys
[26/03/2008|21:28] C:\Program Files\Lavasoft
[08/11/2008|14:50] C:\Program Files\LimeWire
[16/08/2008|11:18] C:\Program Files\Logitech
[21/03/2008|18:01] C:\Program Files\ltmoh
[02/04/2008|16:30] C:\Program Files\Magic-Radio
[08/11/2008|14:58] C:\Program Files\Malwarebytes' Anti-Malware
[02/07/2008|16:42] C:\Program Files\MediaMonkey
[02/04/2008|20:38] C:\Program Files\Messenger
[20/11/2008|22:09] C:\Program Files\Messenger Plus! Live
[20/11/2008|20:12] C:\Program Files\Microsoft
[21/03/2008|17:06] C:\Program Files\microsoft frontpage
[21/03/2008|18:41] C:\Program Files\Microsoft Office
[20/11/2008|20:14] C:\Program Files\Microsoft SQL Server Compact Edition
[21/03/2008|18:40] C:\Program Files\Microsoft Visual Studio
[21/03/2008|18:41] C:\Program Files\Microsoft Works
[21/03/2008|17:03] C:\Program Files\Movie Maker
[06/12/2008|12:38] C:\Program Files\Mozilla Firefox
[15/06/2008|10:32] C:\Program Files\mp3DirectCut
[21/03/2008|18:41] C:\Program Files\MSBuild
[21/03/2008|21:16] C:\Program Files\MSN
[21/03/2008|17:01] C:\Program Files\MSN Gaming Zone
[02/04/2008|15:53] C:\Program Files\MSXML 4.0
[11/05/2008|10:11] C:\Program Files\MSXML 6.0
[21/03/2008|17:03] C:\Program Files\NetMeeting
[03/12/2008|20:25] C:\Program Files\Nokia
[21/03/2008|17:01] C:\Program Files\Online Services
[02/04/2008|20:38] C:\Program Files\Outlook Express
[16/04/2008|17:46] C:\Program Files\PC Connectivity Solution
[04/07/2008|17:46] C:\Program Files\PC Health Optimizer Free Edition
[20/11/2008|22:09] C:\Program Files\Peak Dead Date
[17/04/2008|18:09] C:\Program Files\PhotoFiltre
[30/06/2008|12:00] C:\Program Files\QuickTime
[19/11/2008|17:58] C:\Program Files\Real
[21/03/2008|17:52] C:\Program Files\Realtek
[21/03/2008|17:04] C:\Program Files\Services en ligne
[04/11/2008|19:59] C:\Program Files\SolidWorks
[08/11/2008|11:39] C:\Program Files\Sony Ericsson
[09/07/2008|15:17] C:\Program Files\SpeedFan
[26/03/2008|20:13] C:\Program Files\Spybot - Search & Destroy
[04/07/2008|11:18] C:\Program Files\Sun
[30/03/2008|19:10] C:\Program Files\Trend Micro
[21/03/2008|17:12] C:\Program Files\Uninstall Information
[18/04/2008|20:33] C:\Program Files\Valve Lan
[17/04/2008|13:55] C:\Program Files\VideoLAN
[17/07/2008|09:10] C:\Program Files\VirtualDJ
[02/07/2008|16:48] C:\Program Files\Winamp
[02/07/2008|16:46] C:\Program Files\Winamp Remote
[20/11/2008|20:15] C:\Program Files\Windows Live
[20/11/2008|20:10] C:\Program Files\Windows Media Connect 2
[21/11/2008|10:58] C:\Program Files\Windows Media Player
[21/03/2008|17:01] C:\Program Files\Windows NT
[21/03/2008|17:04] C:\Program Files\WindowsUpdate
[21/03/2008|17:06] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[21/03/2008|18:29] C:\Program Files\Fichiers communs\Bluebeam Software
[21/03/2008|18:25] C:\Program Files\Fichiers communs\Designer
[22/03/2008|13:13] C:\Program Files\Fichiers communs\InstallShield
[04/07/2008|11:16] C:\Program Files\Fichiers communs\Java
[15/08/2008|16:40] C:\Program Files\Fichiers communs\Labtec
[16/08/2008|11:18] C:\Program Files\Fichiers communs\LogiShrd
[20/11/2008|20:12] C:\Program Files\Fichiers communs\Microsoft Shared
[21/03/2008|17:03] C:\Program Files\Fichiers communs\MSSoap
[03/12/2008|20:24] C:\Program Files\Fichiers communs\Nokia
[21/03/2008|17:52] C:\Program Files\Fichiers communs\ODBC
[16/04/2008|17:47] C:\Program Files\Fichiers communs\PCSuite
[19/11/2008|17:58] C:\Program Files\Fichiers communs\Real
[21/03/2008|17:03] C:\Program Files\Fichiers communs\Services
[21/03/2008|18:20] C:\Program Files\Fichiers communs\Solidworks Data
[21/03/2008|18:26] C:\Program Files\Fichiers communs\SolidWorks Shared
[21/03/2008|17:52] C:\Program Files\Fichiers communs\SpeechEngines
[02/04/2008|20:38] C:\Program Files\Fichiers communs\System
[22/03/2008|13:14] C:\Program Files\Fichiers communs\Teleca Shared
[10/07/2008|16:21] C:\Program Files\Fichiers communs\Vbox
[20/11/2008|20:06] C:\Program Files\Fichiers communs\Windows Live
[22/03/2008|10:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[26/03/2008|21:27] C:\Program Files\Fichiers communs\Wise Installation Wizard
[19/11/2008|17:58] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 54 Processes )
IEXPLORE.EXE ~ [PID:796]
IEXPLORE.EXE ~ [PID:1420]
IEXPLORE.EXE ~ [PID:1828]
IEXPLORE.EXE ~ [PID:3760]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\Florian\LOCALS~1\Temp\bis210.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch\store data.exe
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\1optionsixth.exe
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\ckahitua.exe
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\inter copy bib.exe
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\Nurb time mode bags.exe
C:\Program Files\Peak Dead Date
C:\DOCUME~1\Florian\APPLIC~1\peakde~1
C:\DOCUME~1\Florian\APPLIC~1\peakde~1\1optionsixth.exe
C:\DOCUME~1\Florian\APPLIC~1\peakde~1\ckahitua.exe
C:\DOCUME~1\Florian\APPLIC~1\peakde~1\inter copy bib.exe
C:\DOCUME~1\Florian\APPLIC~1\peakde~1\Nurb time mode bags.exe
C:\Program Files\peakde~1
C:\DOCUME~1\Florian\LOCALS~1\Temp\msgpl_9a0a.tmp
C:\DOCUME~1\Florian\LOCALS~1\Temp\NSU_b3d46f6a5e60473713dbdc
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\Florian\Cookies\florian@banner.cotedazurpalace[2].txt
C:\DOCUME~1\Florian\Cookies\florian@cotedazurpalace[2].txt
C:\DOCUME~1\Florian\Cookies\florian@adopt.euroclick[1].txt
C:\DOCUME~1\Florian\Cookies\florian@pacificpoker[1].txt
C:\DOCUME~1\Florian\Cookies\florian@partypoker[1].txt
C:\WINDOWS\Tasks\B258D0BC91137F50.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Barb mfcd"="C:\\DOCUME~1\\Florian\\APPLIC~1\\PEAKDE~1\\inter copy bib.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ROAD ITCH AMOK PING"="C:\\Documents and Settings\\All Users\\Application Data\\Long slow road itch\\store data.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-06 12:48:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 32
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:338][D:24]-> C:\DOCUME~1\Florian\LOCALS~1\Temp
[F:89][D:0]-> C:\DOCUME~1\Florian\Cookies
[F:1948][D:5]-> C:\DOCUME~1\Florian\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 05/11/2008|20:07 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/11/2008|10:54 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 06/12/2008|12:50 - Option : [1]
--------------------\\ Fin du rapport a 12:50:22
On t'aide déjà sur un autre site ?
Répondre à Angeldark
non.
mais javais déjà eu quelques souci il y a à peut près un mois et tu t'étais occupé de moi mais la c'est revenu
Repasse l'option 2 de LopSD. Faudrait faire attention...
Répondre à Angeldark
oui j'ai pas été malin j'aurais dû te prévenir avant ...
voici le rapport :
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2060 @ 1.60GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : Florian ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:73 Go (Free:56 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 07/12/2008|20:37 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch\store data.exe
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\1optionsixth.exe
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\ckahitua.exe
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\inter copy bib.exe
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\Nurb time mode bags.exe
Supprime! - C:\DOCUME~1\Florian\LOCALS~1\Temp\msgpl_9a0a.tmp
Supprime! - C:\DOCUME~1\Florian\LOCALS~1\Temp\NSU_b3d46f6a5e60473713dbdc
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\Florian\Cookies\florian@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Florian\Cookies\florian@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Florian\Cookies\florian@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\Florian\Cookies\florian@partypoker[1].txt
Supprime! - C:\WINDOWS\Tasks\B258D0BC91137F50.job
Supprime! - C:\DOCUME~1\Florian\LOCALS~1\Temp\bis210.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date
Supprime! - C:\Program Files\Peak Dead Date
Supprime! - C:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[21/03/2008|17:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[30/06/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/06/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[21/03/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Atheros
[27/06/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[21/03/2008|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluebeam Software
[29/03/2008|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[03/12/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[30/03/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ktghsbij
[26/03/2008|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/11/2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[16/08/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[30/03/2008|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/03/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/11/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/06/2008|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[03/12/2008|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
[02/07/2008|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[17/04/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[22/03/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[26/03/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/03/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/04/2008|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/03/2008|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[21/03/2008|17:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/07/2008|16:31] C:\DOCUME~1\Florian\APPLIC~1\Adobe
[05/04/2008|20:34] C:\DOCUME~1\Florian\APPLIC~1\Ambient Design
[30/06/2008|12:04] C:\DOCUME~1\Florian\APPLIC~1\Apple Computer
[21/04/2008|11:41] C:\DOCUME~1\Florian\APPLIC~1\Google
[07/05/2008|14:33] C:\DOCUME~1\Florian\APPLIC~1\Grisoft
[21/03/2008|17:48] C:\DOCUME~1\Florian\APPLIC~1\Help
[21/03/2008|17:12] C:\DOCUME~1\Florian\APPLIC~1\Identities
[21/03/2008|18:03] C:\DOCUME~1\Florian\APPLIC~1\InstallShield
[16/08/2008|11:17] C:\DOCUME~1\Florian\APPLIC~1\Leadertech
[03/12/2008|18:19] C:\DOCUME~1\Florian\APPLIC~1\LimeWire
[22/03/2008|11:34] C:\DOCUME~1\Florian\APPLIC~1\Macromedia
[30/03/2008|16:37] C:\DOCUME~1\Florian\APPLIC~1\Malwarebytes
[15/08/2008|16:40] C:\DOCUME~1\Florian\APPLIC~1\Microsoft
[18/06/2008|19:31] C:\DOCUME~1\Florian\APPLIC~1\Mozilla
[21/03/2008|21:16] C:\DOCUME~1\Florian\APPLIC~1\MSNInstaller
[17/04/2008|14:29] C:\DOCUME~1\Florian\APPLIC~1\Nokia
[09/07/2008|20:19] C:\DOCUME~1\Florian\APPLIC~1\Nokia Multimedia Player
[11/05/2008|10:28] C:\DOCUME~1\Florian\APPLIC~1\PC Suite
[19/11/2008|18:03] C:\DOCUME~1\Florian\APPLIC~1\Real
[04/07/2008|18:04] C:\DOCUME~1\Florian\APPLIC~1\RetinaX
[21/03/2008|18:32] C:\DOCUME~1\Florian\APPLIC~1\SolidWorks
[06/07/2008|16:15] C:\DOCUME~1\Florian\APPLIC~1\Sun
[17/04/2008|13:58] C:\DOCUME~1\Florian\APPLIC~1\vlc
[02/07/2008|17:05] C:\DOCUME~1\Florian\APPLIC~1\Winamp
[21/03/2008|17:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/03/2008|17:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[20/11/2008 13:09][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[07/12/2008 18:54][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/03/2008|16:25] C:\Program Files\Alwil Software
[05/04/2008|20:17] C:\Program Files\Ambient Design
[30/06/2008|11:59] C:\Program Files\Apple Software Update
[21/03/2008|18:50] C:\Program Files\Atheros
[21/03/2008|17:46] C:\Program Files\ATI Technologies
[17/07/2008|09:16] C:\Program Files\Audacity
[27/06/2008|11:48] C:\Program Files\Avira
[02/04/2008|14:47] C:\Program Files\AviSynth 2.5
[21/03/2008|18:29] C:\Program Files\Bluebeam Software
[22/07/2008|12:32] C:\Program Files\Capturino 1.4
[30/03/2008|19:16] C:\Program Files\CCleaner
[21/03/2008|17:01] C:\Program Files\ComPlus Applications
[02/04/2008|16:30] C:\Program Files\Conduit
[16/04/2008|17:46] C:\Program Files\DIFX
[25/07/2008|20:42] C:\Program Files\eMule
[02/04/2008|14:47] C:\Program Files\eRightSoft
[20/11/2008|20:06] C:\Program Files\Fichiers communs
[17/07/2008|09:37] C:\Program Files\Free Audio Pack
[06/05/2008|21:35] C:\Program Files\FusionSoft DVD Player XP
[21/04/2008|11:40] C:\Program Files\Google
[07/05/2008|14:32] C:\Program Files\Grisoft
[10/04/2008|11:48] C:\Program Files\GT Interactive
[16/08/2008|11:18] C:\Program Files\InstallShield Installation Information
[20/06/2008|12:44] C:\Program Files\Internet Explorer
[30/03/2008|19:46] C:\Program Files\IVCsoft
[20/07/2008|09:39] C:\Program Files\Java
[16/08/2008|11:13] C:\Program Files\Labtec
[20/06/2008|15:17] C:\Program Files\Lavalys
[26/03/2008|21:28] C:\Program Files\Lavasoft
[08/11/2008|14:50] C:\Program Files\LimeWire
[16/08/2008|11:18] C:\Program Files\Logitech
[21/03/2008|18:01] C:\Program Files\ltmoh
[02/04/2008|16:30] C:\Program Files\Magic-Radio
[08/11/2008|14:58] C:\Program Files\Malwarebytes' Anti-Malware
[02/07/2008|16:42] C:\Program Files\MediaMonkey
[02/04/2008|20:38] C:\Program Files\Messenger
[20/11/2008|22:09] C:\Program Files\Messenger Plus! Live
[20/11/2008|20:12] C:\Program Files\Microsoft
[21/03/2008|17:06] C:\Program Files\microsoft frontpage
[21/03/2008|18:41] C:\Program Files\Microsoft Office
[20/11/2008|20:14] C:\Program Files\Microsoft SQL Server Compact Edition
[21/03/2008|18:40] C:\Program Files\Microsoft Visual Studio
[21/03/2008|18:41] C:\Program Files\Microsoft Works
[21/03/2008|17:03] C:\Program Files\Movie Maker
[07/12/2008|18:57] C:\Program Files\Mozilla Firefox
[15/06/2008|10:32] C:\Program Files\mp3DirectCut
[21/03/2008|18:41] C:\Program Files\MSBuild
[21/03/2008|21:16] C:\Program Files\MSN
[21/03/2008|17:01] C:\Program Files\MSN Gaming Zone
[02/04/2008|15:53] C:\Program Files\MSXML 4.0
[11/05/2008|10:11] C:\Program Files\MSXML 6.0
[21/03/2008|17:03] C:\Program Files\NetMeeting
[03/12/2008|20:25] C:\Program Files\Nokia
[21/03/2008|17:01] C:\Program Files\Online Services
[02/04/2008|20:38] C:\Program Files\Outlook Express
[16/04/2008|17:46] C:\Program Files\PC Connectivity Solution
[04/07/2008|17:46] C:\Program Files\PC Health Optimizer Free Edition
[17/04/2008|18:09] C:\Program Files\PhotoFiltre
[30/06/2008|12:00] C:\Program Files\QuickTime
[19/11/2008|17:58] C:\Program Files\Real
[21/03/2008|17:52] C:\Program Files\Realtek
[21/03/2008|17:04] C:\Program Files\Services en ligne
[04/11/2008|19:59] C:\Program Files\SolidWorks
[08/11/2008|11:39] C:\Program Files\Sony Ericsson
[09/07/2008|15:17] C:\Program Files\SpeedFan
[26/03/2008|20:13] C:\Program Files\Spybot - Search & Destroy
[04/07/2008|11:18] C:\Program Files\Sun
[30/03/2008|19:10] C:\Program Files\Trend Micro
[21/03/2008|17:12] C:\Program Files\Uninstall Information
[18/04/2008|20:33] C:\Program Files\Valve Lan
[17/04/2008|13:55] C:\Program Files\VideoLAN
[17/07/2008|09:10] C:\Program Files\VirtualDJ
[02/07/2008|16:48] C:\Program Files\Winamp
[02/07/2008|16:46] C:\Program Files\Winamp Remote
[20/11/2008|20:15] C:\Program Files\Windows Live
[20/11/2008|20:10] C:\Program Files\Windows Media Connect 2
[21/11/2008|10:58] C:\Program Files\Windows Media Player
[21/03/2008|17:01] C:\Program Files\Windows NT
[21/03/2008|17:04] C:\Program Files\WindowsUpdate
[21/03/2008|17:06] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[21/03/2008|18:29] C:\Program Files\Fichiers communs\Bluebeam Software
[21/03/2008|18:25] C:\Program Files\Fichiers communs\Designer
[22/03/2008|13:13] C:\Program Files\Fichiers communs\InstallShield
[04/07/2008|11:16] C:\Program Files\Fichiers communs\Java
[15/08/2008|16:40] C:\Program Files\Fichiers communs\Labtec
[16/08/2008|11:18] C:\Program Files\Fichiers communs\LogiShrd
[20/11/2008|20:12] C:\Program Files\Fichiers communs\Microsoft Shared
[21/03/2008|17:03] C:\Program Files\Fichiers communs\MSSoap
[03/12/2008|20:24] C:\Program Files\Fichiers communs\Nokia
[21/03/2008|17:52] C:\Program Files\Fichiers communs\ODBC
[16/04/2008|17:47] C:\Program Files\Fichiers communs\PCSuite
[19/11/2008|17:58] C:\Program Files\Fichiers communs\Real
[21/03/2008|17:03] C:\Program Files\Fichiers communs\Services
[21/03/2008|18:20] C:\Program Files\Fichiers communs\Solidworks Data
[21/03/2008|18:26] C:\Program Files\Fichiers communs\SolidWorks Shared
[21/03/2008|17:52] C:\Program Files\Fichiers communs\SpeechEngines
[02/04/2008|20:38] C:\Program Files\Fichiers communs\System
[22/03/2008|13:14] C:\Program Files\Fichiers communs\Teleca Shared
[10/07/2008|16:21] C:\Program Files\Fichiers communs\Vbox
[20/11/2008|20:06] C:\Program Files\Fichiers communs\Windows Live
[22/03/2008|10:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[26/03/2008|21:27] C:\Program Files\Fichiers communs\Wise Installation Wizard
[19/11/2008|17:58] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 51 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Florian\Cookies\florian@bigpoint[1].txt
C:\DOCUME~1\Florian\Cookies\florian@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\Florian\Cookies\florian@adopt.euroclick[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-07 20:39:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 32
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:345][D:24]-> C:\DOCUME~1\Florian\LOCALS~1\Temp
[F:93][D:0]-> C:\DOCUME~1\Florian\Cookies
[F:2381][D:5]-> C:\DOCUME~1\Florian\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 05/11/2008|20:07 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/11/2008|10:54 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 06/12/2008|12:50 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 07/12/2008|20:40 - Option : [2]
--------------------\\ Fin du rapport a 20:40:33
a mais viens de comprendre pourquoi tu m'as dit que je devais faire attention
je ne comprends pas comment j'ai pu attrapé tout sa puisque sur le net je vais que sur des site qui sont sûr
Reposte un rapport Hijackthis.
Répondre à Angeldark
le voila :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:54:09, on 09/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Documents and Settings\Florian\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8286 bytes
Encore des soucis ?
Répondre à Angeldark
et bien non.
une fois de plus merci.
je vais vraiment faire attention maintenant.
bonne journée
Bon surf.
Répondre à Angeldark
et bien j'ai parlé trop vite 
tout est revenu je ne comprend pas ...
je remets un rapport hijackthis mais bon je crois que sa serre à rien puisque sa revient à chaque fois :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:08:29, on 11/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Florian\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Application Data\Long slow road itch\Program More.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [Barb mfcd] C:\DOCUME~1\Florian\APPLIC~1\PEAKDE~1\inter copy bib.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8732 bytes
Refais un scan Lop-SD option 1, il faut faire attention.
Répondre à Angeldark
voila
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2060 @ 1.60GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : Florian ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:73 Go (Free:56 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 13/12/2008|13:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[21/03/2008|17:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[30/06/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/06/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[21/03/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Atheros
[27/06/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[21/03/2008|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluebeam Software
[29/03/2008|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[03/12/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[30/03/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ktghsbij
[26/03/2008|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/11/2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[16/08/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[10/12/2008|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
[30/03/2008|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/03/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/11/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/06/2008|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[03/12/2008|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
[02/07/2008|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[17/04/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[22/03/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[26/03/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/03/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/04/2008|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/03/2008|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[21/03/2008|17:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/07/2008|16:31] C:\DOCUME~1\Florian\APPLIC~1\Adobe
[05/04/2008|20:34] C:\DOCUME~1\Florian\APPLIC~1\Ambient Design
[30/06/2008|12:04] C:\DOCUME~1\Florian\APPLIC~1\Apple Computer
[21/04/2008|11:41] C:\DOCUME~1\Florian\APPLIC~1\Google
[07/05/2008|14:33] C:\DOCUME~1\Florian\APPLIC~1\Grisoft
[21/03/2008|17:48] C:\DOCUME~1\Florian\APPLIC~1\Help
[21/03/2008|17:12] C:\DOCUME~1\Florian\APPLIC~1\Identities
[21/03/2008|18:03] C:\DOCUME~1\Florian\APPLIC~1\InstallShield
[16/08/2008|11:17] C:\DOCUME~1\Florian\APPLIC~1\Leadertech
[11/12/2008|16:56] C:\DOCUME~1\Florian\APPLIC~1\LimeWire
[22/03/2008|11:34] C:\DOCUME~1\Florian\APPLIC~1\Macromedia
[30/03/2008|16:37] C:\DOCUME~1\Florian\APPLIC~1\Malwarebytes
[15/08/2008|16:40] C:\DOCUME~1\Florian\APPLIC~1\Microsoft
[18/06/2008|19:31] C:\DOCUME~1\Florian\APPLIC~1\Mozilla
[21/03/2008|21:16] C:\DOCUME~1\Florian\APPLIC~1\MSNInstaller
[17/04/2008|14:29] C:\DOCUME~1\Florian\APPLIC~1\Nokia
[09/07/2008|20:19] C:\DOCUME~1\Florian\APPLIC~1\Nokia Multimedia Player
[11/05/2008|10:28] C:\DOCUME~1\Florian\APPLIC~1\PC Suite
[10/12/2008|12:33] C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date
[19/11/2008|18:03] C:\DOCUME~1\Florian\APPLIC~1\Real
[04/07/2008|18:04] C:\DOCUME~1\Florian\APPLIC~1\RetinaX
[21/03/2008|18:32] C:\DOCUME~1\Florian\APPLIC~1\SolidWorks
[06/07/2008|16:15] C:\DOCUME~1\Florian\APPLIC~1\Sun
[17/04/2008|13:58] C:\DOCUME~1\Florian\APPLIC~1\vlc
[02/07/2008|17:05] C:\DOCUME~1\Florian\APPLIC~1\Winamp
[21/03/2008|17:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/03/2008|17:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[13/12/2008 13:00][--ah-----] C:\WINDOWS\tasks\A87EF00591E16155.job
[11/12/2008 13:09][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[13/12/2008 12:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A87EF00591E16155.job )=( c:\docume~1\florian\applic~1\peakde~1\1optionsixth.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[30/03/2008|16:25] C:\Program Files\Alwil Software
[05/04/2008|20:17] C:\Program Files\Ambient Design
[30/06/2008|11:59] C:\Program Files\Apple Software Update
[21/03/2008|18:50] C:\Program Files\Atheros
[21/03/2008|17:46] C:\Program Files\ATI Technologies
[17/07/2008|09:16] C:\Program Files\Audacity
[27/06/2008|11:48] C:\Program Files\Avira
[02/04/2008|14:47] C:\Program Files\AviSynth 2.5
[21/03/2008|18:29] C:\Program Files\Bluebeam Software
[22/07/2008|12:32] C:\Program Files\Capturino 1.4
[30/03/2008|19:16] C:\Program Files\CCleaner
[10/12/2008|12:32] C:\Program Files\Circle Developement
[21/03/2008|17:01] C:\Program Files\ComPlus Applications
[02/04/2008|16:30] C:\Program Files\Conduit
[16/04/2008|17:46] C:\Program Files\DIFX
[25/07/2008|20:42] C:\Program Files\eMule
[02/04/2008|14:47] C:\Program Files\eRightSoft
[20/11/2008|20:06] C:\Program Files\Fichiers communs
[17/07/2008|09:37] C:\Program Files\Free Audio Pack
[06/05/2008|21:35] C:\Program Files\FusionSoft DVD Player XP
[21/04/2008|11:40] C:\Program Files\Google
[07/05/2008|14:32] C:\Program Files\Grisoft
[10/04/2008|11:48] C:\Program Files\GT Interactive
[16/08/2008|11:18] C:\Program Files\InstallShield Installation Information
[20/06/2008|12:44] C:\Program Files\Internet Explorer
[30/03/2008|19:46] C:\Program Files\IVCsoft
[20/07/2008|09:39] C:\Program Files\Java
[16/08/2008|11:13] C:\Program Files\Labtec
[20/06/2008|15:17] C:\Program Files\Lavalys
[26/03/2008|21:28] C:\Program Files\Lavasoft
[08/11/2008|14:50] C:\Program Files\LimeWire
[16/08/2008|11:18] C:\Program Files\Logitech
[21/03/2008|18:01] C:\Program Files\ltmoh
[02/04/2008|16:30] C:\Program Files\Magic-Radio
[08/11/2008|14:58] C:\Program Files\Malwarebytes' Anti-Malware
[02/07/2008|16:42] C:\Program Files\MediaMonkey
[02/04/2008|20:38] C:\Program Files\Messenger
[10/12/2008|12:32] C:\Program Files\Messenger Plus! Live
[20/11/2008|20:12] C:\Program Files\Microsoft
[21/03/2008|17:06] C:\Program Files\microsoft frontpage
[21/03/2008|18:41] C:\Program Files\Microsoft Office
[20/11/2008|20:14] C:\Program Files\Microsoft SQL Server Compact Edition
[21/03/2008|18:40] C:\Program Files\Microsoft Visual Studio
[21/03/2008|18:41] C:\Program Files\Microsoft Works
[21/03/2008|17:03] C:\Program Files\Movie Maker
[13/12/2008|12:33] C:\Program Files\Mozilla Firefox
[15/06/2008|10:32] C:\Program Files\mp3DirectCut
[21/03/2008|18:41] C:\Program Files\MSBuild
[21/03/2008|21:16] C:\Program Files\MSN
[21/03/2008|17:01] C:\Program Files\MSN Gaming Zone
[02/04/2008|15:53] C:\Program Files\MSXML 4.0
[11/05/2008|10:11] C:\Program Files\MSXML 6.0
[21/03/2008|17:03] C:\Program Files\NetMeeting
[03/12/2008|20:25] C:\Program Files\Nokia
[21/03/2008|17:01] C:\Program Files\Online Services
[02/04/2008|20:38] C:\Program Files\Outlook Express
[16/04/2008|17:46] C:\Program Files\PC Connectivity Solution
[04/07/2008|17:46] C:\Program Files\PC Health Optimizer Free Edition
[10/12/2008|12:32] C:\Program Files\Peak Dead Date
[17/04/2008|18:09] C:\Program Files\PhotoFiltre
[30/06/2008|12:00] C:\Program Files\QuickTime
[19/11/2008|17:58] C:\Program Files\Real
[21/03/2008|17:52] C:\Program Files\Realtek
[21/03/2008|17:04] C:\Program Files\Services en ligne
[04/11/2008|19:59] C:\Program Files\SolidWorks
[08/11/2008|11:39] C:\Program Files\Sony Ericsson
[09/07/2008|15:17] C:\Program Files\SpeedFan
[26/03/2008|20:13] C:\Program Files\Spybot - Search & Destroy
[04/07/2008|11:18] C:\Program Files\Sun
[30/03/2008|19:10] C:\Program Files\Trend Micro
[21/03/2008|17:12] C:\Program Files\Uninstall Information
[18/04/2008|20:33] C:\Program Files\Valve Lan
[17/04/2008|13:55] C:\Program Files\VideoLAN
[17/07/2008|09:10] C:\Program Files\VirtualDJ
[02/07/2008|16:48] C:\Program Files\Winamp
[02/07/2008|16:46] C:\Program Files\Winamp Remote
[20/11/2008|20:15] C:\Program Files\Windows Live
[20/11/2008|20:10] C:\Program Files\Windows Media Connect 2
[21/11/2008|10:58] C:\Program Files\Windows Media Player
[21/03/2008|17:01] C:\Program Files\Windows NT
[21/03/2008|17:04] C:\Program Files\WindowsUpdate
[21/03/2008|17:06] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[21/03/2008|18:29] C:\Program Files\Fichiers communs\Bluebeam Software
[21/03/2008|18:25] C:\Program Files\Fichiers communs\Designer
[22/03/2008|13:13] C:\Program Files\Fichiers communs\InstallShield
[04/07/2008|11:16] C:\Program Files\Fichiers communs\Java
[15/08/2008|16:40] C:\Program Files\Fichiers communs\Labtec
[16/08/2008|11:18] C:\Program Files\Fichiers communs\LogiShrd
[20/11/2008|20:12] C:\Program Files\Fichiers communs\Microsoft Shared
[21/03/2008|17:03] C:\Program Files\Fichiers communs\MSSoap
[03/12/2008|20:24] C:\Program Files\Fichiers communs\Nokia
[21/03/2008|17:52] C:\Program Files\Fichiers communs\ODBC
[16/04/2008|17:47] C:\Program Files\Fichiers communs\PCSuite
[19/11/2008|17:58] C:\Program Files\Fichiers communs\Real
[21/03/2008|17:03] C:\Program Files\Fichiers communs\Services
[21/03/2008|18:20] C:\Program Files\Fichiers communs\Solidworks Data
[21/03/2008|18:26] C:\Program Files\Fichiers communs\SolidWorks Shared
[21/03/2008|17:52] C:\Program Files\Fichiers communs\SpeechEngines
[02/04/2008|20:38] C:\Program Files\Fichiers communs\System
[22/03/2008|13:14] C:\Program Files\Fichiers communs\Teleca Shared
[10/07/2008|16:21] C:\Program Files\Fichiers communs\Vbox
[20/11/2008|20:06] C:\Program Files\Fichiers communs\Windows Live
[22/03/2008|10:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[26/03/2008|21:27] C:\Program Files\Fichiers communs\Wise Installation Wizard
[19/11/2008|17:58] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 51 Processes )
IEXPLORE.EXE ~ [PID:812]
IEXPLORE.EXE ~ [PID:1592]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch\Program More.exe
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\1optionsixth.exe
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\inter copy bib.exe
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\Nurb time mode bags.exe
C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\tondgtob.exe
C:\Program Files\Peak Dead Date
C:\DOCUME~1\Florian\APPLIC~1\peakde~1
C:\DOCUME~1\Florian\APPLIC~1\peakde~1\1optionsixth.exe
C:\DOCUME~1\Florian\APPLIC~1\peakde~1\inter copy bib.exe
C:\DOCUME~1\Florian\APPLIC~1\peakde~1\Nurb time mode bags.exe
C:\DOCUME~1\Florian\APPLIC~1\peakde~1\tondgtob.exe
C:\Program Files\peakde~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\Florian\Cookies\florian@bigpoint[1].txt
C:\DOCUME~1\Florian\Cookies\florian@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\Florian\Cookies\florian@adopt.euroclick[1].txt
C:\DOCUME~1\Florian\Cookies\florian@pacificpoker[1].txt
C:\DOCUME~1\Florian\Cookies\florian@partypoker[1].txt
C:\WINDOWS\Tasks\A87EF00591E16155.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Barb mfcd"="C:\\DOCUME~1\\Florian\\APPLIC~1\\PEAKDE~1\\inter copy bib.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ROAD ITCH AMOK PING"="C:\\Documents and Settings\\All Users\\Application Data\\Long slow road itch\\Program More.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-13 13:24:36
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 32
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:89][D:6]-> C:\DOCUME~1\Florian\LOCALS~1\Temp
[F:51][D:0]-> C:\DOCUME~1\Florian\Cookies
[F:529][D:4]-> C:\DOCUME~1\Florian\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 05/11/2008|20:07 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/11/2008|10:54 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 06/12/2008|12:50 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 07/12/2008|20:40 - Option : [2]
5 - "C:\Lop SD\LopR_5.txt" - 13/12/2008|13:26 - Option : [1]
--------------------\\ Fin du rapport a 13:26:05
Option 2 
Répondre à Angeldark
voici le rapport :
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2060 @ 1.60GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : Florian ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:73 Go (Free:56 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 13/12/2008|14:57 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch\Program More.exe
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\1optionsixth.exe
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\inter copy bib.exe
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\Nurb time mode bags.exe
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date\tondgtob.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\Florian\Cookies\florian@bigpoint[1].txt
Supprime! - C:\DOCUME~1\Florian\Cookies\florian@fr.xblaster.bigpoint[1].txt
Supprime! - C:\DOCUME~1\Florian\Cookies\florian@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Florian\Cookies\florian@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\Florian\Cookies\florian@partypoker[1].txt
Supprime! - C:\WINDOWS\Tasks\A87EF00591E16155.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
Supprime! - C:\DOCUME~1\Florian\APPLIC~1\Peak Dead Date
Supprime! - C:\Program Files\Peak Dead Date
Supprime! - C:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[21/03/2008|17:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[30/06/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/06/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[21/03/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Atheros
[27/06/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[21/03/2008|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluebeam Software
[29/03/2008|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[03/12/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[30/03/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ktghsbij
[26/03/2008|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/11/2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[16/08/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[30/03/2008|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/03/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/11/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/06/2008|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[03/12/2008|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
[02/07/2008|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[17/04/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[22/03/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[26/03/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/03/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/04/2008|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/03/2008|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[21/03/2008|17:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/07/2008|16:31] C:\DOCUME~1\Florian\APPLIC~1\Adobe
[05/04/2008|20:34] C:\DOCUME~1\Florian\APPLIC~1\Ambient Design
[30/06/2008|12:04] C:\DOCUME~1\Florian\APPLIC~1\Apple Computer
[21/04/2008|11:41] C:\DOCUME~1\Florian\APPLIC~1\Google
[07/05/2008|14:33] C:\DOCUME~1\Florian\APPLIC~1\Grisoft
[21/03/2008|17:48] C:\DOCUME~1\Florian\APPLIC~1\Help
[21/03/2008|17:12] C:\DOCUME~1\Florian\APPLIC~1\Identities
[21/03/2008|18:03] C:\DOCUME~1\Florian\APPLIC~1\InstallShield
[16/08/2008|11:17] C:\DOCUME~1\Florian\APPLIC~1\Leadertech
[11/12/2008|16:56] C:\DOCUME~1\Florian\APPLIC~1\LimeWire
[22/03/2008|11:34] C:\DOCUME~1\Florian\APPLIC~1\Macromedia
[30/03/2008|16:37] C:\DOCUME~1\Florian\APPLIC~1\Malwarebytes
[15/08/2008|16:40] C:\DOCUME~1\Florian\APPLIC~1\Microsoft
[18/06/2008|19:31] C:\DOCUME~1\Florian\APPLIC~1\Mozilla
[21/03/2008|21:16] C:\DOCUME~1\Florian\APPLIC~1\MSNInstaller
[17/04/2008|14:29] C:\DOCUME~1\Florian\APPLIC~1\Nokia
[09/07/2008|20:19] C:\DOCUME~1\Florian\APPLIC~1\Nokia Multimedia Player
[11/05/2008|10:28] C:\DOCUME~1\Florian\APPLIC~1\PC Suite
[19/11/2008|18:03] C:\DOCUME~1\Florian\APPLIC~1\Real
[04/07/2008|18:04] C:\DOCUME~1\Florian\APPLIC~1\RetinaX
[21/03/2008|18:32] C:\DOCUME~1\Florian\APPLIC~1\SolidWorks
[06/07/2008|16:15] C:\DOCUME~1\Florian\APPLIC~1\Sun
[17/04/2008|13:58] C:\DOCUME~1\Florian\APPLIC~1\vlc
[02/07/2008|17:05] C:\DOCUME~1\Florian\APPLIC~1\Winamp
[21/03/2008|17:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/03/2008|17:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[11/12/2008 13:09][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[13/12/2008 14:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/03/2008|16:25] C:\Program Files\Alwil Software
[05/04/2008|20:17] C:\Program Files\Ambient Design
[30/06/2008|11:59] C:\Program Files\Apple Software Update
[21/03/2008|18:50] C:\Program Files\Atheros
[21/03/2008|17:46] C:\Program Files\ATI Technologies
[17/07/2008|09:16] C:\Program Files\Audacity
[27/06/2008|11:48] C:\Program Files\Avira
[02/04/2008|14:47] C:\Program Files\AviSynth 2.5
[21/03/2008|18:29] C:\Program Files\Bluebeam Software
[22/07/2008|12:32] C:\Program Files\Capturino 1.4
[30/03/2008|19:16] C:\Program Files\CCleaner
[21/03/2008|17:01] C:\Program Files\ComPlus Applications
[02/04/2008|16:30] C:\Program Files\Conduit
[16/04/2008|17:46] C:\Program Files\DIFX
[25/07/2008|20:42] C:\Program Files\eMule
[02/04/2008|14:47] C:\Program Files\eRightSoft
[20/11/2008|20:06] C:\Program Files\Fichiers communs
[17/07/2008|09:37] C:\Program Files\Free Audio Pack
[06/05/2008|21:35] C:\Program Files\FusionSoft DVD Player XP
[21/04/2008|11:40] C:\Program Files\Google
[07/05/2008|14:32] C:\Program Files\Grisoft
[10/04/2008|11:48] C:\Program Files\GT Interactive
[16/08/2008|11:18] C:\Program Files\InstallShield Installation Information
[20/06/2008|12:44] C:\Program Files\Internet Explorer
[30/03/2008|19:46] C:\Program Files\IVCsoft
[20/07/2008|09:39] C:\Program Files\Java
[16/08/2008|11:13] C:\Program Files\Labtec
[20/06/2008|15:17] C:\Program Files\Lavalys
[26/03/2008|21:28] C:\Program Files\Lavasoft
[08/11/2008|14:50] C:\Program Files\LimeWire
[16/08/2008|11:18] C:\Program Files\Logitech
[21/03/2008|18:01] C:\Program Files\ltmoh
[02/04/2008|16:30] C:\Program Files\Magic-Radio
[08/11/2008|14:58] C:\Program Files\Malwarebytes' Anti-Malware
[02/07/2008|16:42] C:\Program Files\MediaMonkey
[02/04/2008|20:38] C:\Program Files\Messenger
[10/12/2008|12:32] C:\Program Files\Messenger Plus! Live
[20/11/2008|20:12] C:\Program Files\Microsoft
[21/03/2008|17:06] C:\Program Files\microsoft frontpage
[21/03/2008|18:41] C:\Program Files\Microsoft Office
[20/11/2008|20:14] C:\Program Files\Microsoft SQL Server Compact Edition
[21/03/2008|18:40] C:\Program Files\Microsoft Visual Studio
[21/03/2008|18:41] C:\Program Files\Microsoft Works
[21/03/2008|17:03] C:\Program Files\Movie Maker
[13/12/2008|14:44] C:\Program Files\Mozilla Firefox
[15/06/2008|10:32] C:\Program Files\mp3DirectCut
[21/03/2008|18:41] C:\Program Files\MSBuild
[21/03/2008|21:16] C:\Program Files\MSN
[21/03/2008|17:01] C:\Program Files\MSN Gaming Zone
[02/04/2008|15:53] C:\Program Files\MSXML 4.0
[11/05/2008|10:11] C:\Program Files\MSXML 6.0
[21/03/2008|17:03] C:\Program Files\NetMeeting
[03/12/2008|20:25] C:\Program Files\Nokia
[21/03/2008|17:01] C:\Program Files\Online Services
[02/04/2008|20:38] C:\Program Files\Outlook Express
[16/04/2008|17:46] C:\Program Files\PC Connectivity Solution
[04/07/2008|17:46] C:\Program Files\PC Health Optimizer Free Edition
[17/04/2008|18:09] C:\Program Files\PhotoFiltre
[30/06/2008|12:00] C:\Program Files\QuickTime
[19/11/2008|17:58] C:\Program Files\Real
[21/03/2008|17:52] C:\Program Files\Realtek
[21/03/2008|17:04] C:\Program Files\Services en ligne
[04/11/2008|19:59] C:\Program Files\SolidWorks
[08/11/2008|11:39] C:\Program Files\Sony Ericsson
[09/07/2008|15:17] C:\Program Files\SpeedFan
[26/03/2008|20:13] C:\Program Files\Spybot - Search & Destroy
[04/07/2008|11:18] C:\Program Files\Sun
[30/03/2008|19:10] C:\Program Files\Trend Micro
[21/03/2008|17:12] C:\Program Files\Uninstall Information
[18/04/2008|20:33] C:\Program Files\Valve Lan
[17/04/2008|13:55] C:\Program Files\VideoLAN
[17/07/2008|09:10] C:\Program Files\VirtualDJ
[02/07/2008|16:48] C:\Program Files\Winamp
[02/07/2008|16:46] C:\Program Files\Winamp Remote
[20/11/2008|20:15] C:\Program Files\Windows Live
[20/11/2008|20:10] C:\Program Files\Windows Media Connect 2
[21/11/2008|10:58] C:\Program Files\Windows Media Player
[21/03/2008|17:01] C:\Program Files\Windows NT
[21/03/2008|17:04] C:\Program Files\WindowsUpdate
[21/03/2008|17:06] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[21/03/2008|18:29] C:\Program Files\Fichiers communs\Bluebeam Software
[21/03/2008|18:25] C:\Program Files\Fichiers communs\Designer
[22/03/2008|13:13] C:\Program Files\Fichiers communs\InstallShield
[04/07/2008|11:16] C:\Program Files\Fichiers communs\Java
[15/08/2008|16:40] C:\Program Files\Fichiers communs\Labtec
[16/08/2008|11:18] C:\Program Files\Fichiers communs\LogiShrd
[20/11/2008|20:12] C:\Program Files\Fichiers communs\Microsoft Shared
[21/03/2008|17:03] C:\Program Files\Fichiers communs\MSSoap
[03/12/2008|20:24] C:\Program Files\Fichiers communs\Nokia
[21/03/2008|17:52] C:\Program Files\Fichiers communs\ODBC
[16/04/2008|17:47] C:\Program Files\Fichiers communs\PCSuite
[19/11/2008|17:58] C:\Program Files\Fichiers communs\Real
[21/03/2008|17:03] C:\Program Files\Fichiers communs\Services
[21/03/2008|18:20] C:\Program Files\Fichiers communs\Solidworks Data
[21/03/2008|18:26] C:\Program Files\Fichiers communs\SolidWorks Shared
[21/03/2008|17:52] C:\Program Files\Fichiers communs\SpeechEngines
[02/04/2008|20:38] C:\Program Files\Fichiers communs\System
[22/03/2008|13:14] C:\Program Files\Fichiers communs\Teleca Shared
[10/07/2008|16:21] C:\Program Files\Fichiers communs\Vbox
[20/11/2008|20:06] C:\Program Files\Fichiers communs\Windows Live
[22/03/2008|10:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[26/03/2008|21:27] C:\Program Files\Fichiers communs\Wise Installation Wizard
[19/11/2008|17:58] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 52 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-13 14:59:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 32
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:89][D:6]-> C:\DOCUME~1\Florian\LOCALS~1\Temp
[F:46][D:0]-> C:\DOCUME~1\Florian\Cookies
[F:537][D:4]-> C:\DOCUME~1\Florian\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 05/11/2008|20:07 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/11/2008|10:54 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 06/12/2008|12:50 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 07/12/2008|20:40 - Option : [2]
5 - "C:\Lop SD\LopR_5.txt" - 13/12/2008|13:26 - Option : [1]
6 - "C:\Lop SD\LopR_6.txt" - 13/12/2008|15:00 - Option : [2]
--------------------\\ Fin du rapport a 15:00:36
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:59:57, on 13/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Florian\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8250 bytes
Apparemment ok.
Répondre à Angeldark
bonjour !
voici le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:23:47, on 17/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Florian\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8387 bytes
Pourquoi tu as reposté un rapport ?
Répondre à Angeldark
Il y a 569 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
