-----------------------[ Lop S&D 4.1.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ]
[ 19/04/2008 | 9:43:15,75 ] [ PC : ANGY ]
[ MAJ : 17-04-2008 | 19:51 ]
-------------[ Listing des dossiers dans Application Data ]------------
[16/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[16/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/01/2004|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/05/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
[04/08/2007|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
[12/12/2006|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender(2)
[01/01/2004|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[26/03/2008|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/05/2007|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[08/04/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[01/01/2004|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[19/03/2007|23:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[29/10/2007|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[19/03/2007|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/10/2007|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/01/2004|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[09/08/2007|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[01/01/2004|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2004|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/05/2007|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[02/03/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\up inter 64 dumb
[12/12/2006|00:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[12/12/2006|02:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[06/05/2007|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[06/05/2007|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[01/01/2004|16:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/01/2004|16:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|18:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[01/01/2004|17:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|19:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|17:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|23:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/01/2004|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[01/01/2004|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[06/05/2007|11:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[01/01/2004|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2004|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[01/01/2004|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[01/01/2004|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[17/04/2008|09:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[17/04/2008|09:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[21/04/2007|17:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\.ABC
[05/03/2008|16:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\7z.dll
[05/03/2008|16:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\7z.exe
[10/02/2008|18:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[28/09/2007|15:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[09/08/2007|21:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[14/12/2006|00:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[12/09/2007|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\ATI
[29/03/2008|11:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVG7
[04/08/2007|14:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Babylon
[11/12/2006|19:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bitdefender
[21/04/2007|16:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitTorrent
[26/10/2007|08:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\DataCast
[01/01/2004|16:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[07/05/2007|20:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[01/08/2007|16:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[01/01/2004|16:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[26/10/2007|08:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[06/05/2007|10:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intervideo
[06/03/2007|18:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[13/12/2006|23:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[17/11/2007|22:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[01/05/2007|21:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Motive
[11/12/2006|21:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[04/04/2008|19:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[01/01/2004|19:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
[04/11/2007|10:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Samsung
[09/03/2007|19:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender
[12/09/2007|16:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
[27/12/2006|14:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\SEGA
[05/03/2008|16:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\serial2.dat
[05/03/2008|16:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\serial2.zip
[02/04/2008|14:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time
[11/12/2006|18:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[28/10/2007|15:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sports Interactive
[01/01/2004|17:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[01/01/2004|23:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[11/12/2006|21:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback
[06/03/2007|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\U3
[06/01/2008|01:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[09/02/2007|20:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\wunauclt.tbe
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[19/04/2008 08:56][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[12/02/2004 13:27][-rah-----] C:\WINDOWS\tasks\desktop.ini
[19/04/2008 06:56][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[17/04/2008|09:11] C:\Program Files\.
[17/04/2008|09:11] C:\Program Files\..
[14/04/2008|10:31] C:\Program Files\Ad-aware 6
[09/08/2007|11:47] C:\Program Files\Adobe
[08/04/2008|21:28] C:\Program Files\AGEIA Technologies
[12/09/2007|15:56] C:\Program Files\Alcohol 120
[12/09/2007|18:43] C:\Program Files\ATI Technologies
[04/08/2007|14:02] C:\Program Files\Babylon Pro Setup
[05/03/2008|17:41] C:\Program Files\Boonty
[05/03/2008|17:37] C:\Program Files\BoontyGames
[23/01/2007|21:50] C:\Program Files\Canon
[12/09/2007|16:31] C:\Program Files\CAPCOM
[01/01/2004|18:18] C:\Program Files\Common Files
[17/11/2007|20:52] C:\Program Files\DAEMON Tools
[09/08/2007|21:33] C:\Program Files\DivX
[01/08/2007|15:49] C:\Program Files\DXBall2
[05/06/2007|11:01] C:\Program Files\Easy Internet signup
[05/07/2007|01:23] C:\Program Files\EasyCleaner
[18/04/2008|09:49] C:\Program Files\eMule
[06/05/2007|12:56] C:\Program Files\Eurobarre
[21/09/2007|16:57] C:\Program Files\Eva Cash
[10/04/2008|14:17] C:\Program Files\Evil Under the Sun
[06/03/2007|18:35] C:\Program Files\Executive Software
[16/04/2008|20:00] C:\Program Files\Fichiers communs
[08/04/2008|21:26] C:\Program Files\Focus
[29/03/2008|11:18] C:\Program Files\Google
[16/01/2007|09:56] C:\Program Files\Grisoft
[05/03/2008|16:57] C:\Program Files\inc1.bat
[08/04/2008|21:41] C:\Program Files\InstallShield Installation Information
[09/04/2008|08:17] C:\Program Files\Internet Explorer
[20/01/2008|09:06] C:\Program Files\InterVideo
[26/03/2008|06:33] C:\Program Files\Java
[20/01/2008|09:07] C:\Program Files\Kyodai
[08/04/2008|21:20] C:\Program Files\La nuit des sacrifies
[11/04/2008|16:06] C:\Program Files\Les Sims 2
[18/04/2008|14:45] C:\Program Files\Ludiclub
[26/10/2007|08:39] C:\Program Files\MarkAny
[14/05/2007|16:40] C:\Program Files\messenger
[31/03/2008|10:20] C:\Program Files\Messenger Plus! Live
[12/12/2006|02:15] C:\Program Files\MessengerPlus! 3
[01/01/2004|16:47] C:\Program Files\microsoft frontpage
[06/05/2007|15:22] C:\Program Files\Movie Maker
[19/04/2008|09:40] C:\Program Files\Mozilla Firefox
[01/01/2004|16:43] C:\Program Files\MSN
[08/05/2007|21:34] C:\Program Files\MSN BackUp
[01/01/2004|16:43] C:\Program Files\MSN Gaming Zone
[31/03/2008|10:19] C:\Program Files\MSN Messenger
[10/08/2007|05:40] C:\Program Files\MSXML 4.0
[09/08/2007|21:55] C:\Program Files\Nero
[06/05/2007|15:21] C:\Program Files\NetMeeting
[12/06/2007|21:21] C:\Program Files\NOCD Penumbra Overture crack.exe
[13/12/2006|12:05] C:\Program Files\NUMERICABLE
[04/04/2008|19:43] C:\Program Files\OpenOffice.org 2.4
[14/06/2007|00:17] C:\Program Files\Outlook Express
[05/03/2008|16:55] C:\Program Files\Penumbra Overture crack.exe
[01/01/2004|18:58] C:\Program Files\Presario PC Help
[13/12/2007|13:14] C:\Program Files\Project64 v1.5
[01/01/2004|18:35] C:\Program Files\QuickTime
[06/05/2007|10:50] C:\Program Files\RecordNow!
[04/08/2007|22:25] C:\Program Files\ReflexiveArcade
[16/09/2007|12:46] C:\Program Files\Ricochet Xtreme
[01/01/2004|19:03] C:\Program Files\Services en ligne
[09/08/2007|21:41] C:\Program Files\SLD Codec Pack
[05/03/2008|16:57] C:\Program Files\sleep.bat
[25/02/2008|08:28] C:\Program Files\Slow Wma Time
[11/12/2006|18:39] C:\Program Files\Sonic
[28/10/2007|15:17] C:\Program Files\Sports Interactive
[25/02/2008|14:50] C:\Program Files\TAROTPRO992
[12/06/2007|21:21] C:\Program Files\temp1.exe
[05/03/2008|16:57] C:\Program Files\temp2.exe
[05/03/2008|16:57] C:\Program Files\temp3.exe
[10/04/2008|14:18] C:\Program Files\The Adventure Company
[01/08/2007|17:29] C:\Program Files\The Bitmap Brothers
[06/05/2007|12:54] C:\Program Files\ToniArts
[06/05/2007|13:37] C:\Program Files\Uninstall Information
[27/12/2006|14:47] C:\Program Files\VID_0E8F&PID_0003
[02/12/2007|18:24] C:\Program Files\VideoLAN
[05/03/2008|16:55] C:\Program Files\Win.All Penumbra Overture crack.exe
[03/06/2007|20:24] C:\Program Files\Windows Live
[12/12/2006|02:03] C:\Program Files\Windows Live Favorites
[12/12/2006|02:03] C:\Program Files\Windows Live Toolbar
[21/01/2007|02:09] C:\Program Files\Windows Media Connect 2
[06/05/2007|16:06] C:\Program Files\Windows Media Player
[06/05/2007|15:21] C:\Program Files\Windows NT
[06/05/2007|11:25] C:\Program Files\WindowsUpdate
[22/02/2007|09:26] C:\Program Files\WinRAR
[01/01/2004|16:47] C:\Program Files\xerox
[11/12/2006|20:41] C:\Program Files\xp-AntiSpy
[04/08/2007|13:41] C:\Program Files\Zapu
[16/04/2008|20:07] C:\Program Files\ZebHelpProcess 2
[28/10/2007|15:17] C:\Program Files\Zero G Registry
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[16/04/2008|20:00] C:\Program Files\Fichiers communs\.
[16/04/2008|20:00] C:\Program Files\Fichiers communs\..
[12/12/2006|18:31] C:\Program Files\Fichiers communs\Adobe
[09/08/2007|21:55] C:\Program Files\Fichiers communs\Ahead
[28/12/2006|01:04] C:\Program Files\Fichiers communs\ATI Technologies
[16/04/2008|20:00] C:\Program Files\Fichiers communs\Borland Shared
[01/06/2007|21:29] C:\Program Files\Fichiers communs\DirectX
[08/04/2008|21:26] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|17:28] C:\Program Files\Fichiers communs\Java
[01/01/2004|18:18] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2004|16:44] C:\Program Files\Fichiers communs\MSSoap
[01/01/2004|16:40] C:\Program Files\Fichiers communs\ODBC
[06/05/2007|19:38] C:\Program Files\Fichiers communs\Services
[16/01/2007|09:41] C:\Program Files\Fichiers communs\Softwin
[11/12/2006|18:40] C:\Program Files\Fichiers communs\Sonic
[01/01/2004|16:40] C:\Program Files\Fichiers communs\SpeechEngines
[06/05/2007|10:50] C:\Program Files\Fichiers communs\SureThing Shared
[14/06/2007|00:17] C:\Program Files\Fichiers communs\System
[08/04/2008|21:28] C:\Program Files\Fichiers communs\Wise Installation Wizard
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time
C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time\rhyccpsa.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time\Soap4BarbHtm.exe
C:\Program Files\Slow Wma Time
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-19 09:43:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:158][Doss:6] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
/!\ [Fich:57][Doss:0] C:\DOCUME~1\PROPRI~1\Cookies
/!\ [Fich:2885][Doss:11] C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 9:45:43,04 ]----------------------
voilà..
hijackthis
Modérateur: Modérateurs
Règles du forum
Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
Un topic par machine, chacun crée le sien. 
Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles). Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications). Un topic par machine, chacun crée le sien.
28 messages
• Page 2 sur 2 • 1, 2
Re: hijackthis
par angy69 » 19 Avr 2008 08:48
- angy69
- Messages: 15
- Inscription: 16 Avr 2008 13:03
Re: hijackthis
par Falkra » 19 Avr 2008 11:11
C'est bon, pour un des deux :
Relance Lop S&D
(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Relance Lop S&D
- Choisis cette fois ci l'Option 2 ( Suppression )
- Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré ( C:\lopR.txt )
(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: hijackthis
par angy69 » 19 Avr 2008 15:05
-----------------------[ Lop S&D 4.1.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ]
[ 19/04/2008 | 16:01:15,60 ] [ PC : ANGY ]
[ MAJ : 17-04-2008 | 19:51 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time\rhyccpsa.exe
Supprimé! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time\Soap4BarbHtm.exe
Supprimé! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time
Supprimé! - C:\Program Files\Slow Wma Time
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[16/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[16/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/01/2004|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/05/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
[04/08/2007|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
[12/12/2006|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender(2)
[01/01/2004|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[26/03/2008|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/05/2007|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[08/04/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[01/01/2004|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[19/03/2007|23:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[29/10/2007|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[19/03/2007|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/10/2007|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/01/2004|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[09/08/2007|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[01/01/2004|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2004|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/05/2007|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[02/03/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\up inter 64 dumb
[12/12/2006|00:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[12/12/2006|02:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[06/05/2007|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[06/05/2007|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[01/01/2004|16:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/01/2004|16:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|18:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[01/01/2004|17:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|19:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|17:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|23:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/01/2004|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[01/01/2004|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[06/05/2007|11:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[01/01/2004|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2004|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[01/01/2004|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[01/01/2004|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/04/2008|16:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[19/04/2008|16:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[21/04/2007|17:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\.ABC
[05/03/2008|16:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\7z.dll
[05/03/2008|16:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\7z.exe
[10/02/2008|18:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[28/09/2007|15:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[09/08/2007|21:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[14/12/2006|00:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[12/09/2007|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\ATI
[29/03/2008|11:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVG7
[04/08/2007|14:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Babylon
[11/12/2006|19:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bitdefender
[21/04/2007|16:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitTorrent
[26/10/2007|08:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\DataCast
[01/01/2004|16:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[07/05/2007|20:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[01/08/2007|16:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[01/01/2004|16:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[26/10/2007|08:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[06/05/2007|10:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intervideo
[06/03/2007|18:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[13/12/2006|23:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[17/11/2007|22:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[01/05/2007|21:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Motive
[11/12/2006|21:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[04/04/2008|19:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[01/01/2004|19:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
[04/11/2007|10:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Samsung
[09/03/2007|19:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender
[12/09/2007|16:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
[27/12/2006|14:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\SEGA
[05/03/2008|16:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\serial2.dat
[05/03/2008|16:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\serial2.zip
[11/12/2006|18:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[28/10/2007|15:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sports Interactive
[01/01/2004|17:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[01/01/2004|23:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[11/12/2006|21:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback
[06/03/2007|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\U3
[06/01/2008|01:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[09/02/2007|20:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\wunauclt.tbe
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[19/04/2008 15:56][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[12/02/2004 13:27][-rah-----] C:\WINDOWS\tasks\desktop.ini
[19/04/2008 06:56][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[19/04/2008|16:01] C:\Program Files\.
[19/04/2008|16:01] C:\Program Files\..
[14/04/2008|10:31] C:\Program Files\Ad-aware 6
[09/08/2007|11:47] C:\Program Files\Adobe
[08/04/2008|21:28] C:\Program Files\AGEIA Technologies
[12/09/2007|15:56] C:\Program Files\Alcohol 120
[12/09/2007|18:43] C:\Program Files\ATI Technologies
[04/08/2007|14:02] C:\Program Files\Babylon Pro Setup
[05/03/2008|17:41] C:\Program Files\Boonty
[05/03/2008|17:37] C:\Program Files\BoontyGames
[23/01/2007|21:50] C:\Program Files\Canon
[12/09/2007|16:31] C:\Program Files\CAPCOM
[01/01/2004|18:18] C:\Program Files\Common Files
[17/11/2007|20:52] C:\Program Files\DAEMON Tools
[09/08/2007|21:33] C:\Program Files\DivX
[01/08/2007|15:49] C:\Program Files\DXBall2
[05/06/2007|11:01] C:\Program Files\Easy Internet signup
[05/07/2007|01:23] C:\Program Files\EasyCleaner
[18/04/2008|09:49] C:\Program Files\eMule
[06/05/2007|12:56] C:\Program Files\Eurobarre
[21/09/2007|16:57] C:\Program Files\Eva Cash
[10/04/2008|14:17] C:\Program Files\Evil Under the Sun
[06/03/2007|18:35] C:\Program Files\Executive Software
[16/04/2008|20:00] C:\Program Files\Fichiers communs
[08/04/2008|21:26] C:\Program Files\Focus
[29/03/2008|11:18] C:\Program Files\Google
[16/01/2007|09:56] C:\Program Files\Grisoft
[05/03/2008|16:57] C:\Program Files\inc1.bat
[08/04/2008|21:41] C:\Program Files\InstallShield Installation Information
[09/04/2008|08:17] C:\Program Files\Internet Explorer
[20/01/2008|09:06] C:\Program Files\InterVideo
[26/03/2008|06:33] C:\Program Files\Java
[20/01/2008|09:07] C:\Program Files\Kyodai
[08/04/2008|21:20] C:\Program Files\La nuit des sacrifies
[11/04/2008|16:06] C:\Program Files\Les Sims 2
[18/04/2008|14:45] C:\Program Files\Ludiclub
[26/10/2007|08:39] C:\Program Files\MarkAny
[14/05/2007|16:40] C:\Program Files\messenger
[31/03/2008|10:20] C:\Program Files\Messenger Plus! Live
[12/12/2006|02:15] C:\Program Files\MessengerPlus! 3
[01/01/2004|16:47] C:\Program Files\microsoft frontpage
[06/05/2007|15:22] C:\Program Files\Movie Maker
[19/04/2008|09:40] C:\Program Files\Mozilla Firefox
[01/01/2004|16:43] C:\Program Files\MSN
[08/05/2007|21:34] C:\Program Files\MSN BackUp
[01/01/2004|16:43] C:\Program Files\MSN Gaming Zone
[31/03/2008|10:19] C:\Program Files\MSN Messenger
[10/08/2007|05:40] C:\Program Files\MSXML 4.0
[09/08/2007|21:55] C:\Program Files\Nero
[06/05/2007|15:21] C:\Program Files\NetMeeting
[12/06/2007|21:21] C:\Program Files\NOCD Penumbra Overture crack.exe
[13/12/2006|12:05] C:\Program Files\NUMERICABLE
[04/04/2008|19:43] C:\Program Files\OpenOffice.org 2.4
[14/06/2007|00:17] C:\Program Files\Outlook Express
[05/03/2008|16:55] C:\Program Files\Penumbra Overture crack.exe
[01/01/2004|18:58] C:\Program Files\Presario PC Help
[13/12/2007|13:14] C:\Program Files\Project64 v1.5
[01/01/2004|18:35] C:\Program Files\QuickTime
[06/05/2007|10:50] C:\Program Files\RecordNow!
[04/08/2007|22:25] C:\Program Files\ReflexiveArcade
[16/09/2007|12:46] C:\Program Files\Ricochet Xtreme
[01/01/2004|19:03] C:\Program Files\Services en ligne
[09/08/2007|21:41] C:\Program Files\SLD Codec Pack
[05/03/2008|16:57] C:\Program Files\sleep.bat
[11/12/2006|18:39] C:\Program Files\Sonic
[28/10/2007|15:17] C:\Program Files\Sports Interactive
[25/02/2008|14:50] C:\Program Files\TAROTPRO992
[12/06/2007|21:21] C:\Program Files\temp1.exe
[05/03/2008|16:57] C:\Program Files\temp2.exe
[05/03/2008|16:57] C:\Program Files\temp3.exe
[10/04/2008|14:18] C:\Program Files\The Adventure Company
[01/08/2007|17:29] C:\Program Files\The Bitmap Brothers
[06/05/2007|12:54] C:\Program Files\ToniArts
[06/05/2007|13:37] C:\Program Files\Uninstall Information
[27/12/2006|14:47] C:\Program Files\VID_0E8F&PID_0003
[02/12/2007|18:24] C:\Program Files\VideoLAN
[05/03/2008|16:55] C:\Program Files\Win.All Penumbra Overture crack.exe
[03/06/2007|20:24] C:\Program Files\Windows Live
[12/12/2006|02:03] C:\Program Files\Windows Live Favorites
[12/12/2006|02:03] C:\Program Files\Windows Live Toolbar
[21/01/2007|02:09] C:\Program Files\Windows Media Connect 2
[06/05/2007|16:06] C:\Program Files\Windows Media Player
[06/05/2007|15:21] C:\Program Files\Windows NT
[06/05/2007|11:25] C:\Program Files\WindowsUpdate
[22/02/2007|09:26] C:\Program Files\WinRAR
[01/01/2004|16:47] C:\Program Files\xerox
[11/12/2006|20:41] C:\Program Files\xp-AntiSpy
[04/08/2007|13:41] C:\Program Files\Zapu
[16/04/2008|20:07] C:\Program Files\ZebHelpProcess 2
[28/10/2007|15:17] C:\Program Files\Zero G Registry
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[16/04/2008|20:00] C:\Program Files\Fichiers communs\.
[16/04/2008|20:00] C:\Program Files\Fichiers communs\..
[12/12/2006|18:31] C:\Program Files\Fichiers communs\Adobe
[09/08/2007|21:55] C:\Program Files\Fichiers communs\Ahead
[28/12/2006|01:04] C:\Program Files\Fichiers communs\ATI Technologies
[16/04/2008|20:00] C:\Program Files\Fichiers communs\Borland Shared
[01/06/2007|21:29] C:\Program Files\Fichiers communs\DirectX
[08/04/2008|21:26] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|17:28] C:\Program Files\Fichiers communs\Java
[01/01/2004|18:18] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2004|16:44] C:\Program Files\Fichiers communs\MSSoap
[01/01/2004|16:40] C:\Program Files\Fichiers communs\ODBC
[06/05/2007|19:38] C:\Program Files\Fichiers communs\Services
[16/01/2007|09:41] C:\Program Files\Fichiers communs\Softwin
[11/12/2006|18:40] C:\Program Files\Fichiers communs\Sonic
[01/01/2004|16:40] C:\Program Files\Fichiers communs\SpeechEngines
[06/05/2007|10:50] C:\Program Files\Fichiers communs\SureThing Shared
[14/06/2007|00:17] C:\Program Files\Fichiers communs\System
[08/04/2008|21:28] C:\Program Files\Fichiers communs\Wise Installation Wizard
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-19 16:01:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:178][Doss:7] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
/!\ [Fich:57][Doss:0] C:\DOCUME~1\PROPRI~1\Cookies
/!\ [Fich:2975][Doss:11] C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 16:03:29,42 ]----------------------
voilà..
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ]
[ 19/04/2008 | 16:01:15,60 ] [ PC : ANGY ]
[ MAJ : 17-04-2008 | 19:51 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time\rhyccpsa.exe
Supprimé! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time\Soap4BarbHtm.exe
Supprimé! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Slow Wma Time
Supprimé! - C:\Program Files\Slow Wma Time
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[16/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[16/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/01/2004|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/05/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
[04/08/2007|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
[12/12/2006|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender(2)
[01/01/2004|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[26/03/2008|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/05/2007|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[08/04/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[01/01/2004|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[19/03/2007|23:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[29/10/2007|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[19/03/2007|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/10/2007|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/01/2004|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[09/08/2007|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[01/01/2004|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2004|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/05/2007|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[02/03/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\up inter 64 dumb
[12/12/2006|00:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[12/12/2006|02:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[06/05/2007|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[06/05/2007|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[01/01/2004|16:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/01/2004|16:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|18:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
[01/01/2004|17:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|19:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|17:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|23:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/01/2004|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[01/01/2004|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[06/05/2007|11:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[01/01/2004|16:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2004|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[01/01/2004|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[01/01/2004|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/04/2008|16:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[19/04/2008|16:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[21/04/2007|17:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\.ABC
[05/03/2008|16:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\7z.dll
[05/03/2008|16:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\7z.exe
[10/02/2008|18:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[28/09/2007|15:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[09/08/2007|21:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[14/12/2006|00:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[12/09/2007|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\ATI
[29/03/2008|11:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVG7
[04/08/2007|14:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Babylon
[11/12/2006|19:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bitdefender
[21/04/2007|16:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitTorrent
[26/10/2007|08:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\DataCast
[01/01/2004|16:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[07/05/2007|20:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[01/08/2007|16:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[01/01/2004|16:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[26/10/2007|08:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[06/05/2007|10:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intervideo
[06/03/2007|18:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[13/12/2006|23:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[17/11/2007|22:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[01/05/2007|21:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Motive
[11/12/2006|21:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[04/04/2008|19:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[01/01/2004|19:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
[04/11/2007|10:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Samsung
[09/03/2007|19:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender
[12/09/2007|16:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
[27/12/2006|14:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\SEGA
[05/03/2008|16:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\serial2.dat
[05/03/2008|16:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\serial2.zip
[11/12/2006|18:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[28/10/2007|15:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sports Interactive
[01/01/2004|17:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[01/01/2004|23:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[11/12/2006|21:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback
[06/03/2007|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\U3
[06/01/2008|01:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[09/02/2007|20:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\wunauclt.tbe
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[19/04/2008 15:56][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[12/02/2004 13:27][-rah-----] C:\WINDOWS\tasks\desktop.ini
[19/04/2008 06:56][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[19/04/2008|16:01] C:\Program Files\.
[19/04/2008|16:01] C:\Program Files\..
[14/04/2008|10:31] C:\Program Files\Ad-aware 6
[09/08/2007|11:47] C:\Program Files\Adobe
[08/04/2008|21:28] C:\Program Files\AGEIA Technologies
[12/09/2007|15:56] C:\Program Files\Alcohol 120
[12/09/2007|18:43] C:\Program Files\ATI Technologies
[04/08/2007|14:02] C:\Program Files\Babylon Pro Setup
[05/03/2008|17:41] C:\Program Files\Boonty
[05/03/2008|17:37] C:\Program Files\BoontyGames
[23/01/2007|21:50] C:\Program Files\Canon
[12/09/2007|16:31] C:\Program Files\CAPCOM
[01/01/2004|18:18] C:\Program Files\Common Files
[17/11/2007|20:52] C:\Program Files\DAEMON Tools
[09/08/2007|21:33] C:\Program Files\DivX
[01/08/2007|15:49] C:\Program Files\DXBall2
[05/06/2007|11:01] C:\Program Files\Easy Internet signup
[05/07/2007|01:23] C:\Program Files\EasyCleaner
[18/04/2008|09:49] C:\Program Files\eMule
[06/05/2007|12:56] C:\Program Files\Eurobarre
[21/09/2007|16:57] C:\Program Files\Eva Cash
[10/04/2008|14:17] C:\Program Files\Evil Under the Sun
[06/03/2007|18:35] C:\Program Files\Executive Software
[16/04/2008|20:00] C:\Program Files\Fichiers communs
[08/04/2008|21:26] C:\Program Files\Focus
[29/03/2008|11:18] C:\Program Files\Google
[16/01/2007|09:56] C:\Program Files\Grisoft
[05/03/2008|16:57] C:\Program Files\inc1.bat
[08/04/2008|21:41] C:\Program Files\InstallShield Installation Information
[09/04/2008|08:17] C:\Program Files\Internet Explorer
[20/01/2008|09:06] C:\Program Files\InterVideo
[26/03/2008|06:33] C:\Program Files\Java
[20/01/2008|09:07] C:\Program Files\Kyodai
[08/04/2008|21:20] C:\Program Files\La nuit des sacrifies
[11/04/2008|16:06] C:\Program Files\Les Sims 2
[18/04/2008|14:45] C:\Program Files\Ludiclub
[26/10/2007|08:39] C:\Program Files\MarkAny
[14/05/2007|16:40] C:\Program Files\messenger
[31/03/2008|10:20] C:\Program Files\Messenger Plus! Live
[12/12/2006|02:15] C:\Program Files\MessengerPlus! 3
[01/01/2004|16:47] C:\Program Files\microsoft frontpage
[06/05/2007|15:22] C:\Program Files\Movie Maker
[19/04/2008|09:40] C:\Program Files\Mozilla Firefox
[01/01/2004|16:43] C:\Program Files\MSN
[08/05/2007|21:34] C:\Program Files\MSN BackUp
[01/01/2004|16:43] C:\Program Files\MSN Gaming Zone
[31/03/2008|10:19] C:\Program Files\MSN Messenger
[10/08/2007|05:40] C:\Program Files\MSXML 4.0
[09/08/2007|21:55] C:\Program Files\Nero
[06/05/2007|15:21] C:\Program Files\NetMeeting
[12/06/2007|21:21] C:\Program Files\NOCD Penumbra Overture crack.exe
[13/12/2006|12:05] C:\Program Files\NUMERICABLE
[04/04/2008|19:43] C:\Program Files\OpenOffice.org 2.4
[14/06/2007|00:17] C:\Program Files\Outlook Express
[05/03/2008|16:55] C:\Program Files\Penumbra Overture crack.exe
[01/01/2004|18:58] C:\Program Files\Presario PC Help
[13/12/2007|13:14] C:\Program Files\Project64 v1.5
[01/01/2004|18:35] C:\Program Files\QuickTime
[06/05/2007|10:50] C:\Program Files\RecordNow!
[04/08/2007|22:25] C:\Program Files\ReflexiveArcade
[16/09/2007|12:46] C:\Program Files\Ricochet Xtreme
[01/01/2004|19:03] C:\Program Files\Services en ligne
[09/08/2007|21:41] C:\Program Files\SLD Codec Pack
[05/03/2008|16:57] C:\Program Files\sleep.bat
[11/12/2006|18:39] C:\Program Files\Sonic
[28/10/2007|15:17] C:\Program Files\Sports Interactive
[25/02/2008|14:50] C:\Program Files\TAROTPRO992
[12/06/2007|21:21] C:\Program Files\temp1.exe
[05/03/2008|16:57] C:\Program Files\temp2.exe
[05/03/2008|16:57] C:\Program Files\temp3.exe
[10/04/2008|14:18] C:\Program Files\The Adventure Company
[01/08/2007|17:29] C:\Program Files\The Bitmap Brothers
[06/05/2007|12:54] C:\Program Files\ToniArts
[06/05/2007|13:37] C:\Program Files\Uninstall Information
[27/12/2006|14:47] C:\Program Files\VID_0E8F&PID_0003
[02/12/2007|18:24] C:\Program Files\VideoLAN
[05/03/2008|16:55] C:\Program Files\Win.All Penumbra Overture crack.exe
[03/06/2007|20:24] C:\Program Files\Windows Live
[12/12/2006|02:03] C:\Program Files\Windows Live Favorites
[12/12/2006|02:03] C:\Program Files\Windows Live Toolbar
[21/01/2007|02:09] C:\Program Files\Windows Media Connect 2
[06/05/2007|16:06] C:\Program Files\Windows Media Player
[06/05/2007|15:21] C:\Program Files\Windows NT
[06/05/2007|11:25] C:\Program Files\WindowsUpdate
[22/02/2007|09:26] C:\Program Files\WinRAR
[01/01/2004|16:47] C:\Program Files\xerox
[11/12/2006|20:41] C:\Program Files\xp-AntiSpy
[04/08/2007|13:41] C:\Program Files\Zapu
[16/04/2008|20:07] C:\Program Files\ZebHelpProcess 2
[28/10/2007|15:17] C:\Program Files\Zero G Registry
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[16/04/2008|20:00] C:\Program Files\Fichiers communs\.
[16/04/2008|20:00] C:\Program Files\Fichiers communs\..
[12/12/2006|18:31] C:\Program Files\Fichiers communs\Adobe
[09/08/2007|21:55] C:\Program Files\Fichiers communs\Ahead
[28/12/2006|01:04] C:\Program Files\Fichiers communs\ATI Technologies
[16/04/2008|20:00] C:\Program Files\Fichiers communs\Borland Shared
[01/06/2007|21:29] C:\Program Files\Fichiers communs\DirectX
[08/04/2008|21:26] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|17:28] C:\Program Files\Fichiers communs\Java
[01/01/2004|18:18] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2004|16:44] C:\Program Files\Fichiers communs\MSSoap
[01/01/2004|16:40] C:\Program Files\Fichiers communs\ODBC
[06/05/2007|19:38] C:\Program Files\Fichiers communs\Services
[16/01/2007|09:41] C:\Program Files\Fichiers communs\Softwin
[11/12/2006|18:40] C:\Program Files\Fichiers communs\Sonic
[01/01/2004|16:40] C:\Program Files\Fichiers communs\SpeechEngines
[06/05/2007|10:50] C:\Program Files\Fichiers communs\SureThing Shared
[14/06/2007|00:17] C:\Program Files\Fichiers communs\System
[08/04/2008|21:28] C:\Program Files\Fichiers communs\Wise Installation Wizard
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-19 16:01:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:178][Doss:7] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
/!\ [Fich:57][Doss:0] C:\DOCUME~1\PROPRI~1\Cookies
/!\ [Fich:2975][Doss:11] C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 16:03:29,42 ]----------------------
voilà..
- angy69
- Messages: 15
- Inscription: 16 Avr 2008 13:03
Re: hijackthis
par Falkra » 19 Avr 2008 15:09
Ok, un de moins, on va shooter l'autre à la main.
Relance HijackThis, localise la ligne suivante :
coche et fais fix checked, en bas à gauche.
Ensuite, redémarre.
Après le redémarrage, efface ce dossier :
C:\Documents and Settings\All Users\Application Data\Frag great bend logo\
Puis poste un nouveau rapport HijackThis.
Relance HijackThis, localise la ligne suivante :
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\body team.exe
coche et fais fix checked, en bas à gauche.
Ensuite, redémarre.
Après le redémarrage, efface ce dossier :
C:\Documents and Settings\All Users\Application Data\Frag great bend logo\
Puis poste un nouveau rapport HijackThis.
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: hijackthis
par angy69 » 19 Avr 2008 16:55
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:53:10, on 19/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Eurobarre\eb.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SMSTray] C:\Documents and Settings\Propriétaire\Bureau\KEV1989\MP3\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [onlinegrey] C:\DOCUME~1\PROPRI~1\APPLIC~1\SLOWWM~1\ONCE PEAK.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8453593921
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 6797 bytes
apres all users je ne trouve pas application data etc...pr effacer le fichier
Scan saved at 17:53:10, on 19/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Eurobarre\eb.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SMSTray] C:\Documents and Settings\Propriétaire\Bureau\KEV1989\MP3\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [onlinegrey] C:\DOCUME~1\PROPRI~1\APPLIC~1\SLOWWM~1\ONCE PEAK.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8453593921
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 6797 bytes
apres all users je ne trouve pas application data etc...pr effacer le fichier
- angy69
- Messages: 15
- Inscription: 16 Avr 2008 13:03
Re: hijackthis
par Falkra » 19 Avr 2008 17:08
Pas grave, ce devait être un reste :
Coche et fais fic checked sur la ligne ci-dessus.
Redémarre, poste un rapport hijackThis, et dis moi si tu as encore des pubs.
O4 - HKCU\..\Run: [onlinegrey] C:\DOCUME~1\PROPRI~1\APPLIC~1\SLOWWM~1\ONCE PEAK.exe
Coche et fais fic checked sur la ligne ci-dessus.
Redémarre, poste un rapport hijackThis, et dis moi si tu as encore des pubs.
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: hijackthis
par angy69 » 19 Avr 2008 18:30
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:27, on 19/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Eurobarre\eb.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SMSTray] C:\Documents and Settings\Propriétaire\Bureau\KEV1989\MP3\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8453593921
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 6661 bytes
pr le moment pas de pub!! et tte ses manip que tu ma fais faire a servi a koi en faite!! merci
Scan saved at 19:28:27, on 19/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Eurobarre\eb.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SMSTray] C:\Documents and Settings\Propriétaire\Bureau\KEV1989\MP3\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8453593921
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 6661 bytes
pr le moment pas de pub!! et tte ses manip que tu ma fais faire a servi a koi en faite!! merci
- angy69
- Messages: 15
- Inscription: 16 Avr 2008 13:03
Re: hijackthis
par Falkra » 19 Avr 2008 19:36
La machine est propre. 
Les manips servent à afficher c qui tourne et démarre dans la machine.
J'ai identifié quelques infections, et je t'ai fait faire des rapports avec l'outil qui nettoie cette infection, puis les supprimer.
Au passage on a agrandi la base de données de l'outil, qui shootera les fichiers s'il les revoit sur une autre machine.
Tu as dû attraper ça par MSN/WLM Plus!
Il faut que tu fasses très attention lorsque tu installes des logiciels, notamment MSN/WLM Plus! (Messenger Plus! est installé), il y a des "sponsors" ou barres d'outils, des choses qu'on installe avec les programmes, et ce sont des infections.
Exemple pour MSN Plus :
Il faut surtout décocher cela lorsqu'on installe, et par défaut, c'est coché : si on ne fait pas attention, on est infecté !
Pour le principe et quelques exemples, voir ici : http://www.libellules.ch/opt_out.php
Tu avais une autre infection qu'on a eu avec Navilog1. Certaines des saletés que tu avais s'attrapent par le navigateur, je te conseille d'utiliser StripMyRights poor le protéger, cela retire les droits administrateur au navigateur, et les malwares en ont besoin pour t'infecter. Je te recommande la lecture de ce tuto d'oGu : [url="http://www.libellules.ch/phpBB2/strip-my-rights-t26176.html"]Tuto StripMyRights[/url].
Sois vigilant, si tu as des doutes sur un programme, consulte [url="http://assiste.com.free.fr/p/craptheque/craptheque.html"]la crapthèque d'assiste.[/url] qui recense les faux programmes (il y en a).
Les manips servent à afficher c qui tourne et démarre dans la machine.
J'ai identifié quelques infections, et je t'ai fait faire des rapports avec l'outil qui nettoie cette infection, puis les supprimer.
Au passage on a agrandi la base de données de l'outil, qui shootera les fichiers s'il les revoit sur une autre machine.
Tu as dû attraper ça par MSN/WLM Plus!
Il faut que tu fasses très attention lorsque tu installes des logiciels, notamment MSN/WLM Plus! (Messenger Plus! est installé), il y a des "sponsors" ou barres d'outils, des choses qu'on installe avec les programmes, et ce sont des infections.
Exemple pour MSN Plus :
Il faut surtout décocher cela lorsqu'on installe, et par défaut, c'est coché : si on ne fait pas attention, on est infecté !
Pour le principe et quelques exemples, voir ici : http://www.libellules.ch/opt_out.php
Tu avais une autre infection qu'on a eu avec Navilog1. Certaines des saletés que tu avais s'attrapent par le navigateur, je te conseille d'utiliser StripMyRights poor le protéger, cela retire les droits administrateur au navigateur, et les malwares en ont besoin pour t'infecter. Je te recommande la lecture de ce tuto d'oGu : [url="http://www.libellules.ch/phpBB2/strip-my-rights-t26176.html"]Tuto StripMyRights[/url].
Sois vigilant, si tu as des doutes sur un programme, consulte [url="http://assiste.com.free.fr/p/craptheque/craptheque.html"]la crapthèque d'assiste.[/url] qui recense les faux programmes (il y en a).
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
28 messages
• Page 2 sur 2 • 1, 2
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 2 invités
Développé par phpBB® Forum Software © phpBB Group
Traduction par phpBB-fr.com
Traduction par phpBB-fr.com
phpBB Metro Theme by PixelGoose Studio