Votre question

[Résolu] Problème pub CID et Processus INTERNET.EXE

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Avril 2008 11:46:29

Bonjour
je sais que plusieurs topics ont été créé sur ça mais aucun ne m'a aidé
j'ai éssayé des tas de choses sans résultats.

aidez moi please , mon ordi est devenu trop lent

merci d'avance. :bounce: 

Autres pages sur : resolu probleme pub cid processus internet exe

6 Avril 2008 12:08:37

ok c'est fait

Spoiler
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:08:00, on 06/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS1\System32\smss.exe
C:\WINDOWS1\system32\winlogon.exe
C:\WINDOWS1\system32\services.exe
C:\WINDOWS1\system32\lsass.exe
C:\WINDOWS1\system32\svchost.exe
C:\WINDOWS1\System32\svchost.exe
C:\WINDOWS1\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS1\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS1\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS1\Explorer.EXE
C:\WINDOWS1\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS1\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS1\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Maman.ALAN\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Fork Manager] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\FLAGSU~1\Part Play Option.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS1\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS1\system32\ZoneLabs\vsmon.exe

--
End of file - 6251 bytes
Contenus similaires
6 Avril 2008 12:12:15

Re,

N'utilise pas de balises pour poster tes rapports :) 

Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau. ~>Tuto<~
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré ( C:\lopR.txt )
    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    ;) 
    6 Avril 2008 12:21:02

    ok, voici :


    -----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Maman ] [ "C:\Lop SD" ]
    [ 06/04/2008 | 12:15:38,06 ] [ PC : ALAN ]
    [ MAJ : 06-04-2008 | 11:07 ]

    -------------[ Listing des dossiers dans Application Data ]------------


    [02/04/2008|18:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
    [02/04/2008|18:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
    [02/04/2008|18:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
    [24/02/2008|22:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
    [24/02/2008|22:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
    [24/02/2008|21:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
    [31/03/2008|19:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Frag great bend logo
    [24/02/2008|22:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
    [16/03/2008|18:35] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Hewlett-Packard
    [23/03/2008|00:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\hpzinstall.log
    [02/04/2008|17:24] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
    [02/04/2008|17:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MailFrontier
    [25/02/2008|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
    [19/03/2008|22:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
    [03/04/2008|21:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
    [02/03/2008|19:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
    [27/02/2008|12:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller

    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\.
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\..
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\Intel
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\Intervideo
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\Microsoft



    [24/02/2008|21:45] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.
    [24/02/2008|21:45] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
    [24/02/2008|21:45] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini
    [24/02/2008|21:38] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft


    [24/02/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [24/02/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [24/02/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [31/03/2008|19:50] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\.
    [31/03/2008|19:50] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\..
    [02/04/2008|19:17] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Adobe
    [24/02/2008|22:10] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Apple Computer
    [29/02/2008|22:40] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\DAEMON Tools
    [27/02/2008|23:05] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\DataCast
    [24/03/2008|22:49] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Desktop Sidebar
    [24/02/2008|21:45] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\desktop.ini
    [31/03/2008|19:51] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Flag Surf
    [24/02/2008|21:46] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Identities
    [24/02/2008|23:28] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\InstallShield
    [02/04/2008|17:21] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\LimeWire
    [24/02/2008|23:41] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\ma-config.com
    [24/02/2008|21:59] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Macromedia
    [18/03/2008|18:01] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Microsoft
    [24/02/2008|21:59] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Mozilla
    [26/03/2008|16:03] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\My Games
    [18/03/2008|20:30] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\SecuROM
    [05/04/2008|11:20] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\uTorrent
    [26/02/2008|13:20] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\vlc


    [24/02/2008|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [24/02/2008|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [24/02/2008|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft



    ----------------[ Tâches planifiées dans C:\WINDOWS1\tasks ]---------------

    [06/04/2008 12:00][--ah-----] C:\WINDOWS1\tasks\AFD501109186B310.job
    [03/04/2008 20:39][--a------] C:\WINDOWS1\tasks\AppleSoftwareUpdate.job
    [06/04/2008 11:13][--ah-----] C:\WINDOWS1\tasks\SA.DAT
    [05/10/2001 22:41][-r-h-----] C:\WINDOWS1\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [05/04/2008|21:32] C:\Program Files\.
    [05/04/2008|21:32] C:\Program Files\..
    [29/02/2008|17:10] C:\Program Files\7-Zip
    [02/04/2008|18:49] C:\Program Files\Adobe
    [20/02/2008|15:18] C:\Program Files\AGEIA Technologies
    [20/02/2008|15:18] C:\Program Files\Alwil Software
    [20/02/2008|15:19] C:\Program Files\Apple Software Update
    [20/02/2008|15:19] C:\Program Files\ArcSoft
    [20/02/2008|15:22] C:\Program Files\ATI Technologies
    [20/02/2008|15:22] C:\Program Files\AVSMedia
    [24/02/2008|22:09] C:\Program Files\Bonjour
    [20/02/2008|15:22] C:\Program Files\CCleaner
    [31/03/2008|19:50] C:\Program Files\Circle Developement
    [20/02/2008|15:22] C:\Program Files\Club-Internet
    [16/03/2008|03:40] C:\Program Files\Common Files
    [01/01/2004|15:03] C:\Program Files\ComPlus Applications
    [05/04/2008|21:32] C:\Program Files\crocpopup+
    [20/02/2008|15:22] C:\Program Files\curseur
    [20/02/2008|15:22] C:\Program Files\DAEMON Tools
    [29/02/2008|17:05] C:\Program Files\DAEMON Tools Lite
    [02/11/2006|14:49] C:\Program Files\desktop.ini
    [20/02/2008|15:22] C:\Program Files\DIFX
    [20/02/2008|15:22] C:\Program Files\directx
    [20/02/2008|15:22] C:\Program Files\DivX
    [20/02/2008|15:22] C:\Program Files\DkZ Studio
    [20/02/2008|15:22] C:\Program Files\DkZ Update
    [20/02/2008|15:22] C:\Program Files\Easy Internet signup
    [24/03/2008|22:37] C:\Program Files\Emjysoft
    [20/02/2008|15:22] C:\Program Files\eMule
    [20/02/2008|15:22] C:\Program Files\ffdshow
    [20/02/2008|16:15] C:\Program Files\Fichiers communs
    [31/03/2008|19:50] C:\Program Files\Flag Surf
    [26/02/2008|23:44] C:\Program Files\Foxit Software
    [20/02/2008|15:24] C:\Program Files\GameShadow
    [20/02/2008|15:24] C:\Program Files\GameSpy Arcade
    [20/02/2008|15:24] C:\Program Files\GoldWave
    [20/02/2008|15:24] C:\Program Files\Google
    [20/02/2008|15:24] C:\Program Files\Help and Support Additions
    [20/02/2008|15:24] C:\Program Files\Hewlett-Packard
    [16/03/2008|18:43] C:\Program Files\HP
    [20/02/2008|15:26] C:\Program Files\Immersion Corporation
    [24/02/2008|23:28] C:\Program Files\InstallShield Installation Information
    [20/02/2008|15:26] C:\Program Files\Intel
    [20/03/2008|23:47] C:\Program Files\Internet Explorer
    [20/02/2008|15:27] C:\Program Files\InterVideo
    [03/04/2008|20:53] C:\Program Files\iPod
    [03/04/2008|20:53] C:\Program Files\iTunes
    [05/03/2008|17:35] C:\Program Files\Java
    [20/02/2008|15:28] C:\Program Files\K-Lite Codec Pack
    [02/04/2008|15:22] C:\Program Files\Konvertor
    [20/02/2008|15:28] C:\Program Files\Lavalys
    [02/04/2008|17:23] C:\Program Files\Lavasoft
    [20/02/2008|15:28] C:\Program Files\Learn2.com
    [20/02/2008|15:28] C:\Program Files\LG Electronics
    [20/02/2008|15:28] C:\Program Files\LG PC Suite
    [20/02/2008|15:28] C:\Program Files\LGGSM
    [27/02/2008|12:08] C:\Program Files\LimeWire
    [20/02/2008|15:28] C:\Program Files\Logitech
    [20/02/2008|15:28] C:\Program Files\LUXYA WC-1300 Corporation
    [24/02/2008|23:40] C:\Program Files\ma-config.com
    [20/02/2008|15:28] C:\Program Files\Managed DirectX (0901)
    [20/02/2008|15:28] C:\Program Files\MarkAny
    [20/03/2008|23:51] C:\Program Files\Messenger
    [31/03/2008|19:49] C:\Program Files\Messenger Plus! Live
    [20/02/2008|15:28] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [20/02/2008|15:28] C:\Program Files\microsoft frontpage
    [20/02/2008|15:28] C:\Program Files\Microsoft Office
    [20/02/2008|15:29] C:\Program Files\Microsoft Picture It! 9
    [20/02/2008|15:29] C:\Program Files\Microsoft Works
    [20/02/2008|15:29] C:\Program Files\Mindscape
    [24/02/2008|21:35] C:\Program Files\Movie Maker
    [06/04/2008|11:18] C:\Program Files\Mozilla Firefox
    [20/02/2008|15:29] C:\Program Files\Mozilla Thunderbird
    [02/11/2006|14:35] C:\Program Files\MSBuild
    [20/02/2008|15:29] C:\Program Files\MSN
    [20/02/2008|15:29] C:\Program Files\MSN Gaming Zone
    [20/02/2008|15:29] C:\Program Files\MSN Messenger
    [04/06/2005|18:14] C:\Program Files\MSXML 4.0
    [20/02/2008|15:29] C:\Program Files\My Games
    [20/02/2008|15:29] C:\Program Files\MyFree Codec
    [27/03/2008|19:33] C:\Program Files\MySight 2006
    [04/04/2008|22:17] C:\Program Files\Navilog1
    [20/02/2008|15:29] C:\Program Files\NETGEAR
    [24/02/2008|21:36] C:\Program Files\NetMeeting
    [20/02/2008|15:29] C:\Program Files\Nvu
    [24/02/2008|21:34] C:\Program Files\Online Services
    [20/02/2008|15:29] C:\Program Files\OpenAL
    [20/02/2008|15:30] C:\Program Files\OpenOffice.org 2.1
    [20/03/2008|23:50] C:\Program Files\Outlook Express
    [29/01/2007|08:00] C:\Program Files\Pack Securite
    [20/02/2008|15:30] C:\Program Files\PC-Doctor for Windows
    [20/02/2008|15:30] C:\Program Files\ProcessTamer
    [03/04/2008|20:48] C:\Program Files\QuickTime
    [20/02/2008|15:31] C:\Program Files\Real
    [24/02/2008|23:28] C:\Program Files\Realtek
    [24/02/2008|23:55] C:\Program Files\Realtek AC97
    [20/02/2008|15:31] C:\Program Files\Recuva
    [02/11/2006|14:35] C:\Program Files\Reference Assemblies
    [20/02/2008|15:31] C:\Program Files\Replay Converter
    [20/03/2008|21:54] C:\Program Files\Safari
    [20/02/2008|15:31] C:\Program Files\Samsung
    [20/02/2008|15:31] C:\Program Files\Screesaver
    [20/02/2008|15:31] C:\Program Files\Services en ligne
    [20/02/2008|15:31] C:\Program Files\Shock Utility
    [20/02/2008|15:31] C:\Program Files\SiS VGA Utilities V3.59e
    [20/02/2008|15:31] C:\Program Files\SmartSound Software
    [03/04/2008|21:08] C:\Program Files\Spybot - Search & Destroy
    [20/02/2008|15:32] C:\Program Files\Stardock
    [06/04/2008|11:14] C:\Program Files\Steam
    [20/02/2008|15:32] C:\Program Files\STK016_V2.02
    [20/02/2008|15:32] C:\Program Files\StuffPlug3
    [20/02/2008|15:32] C:\Program Files\STV
    [20/02/2008|15:32] C:\Program Files\Symantec
    [20/02/2008|15:32] C:\Program Files\SystemRequirementsLab
    [20/02/2008|15:32] C:\Program Files\Talkway
    [20/02/2008|15:32] C:\Program Files\TechCity Solutions
    [20/02/2008|15:32] C:\Program Files\The GodFather
    [20/02/2008|15:32] C:\Program Files\Ulead Systems
    [20/02/2008|15:32] C:\Program Files\UltraDefrag
    [20/02/2008|15:32] C:\Program Files\Unalis
    [02/11/2006|15:00] C:\Program Files\Uninstall Information
    [24/02/2008|22:47] C:\Program Files\uTorrent
    [20/02/2008|15:32] C:\Program Files\VideoLAN
    [27/08/2007|18:12] C:\Program Files\WinAce
    [20/02/2008|15:32] C:\Program Files\Winamp
    [02/11/2006|14:41] C:\Program Files\Windows Calendar
    [02/11/2006|14:41] C:\Program Files\Windows Collaboration
    [02/11/2006|14:41] C:\Program Files\Windows Defender
    [02/11/2006|14:41] C:\Program Files\Windows Journal
    [20/02/2008|15:33] C:\Program Files\Windows Live
    [20/02/2008|15:33] C:\Program Files\Windows Live Favorites
    [20/02/2008|15:33] C:\Program Files\Windows Live Safety Center
    [20/02/2008|15:33] C:\Program Files\Windows Live Toolbar
    [02/11/2006|14:41] C:\Program Files\Windows Mail
    [20/02/2008|15:33] C:\Program Files\Windows Media Components
    [20/03/2008|23:50] C:\Program Files\Windows Media Player
    [24/02/2008|21:25] C:\Program Files\Windows NT
    [02/11/2006|14:41] C:\Program Files\Windows Photo Gallery
    [21/02/2008|00:04] C:\Program Files\Windows Sidebar
    [24/02/2008|21:37] C:\Program Files\WindowsUpdate
    [20/02/2008|15:33] C:\Program Files\WinOSX
    [18/03/2008|20:37] C:\Program Files\WoW-2.3.0.7561-frFR
    [28/03/2008|19:10] C:\Program Files\WowCartographe
    [20/02/2008|15:33] C:\Program Files\xerox
    [20/02/2008|15:33] C:\Program Files\Xfire
    [20/02/2008|15:33] C:\Program Files\Xi
    [02/04/2008|17:33] C:\Program Files\Zone Labs

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------


    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Frag great bend logo
    C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Frag great bend logo\List 1.exe
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\WINDOWS1\Tasks\AFD501109186B310.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-06 12:18:36
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    folder error: C:\DOCUME~1\MAMAN~1.ALA\LOCALS~1\APPLIC~1

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:17][Doss:3] C:\DOCUME~1\MAMAN~1.ALA\LOCALS~1\Temp
    /!\ [Fich:13][Doss:0] C:\DOCUME~1\MAMAN~1.ALA\Cookies
    /!\ [Fich:135][Doss:5] C:\DOCUME~1\MAMAN~1.ALA\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 12:20:22,10 ]----------------------
    6 Avril 2008 14:07:20

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 ( Suppression )
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré ( C:\lopR.txt )

    (Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    ;) 
    6 Avril 2008 14:15:17

    ok. voici


    -----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Maman ] [ "C:\Lop SD" ]
    [ 06/04/2008 | 14:09:52,45 ] [ PC : ALAN ]
    [ MAJ : 06-04-2008 | 11:07 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Frag great bend logo\List 1.exe
    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\WINDOWS1\Tasks\AFD501109186B310.job
    Supprimé! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Frag great bend logo
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------


    [06/04/2008|14:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
    [06/04/2008|14:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
    [02/04/2008|18:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
    [24/02/2008|22:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
    [24/02/2008|22:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
    [24/02/2008|21:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
    [24/02/2008|22:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
    [16/03/2008|18:35] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Hewlett-Packard
    [23/03/2008|00:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\hpzinstall.log
    [02/04/2008|17:24] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
    [02/04/2008|17:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MailFrontier
    [25/02/2008|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
    [19/03/2008|22:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
    [03/04/2008|21:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
    [02/03/2008|19:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
    [27/02/2008|12:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller

    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\.
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\..
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\Intel
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\Intervideo
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\Microsoft



    [24/02/2008|21:45] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.
    [24/02/2008|21:45] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
    [24/02/2008|21:45] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini
    [24/02/2008|21:38] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft


    [24/02/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [24/02/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [24/02/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [31/03/2008|19:50] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\.
    [31/03/2008|19:50] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\..
    [02/04/2008|19:17] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Adobe
    [24/02/2008|22:10] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Apple Computer
    [29/02/2008|22:40] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\DAEMON Tools
    [27/02/2008|23:05] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\DataCast
    [24/03/2008|22:49] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Desktop Sidebar
    [24/02/2008|21:45] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\desktop.ini
    [31/03/2008|19:51] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Flag Surf
    [24/02/2008|21:46] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Identities
    [24/02/2008|23:28] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\InstallShield
    [02/04/2008|17:21] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\LimeWire
    [24/02/2008|23:41] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\ma-config.com
    [24/02/2008|21:59] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Macromedia
    [18/03/2008|18:01] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Microsoft
    [24/02/2008|21:59] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Mozilla
    [26/03/2008|16:03] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\My Games
    [18/03/2008|20:30] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\SecuROM
    [05/04/2008|11:20] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\uTorrent
    [26/02/2008|13:20] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\vlc


    [24/02/2008|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [24/02/2008|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [24/02/2008|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft



    ----------------[ Tâches planifiées dans C:\WINDOWS1\tasks ]---------------

    [03/04/2008 20:39][--a------] C:\WINDOWS1\tasks\AppleSoftwareUpdate.job
    [06/04/2008 11:13][--ah-----] C:\WINDOWS1\tasks\SA.DAT
    [05/10/2001 22:41][-r-h-----] C:\WINDOWS1\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [06/04/2008|14:09] C:\Program Files\.
    [06/04/2008|14:09] C:\Program Files\..
    [29/02/2008|17:10] C:\Program Files\7-Zip
    [02/04/2008|18:49] C:\Program Files\Adobe
    [20/02/2008|15:18] C:\Program Files\AGEIA Technologies
    [20/02/2008|15:18] C:\Program Files\Alwil Software
    [20/02/2008|15:19] C:\Program Files\Apple Software Update
    [20/02/2008|15:19] C:\Program Files\ArcSoft
    [20/02/2008|15:22] C:\Program Files\ATI Technologies
    [20/02/2008|15:22] C:\Program Files\AVSMedia
    [24/02/2008|22:09] C:\Program Files\Bonjour
    [20/02/2008|15:22] C:\Program Files\CCleaner
    [20/02/2008|15:22] C:\Program Files\Club-Internet
    [16/03/2008|03:40] C:\Program Files\Common Files
    [01/01/2004|15:03] C:\Program Files\ComPlus Applications
    [05/04/2008|21:32] C:\Program Files\crocpopup+
    [20/02/2008|15:22] C:\Program Files\curseur
    [20/02/2008|15:22] C:\Program Files\DAEMON Tools
    [29/02/2008|17:05] C:\Program Files\DAEMON Tools Lite
    [02/11/2006|14:49] C:\Program Files\desktop.ini
    [20/02/2008|15:22] C:\Program Files\DIFX
    [20/02/2008|15:22] C:\Program Files\directx
    [20/02/2008|15:22] C:\Program Files\DivX
    [20/02/2008|15:22] C:\Program Files\DkZ Studio
    [20/02/2008|15:22] C:\Program Files\DkZ Update
    [20/02/2008|15:22] C:\Program Files\Easy Internet signup
    [24/03/2008|22:37] C:\Program Files\Emjysoft
    [20/02/2008|15:22] C:\Program Files\eMule
    [20/02/2008|15:22] C:\Program Files\ffdshow
    [20/02/2008|16:15] C:\Program Files\Fichiers communs
    [31/03/2008|19:50] C:\Program Files\Flag Surf
    [26/02/2008|23:44] C:\Program Files\Foxit Software
    [20/02/2008|15:24] C:\Program Files\GameShadow
    [20/02/2008|15:24] C:\Program Files\GameSpy Arcade
    [20/02/2008|15:24] C:\Program Files\GoldWave
    [20/02/2008|15:24] C:\Program Files\Google
    [20/02/2008|15:24] C:\Program Files\Help and Support Additions
    [20/02/2008|15:24] C:\Program Files\Hewlett-Packard
    [16/03/2008|18:43] C:\Program Files\HP
    [20/02/2008|15:26] C:\Program Files\Immersion Corporation
    [24/02/2008|23:28] C:\Program Files\InstallShield Installation Information
    [20/02/2008|15:26] C:\Program Files\Intel
    [20/03/2008|23:47] C:\Program Files\Internet Explorer
    [20/02/2008|15:27] C:\Program Files\InterVideo
    [03/04/2008|20:53] C:\Program Files\iPod
    [03/04/2008|20:53] C:\Program Files\iTunes
    [05/03/2008|17:35] C:\Program Files\Java
    [20/02/2008|15:28] C:\Program Files\K-Lite Codec Pack
    [02/04/2008|15:22] C:\Program Files\Konvertor
    [20/02/2008|15:28] C:\Program Files\Lavalys
    [02/04/2008|17:23] C:\Program Files\Lavasoft
    [20/02/2008|15:28] C:\Program Files\Learn2.com
    [20/02/2008|15:28] C:\Program Files\LG Electronics
    [20/02/2008|15:28] C:\Program Files\LG PC Suite
    [20/02/2008|15:28] C:\Program Files\LGGSM
    [27/02/2008|12:08] C:\Program Files\LimeWire
    [20/02/2008|15:28] C:\Program Files\Logitech
    [20/02/2008|15:28] C:\Program Files\LUXYA WC-1300 Corporation
    [24/02/2008|23:40] C:\Program Files\ma-config.com
    [20/02/2008|15:28] C:\Program Files\Managed DirectX (0901)
    [20/02/2008|15:28] C:\Program Files\MarkAny
    [20/03/2008|23:51] C:\Program Files\Messenger
    [31/03/2008|19:49] C:\Program Files\Messenger Plus! Live
    [20/02/2008|15:28] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [20/02/2008|15:28] C:\Program Files\microsoft frontpage
    [20/02/2008|15:28] C:\Program Files\Microsoft Office
    [20/02/2008|15:29] C:\Program Files\Microsoft Picture It! 9
    [20/02/2008|15:29] C:\Program Files\Microsoft Works
    [20/02/2008|15:29] C:\Program Files\Mindscape
    [24/02/2008|21:35] C:\Program Files\Movie Maker
    [06/04/2008|13:34] C:\Program Files\Mozilla Firefox
    [20/02/2008|15:29] C:\Program Files\Mozilla Thunderbird
    [02/11/2006|14:35] C:\Program Files\MSBuild
    [20/02/2008|15:29] C:\Program Files\MSN
    [20/02/2008|15:29] C:\Program Files\MSN Gaming Zone
    [20/02/2008|15:29] C:\Program Files\MSN Messenger
    [04/06/2005|18:14] C:\Program Files\MSXML 4.0
    [20/02/2008|15:29] C:\Program Files\My Games
    [20/02/2008|15:29] C:\Program Files\MyFree Codec
    [27/03/2008|19:33] C:\Program Files\MySight 2006
    [04/04/2008|22:17] C:\Program Files\Navilog1
    [20/02/2008|15:29] C:\Program Files\NETGEAR
    [24/02/2008|21:36] C:\Program Files\NetMeeting
    [20/02/2008|15:29] C:\Program Files\Nvu
    [24/02/2008|21:34] C:\Program Files\Online Services
    [20/02/2008|15:29] C:\Program Files\OpenAL
    [20/02/2008|15:30] C:\Program Files\OpenOffice.org 2.1
    [20/03/2008|23:50] C:\Program Files\Outlook Express
    [29/01/2007|08:00] C:\Program Files\Pack Securite
    [20/02/2008|15:30] C:\Program Files\PC-Doctor for Windows
    [20/02/2008|15:30] C:\Program Files\ProcessTamer
    [03/04/2008|20:48] C:\Program Files\QuickTime
    [20/02/2008|15:31] C:\Program Files\Real
    [24/02/2008|23:28] C:\Program Files\Realtek
    [24/02/2008|23:55] C:\Program Files\Realtek AC97
    [20/02/2008|15:31] C:\Program Files\Recuva
    [02/11/2006|14:35] C:\Program Files\Reference Assemblies
    [20/02/2008|15:31] C:\Program Files\Replay Converter
    [20/03/2008|21:54] C:\Program Files\Safari
    [20/02/2008|15:31] C:\Program Files\Samsung
    [20/02/2008|15:31] C:\Program Files\Screesaver
    [20/02/2008|15:31] C:\Program Files\Services en ligne
    [20/02/2008|15:31] C:\Program Files\Shock Utility
    [20/02/2008|15:31] C:\Program Files\SiS VGA Utilities V3.59e
    [20/02/2008|15:31] C:\Program Files\SmartSound Software
    [03/04/2008|21:08] C:\Program Files\Spybot - Search & Destroy
    [20/02/2008|15:32] C:\Program Files\Stardock
    [06/04/2008|11:14] C:\Program Files\Steam
    [20/02/2008|15:32] C:\Program Files\STK016_V2.02
    [20/02/2008|15:32] C:\Program Files\StuffPlug3
    [20/02/2008|15:32] C:\Program Files\STV
    [20/02/2008|15:32] C:\Program Files\Symantec
    [20/02/2008|15:32] C:\Program Files\SystemRequirementsLab
    [20/02/2008|15:32] C:\Program Files\Talkway
    [20/02/2008|15:32] C:\Program Files\TechCity Solutions
    [20/02/2008|15:32] C:\Program Files\The GodFather
    [20/02/2008|15:32] C:\Program Files\Ulead Systems
    [20/02/2008|15:32] C:\Program Files\UltraDefrag
    [20/02/2008|15:32] C:\Program Files\Unalis
    [02/11/2006|15:00] C:\Program Files\Uninstall Information
    [24/02/2008|22:47] C:\Program Files\uTorrent
    [20/02/2008|15:32] C:\Program Files\VideoLAN
    [27/08/2007|18:12] C:\Program Files\WinAce
    [20/02/2008|15:32] C:\Program Files\Winamp
    [02/11/2006|14:41] C:\Program Files\Windows Calendar
    [02/11/2006|14:41] C:\Program Files\Windows Collaboration
    [02/11/2006|14:41] C:\Program Files\Windows Defender
    [02/11/2006|14:41] C:\Program Files\Windows Journal
    [20/02/2008|15:33] C:\Program Files\Windows Live
    [20/02/2008|15:33] C:\Program Files\Windows Live Favorites
    [20/02/2008|15:33] C:\Program Files\Windows Live Safety Center
    [20/02/2008|15:33] C:\Program Files\Windows Live Toolbar
    [02/11/2006|14:41] C:\Program Files\Windows Mail
    [20/02/2008|15:33] C:\Program Files\Windows Media Components
    [20/03/2008|23:50] C:\Program Files\Windows Media Player
    [24/02/2008|21:25] C:\Program Files\Windows NT
    [02/11/2006|14:41] C:\Program Files\Windows Photo Gallery
    [21/02/2008|00:04] C:\Program Files\Windows Sidebar
    [24/02/2008|21:37] C:\Program Files\WindowsUpdate
    [20/02/2008|15:33] C:\Program Files\WinOSX
    [18/03/2008|20:37] C:\Program Files\WoW-2.3.0.7561-frFR
    [28/03/2008|19:10] C:\Program Files\WowCartographe
    [20/02/2008|15:33] C:\Program Files\xerox
    [20/02/2008|15:33] C:\Program Files\Xfire
    [20/02/2008|15:33] C:\Program Files\Xi
    [02/04/2008|17:33] C:\Program Files\Zone Labs

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------


    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-06 14:13:02
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    folder error: C:\DOCUME~1\MAMAN~1.ALA\LOCALS~1\APPLIC~1

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:31][Doss:3] C:\DOCUME~1\MAMAN~1.ALA\LOCALS~1\Temp
    /!\ [Fich:16][Doss:0] C:\DOCUME~1\MAMAN~1.ALA\Cookies
    /!\ [Fich:152][Doss:5] C:\DOCUME~1\MAMAN~1.ALA\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 14:14:44,90 ]----------------------
    6 Avril 2008 14:21:35

    Re,

    Poste un nouveau rapport hijackthis.

    ;) 
    6 Avril 2008 14:26:55

    okii ;) 

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:26:56, on 06/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS1\System32\smss.exe
    C:\WINDOWS1\system32\winlogon.exe
    C:\WINDOWS1\system32\services.exe
    C:\WINDOWS1\system32\lsass.exe
    C:\WINDOWS1\system32\svchost.exe
    C:\WINDOWS1\System32\svchost.exe
    C:\WINDOWS1\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS1\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS1\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS1\SOUNDMAN.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS1\system32\ctfmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS1\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS1\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Maman.ALAN\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Fork Manager] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\FLAGSU~1\Part Play Option.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS1\system32\HPZipm12.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS1\system32\ZoneLabs\vsmon.exe

    --
    End of file - 5893 bytes
    6 Avril 2008 20:37:26

    Re,

    1) Relance HijackThis, clique sur "do a system scan only", coche ces lignes puis clique sur "Fix Checked" et referme HijackThis :

    O2 - BHO: (no name) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file)
    O4 - HKCU\..\Run: [Fork Manager] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\FLAGSU~1\Part Play Option.exe


    2) Télécharger OTMoveIt2 par OldTimer.

  • Enregistrer ce fichier sur le Bureau.
  • Faire un double clic sur OTMoveIt2.exe pour lancer l'exécution de l'outil. (Note: Si vous utilisez Vista, faire un clic droit sur le fichier puis choisir Exécuter en tant qu'administrateur).
  • Copier les lignes de la zone "Code" ci-dessous en les sélectionnant TOUTES puis en appuyant simultanément sur les touches CTRL et C (ou, après les avoir sélectionnées, en faisant un clic droit puis en choisissant Copier):
    C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\FLAGSU~1\

  • Retourner dans la fenêtre de OTMoveIt2, faire un clic droit dans la zone "Paste Standard List of Files/Folders to Move" (sous la barre bleu clair) puis choisir Coller.
  • Cliquer sur le bouton rouge Moveit!.
  • Copier tout ce qui se trouve dans la zone Results (sous la barre verte) en sélectionnant TOUTES LES LIGNES puis en appuyant simultanément sur les touches CTRL et C (ou, après les avoir sélectionnées, en faisant un clic droit puis en choisissant Copier), et coller ces résulats en réponse sur le forum.
  • Fermer OTMoveIt2

    Note: Si un fichier ou un dossier ne peut pas être déplacé immédiatement, un redémarrage sera peut-être nécessaire afin de terminer le processus de déplacement. Si le redémarrage de la machine vous est demandé, choisir Oui/Yes. Dans ce cas, après le redémarrage, ouvrir le Bloc-notes (Démarrer->Tous les programmes->Accessoires->Bloc-notes), cliquer sur Fichier->Ouvrir, dans la zone "Nom du fichier" taper *.log et appuyer sur la touche Entrée, naviguer jusqu'au dossier C:\_OTMoveIt\MovedFiles, puis ouvrir le fichier .log le plus récent; ensuite faire un copier/coller du contenu de ce document en réponse sur le forum.

    Si tu obtiens un message comme quoi le rapport ne peut pas être créé, copie/colle ce qui apparaît dans la colonne droite de l’outil.

    3) Refais-moi un lopS&D option 1 et dis-moi comment va le PC.

    Bonne soirée ;) 

    6 Avril 2008 21:04:05

    Alor ca c'est OTmoveIt

    C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\FLAGSU~1 moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.4.0 log created on 04062008_205634


    et ca c'est le rapport LOP

    j'ai trouvé 1 virus avec avast pendant la recherche


    -----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Maman ] [ "C:\Lop SD" ]
    [ 06/04/2008 | 20:58:46,45 ] [ PC : ALAN ]
    [ MAJ : 06-04-2008 | 11:07 ]

    -------------[ Listing des dossiers dans Application Data ]------------


    [06/04/2008|14:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
    [06/04/2008|14:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
    [02/04/2008|18:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
    [24/02/2008|22:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
    [24/02/2008|22:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
    [24/02/2008|21:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
    [24/02/2008|22:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
    [16/03/2008|18:35] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Hewlett-Packard
    [23/03/2008|00:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\hpzinstall.log
    [02/04/2008|17:24] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
    [02/04/2008|17:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MailFrontier
    [25/02/2008|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
    [19/03/2008|22:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
    [03/04/2008|21:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
    [02/03/2008|19:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
    [27/02/2008|12:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller

    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\.
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\..
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\Intel
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\Intervideo
    [20/02/2008|15:18] C:\DOCUME~1\Autres\APPLIC~1\Microsoft



    [24/02/2008|21:45] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.
    [24/02/2008|21:45] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
    [24/02/2008|21:45] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini
    [24/02/2008|21:38] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft


    [24/02/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [24/02/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [24/02/2008|21:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [06/04/2008|20:56] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\.
    [06/04/2008|20:56] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\..
    [02/04/2008|19:17] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Adobe
    [24/02/2008|22:10] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Apple Computer
    [29/02/2008|22:40] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\DAEMON Tools
    [27/02/2008|23:05] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\DataCast
    [24/03/2008|22:49] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Desktop Sidebar
    [24/02/2008|21:45] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\desktop.ini
    [24/02/2008|21:46] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Identities
    [24/02/2008|23:28] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\InstallShield
    [06/04/2008|18:51] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\LimeWire
    [24/02/2008|23:41] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\ma-config.com
    [24/02/2008|21:59] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Macromedia
    [18/03/2008|18:01] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Microsoft
    [24/02/2008|21:59] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\Mozilla
    [26/03/2008|16:03] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\My Games
    [18/03/2008|20:30] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\SecuROM
    [05/04/2008|11:20] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\uTorrent
    [26/02/2008|13:20] C:\DOCUME~1\MAMAN~1.ALA\APPLIC~1\vlc


    [24/02/2008|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [24/02/2008|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [24/02/2008|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft



    ----------------[ Tâches planifiées dans C:\WINDOWS1\tasks ]---------------

    [03/04/2008 20:39][--a------] C:\WINDOWS1\tasks\AppleSoftwareUpdate.job
    [06/04/2008 11:13][--ah-----] C:\WINDOWS1\tasks\SA.DAT
    [05/10/2001 22:41][-r-h-----] C:\WINDOWS1\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [06/04/2008|14:09] C:\Program Files\.
    [06/04/2008|14:09] C:\Program Files\..
    [29/02/2008|17:10] C:\Program Files\7-Zip
    [02/04/2008|18:49] C:\Program Files\Adobe
    [20/02/2008|15:18] C:\Program Files\AGEIA Technologies
    [20/02/2008|15:18] C:\Program Files\Alwil Software
    [20/02/2008|15:19] C:\Program Files\Apple Software Update
    [20/02/2008|15:19] C:\Program Files\ArcSoft
    [20/02/2008|15:22] C:\Program Files\ATI Technologies
    [20/02/2008|15:22] C:\Program Files\AVSMedia
    [24/02/2008|22:09] C:\Program Files\Bonjour
    [20/02/2008|15:22] C:\Program Files\CCleaner
    [20/02/2008|15:22] C:\Program Files\Club-Internet
    [16/03/2008|03:40] C:\Program Files\Common Files
    [01/01/2004|15:03] C:\Program Files\ComPlus Applications
    [05/04/2008|21:32] C:\Program Files\crocpopup+
    [20/02/2008|15:22] C:\Program Files\curseur
    [20/02/2008|15:22] C:\Program Files\DAEMON Tools
    [29/02/2008|17:05] C:\Program Files\DAEMON Tools Lite
    [02/11/2006|14:49] C:\Program Files\desktop.ini
    [20/02/2008|15:22] C:\Program Files\DIFX
    [20/02/2008|15:22] C:\Program Files\directx
    [20/02/2008|15:22] C:\Program Files\DivX
    [20/02/2008|15:22] C:\Program Files\DkZ Studio
    [20/02/2008|15:22] C:\Program Files\DkZ Update
    [20/02/2008|15:22] C:\Program Files\Easy Internet signup
    [24/03/2008|22:37] C:\Program Files\Emjysoft
    [20/02/2008|15:22] C:\Program Files\eMule
    [20/02/2008|15:22] C:\Program Files\ffdshow
    [20/02/2008|16:15] C:\Program Files\Fichiers communs
    [31/03/2008|19:50] C:\Program Files\Flag Surf
    [26/02/2008|23:44] C:\Program Files\Foxit Software
    [20/02/2008|15:24] C:\Program Files\GameShadow
    [20/02/2008|15:24] C:\Program Files\GameSpy Arcade
    [20/02/2008|15:24] C:\Program Files\GoldWave
    [20/02/2008|15:24] C:\Program Files\Google
    [20/02/2008|15:24] C:\Program Files\Help and Support Additions
    [20/02/2008|15:24] C:\Program Files\Hewlett-Packard
    [16/03/2008|18:43] C:\Program Files\HP
    [20/02/2008|15:26] C:\Program Files\Immersion Corporation
    [24/02/2008|23:28] C:\Program Files\InstallShield Installation Information
    [20/02/2008|15:26] C:\Program Files\Intel
    [20/03/2008|23:47] C:\Program Files\Internet Explorer
    [20/02/2008|15:27] C:\Program Files\InterVideo
    [03/04/2008|20:53] C:\Program Files\iPod
    [03/04/2008|20:53] C:\Program Files\iTunes
    [05/03/2008|17:35] C:\Program Files\Java
    [20/02/2008|15:28] C:\Program Files\K-Lite Codec Pack
    [02/04/2008|15:22] C:\Program Files\Konvertor
    [20/02/2008|15:28] C:\Program Files\Lavalys
    [02/04/2008|17:23] C:\Program Files\Lavasoft
    [20/02/2008|15:28] C:\Program Files\Learn2.com
    [20/02/2008|15:28] C:\Program Files\LG Electronics
    [20/02/2008|15:28] C:\Program Files\LG PC Suite
    [20/02/2008|15:28] C:\Program Files\LGGSM
    [27/02/2008|12:08] C:\Program Files\LimeWire
    [20/02/2008|15:28] C:\Program Files\Logitech
    [20/02/2008|15:28] C:\Program Files\LUXYA WC-1300 Corporation
    [24/02/2008|23:40] C:\Program Files\ma-config.com
    [20/02/2008|15:28] C:\Program Files\Managed DirectX (0901)
    [20/02/2008|15:28] C:\Program Files\MarkAny
    [20/03/2008|23:51] C:\Program Files\Messenger
    [31/03/2008|19:49] C:\Program Files\Messenger Plus! Live
    [20/02/2008|15:28] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [20/02/2008|15:28] C:\Program Files\microsoft frontpage
    [20/02/2008|15:28] C:\Program Files\Microsoft Office
    [20/02/2008|15:29] C:\Program Files\Microsoft Picture It! 9
    [20/02/2008|15:29] C:\Program Files\Microsoft Works
    [20/02/2008|15:29] C:\Program Files\Mindscape
    [24/02/2008|21:35] C:\Program Files\Movie Maker
    [06/04/2008|20:53] C:\Program Files\Mozilla Firefox
    [20/02/2008|15:29] C:\Program Files\Mozilla Thunderbird
    [02/11/2006|14:35] C:\Program Files\MSBuild
    [20/02/2008|15:29] C:\Program Files\MSN
    [20/02/2008|15:29] C:\Program Files\MSN Gaming Zone
    [20/02/2008|15:29] C:\Program Files\MSN Messenger
    [04/06/2005|18:14] C:\Program Files\MSXML 4.0
    [20/02/2008|15:29] C:\Program Files\My Games
    [20/02/2008|15:29] C:\Program Files\MyFree Codec
    [27/03/2008|19:33] C:\Program Files\MySight 2006
    [04/04/2008|22:17] C:\Program Files\Navilog1
    [20/02/2008|15:29] C:\Program Files\NETGEAR
    [24/02/2008|21:36] C:\Program Files\NetMeeting
    [20/02/2008|15:29] C:\Program Files\Nvu
    [24/02/2008|21:34] C:\Program Files\Online Services
    [20/02/2008|15:29] C:\Program Files\OpenAL
    [20/02/2008|15:30] C:\Program Files\OpenOffice.org 2.1
    [20/03/2008|23:50] C:\Program Files\Outlook Express
    [29/01/2007|08:00] C:\Program Files\Pack Securite
    [20/02/2008|15:30] C:\Program Files\PC-Doctor for Windows
    [20/02/2008|15:30] C:\Program Files\ProcessTamer
    [03/04/2008|20:48] C:\Program Files\QuickTime
    [20/02/2008|15:31] C:\Program Files\Real
    [24/02/2008|23:28] C:\Program Files\Realtek
    [24/02/2008|23:55] C:\Program Files\Realtek AC97
    [20/02/2008|15:31] C:\Program Files\Recuva
    [02/11/2006|14:35] C:\Program Files\Reference Assemblies
    [20/02/2008|15:31] C:\Program Files\Replay Converter
    [20/03/2008|21:54] C:\Program Files\Safari
    [20/02/2008|15:31] C:\Program Files\Samsung
    [20/02/2008|15:31] C:\Program Files\Screesaver
    [20/02/2008|15:31] C:\Program Files\Services en ligne
    [20/02/2008|15:31] C:\Program Files\Shock Utility
    [20/02/2008|15:31] C:\Program Files\SiS VGA Utilities V3.59e
    [20/02/2008|15:31] C:\Program Files\SmartSound Software
    [03/04/2008|21:08] C:\Program Files\Spybot - Search & Destroy
    [20/02/2008|15:32] C:\Program Files\Stardock
    [06/04/2008|11:14] C:\Program Files\Steam
    [20/02/2008|15:32] C:\Program Files\STK016_V2.02
    [20/02/2008|15:32] C:\Program Files\StuffPlug3
    [20/02/2008|15:32] C:\Program Files\STV
    [20/02/2008|15:32] C:\Program Files\Symantec
    [20/02/2008|15:32] C:\Program Files\SystemRequirementsLab
    [20/02/2008|15:32] C:\Program Files\Talkway
    [20/02/2008|15:32] C:\Program Files\TechCity Solutions
    [20/02/2008|15:32] C:\Program Files\The GodFather
    [20/02/2008|15:32] C:\Program Files\Ulead Systems
    [20/02/2008|15:32] C:\Program Files\UltraDefrag
    [20/02/2008|15:32] C:\Program Files\Unalis
    [02/11/2006|15:00] C:\Program Files\Uninstall Information
    [24/02/2008|22:47] C:\Program Files\uTorrent
    [20/02/2008|15:32] C:\Program Files\VideoLAN
    [27/08/2007|18:12] C:\Program Files\WinAce
    [20/02/2008|15:32] C:\Program Files\Winamp
    [02/11/2006|14:41] C:\Program Files\Windows Calendar
    [02/11/2006|14:41] C:\Program Files\Windows Collaboration
    [02/11/2006|14:41] C:\Program Files\Windows Defender
    [02/11/2006|14:41] C:\Program Files\Windows Journal
    [20/02/2008|15:33] C:\Program Files\Windows Live
    [20/02/2008|15:33] C:\Program Files\Windows Live Favorites
    [20/02/2008|15:33] C:\Program Files\Windows Live Safety Center
    [20/02/2008|15:33] C:\Program Files\Windows Live Toolbar
    [02/11/2006|14:41] C:\Program Files\Windows Mail
    [20/02/2008|15:33] C:\Program Files\Windows Media Components
    [20/03/2008|23:50] C:\Program Files\Windows Media Player
    [24/02/2008|21:25] C:\Program Files\Windows NT
    [02/11/2006|14:41] C:\Program Files\Windows Photo Gallery
    [21/02/2008|00:04] C:\Program Files\Windows Sidebar
    [24/02/2008|21:37] C:\Program Files\WindowsUpdate
    [20/02/2008|15:33] C:\Program Files\WinOSX
    [18/03/2008|20:37] C:\Program Files\WoW-2.3.0.7561-frFR
    [28/03/2008|19:10] C:\Program Files\WowCartographe
    [20/02/2008|15:33] C:\Program Files\xerox
    [20/02/2008|15:33] C:\Program Files\Xfire
    [20/02/2008|15:33] C:\Program Files\Xi
    [02/04/2008|17:33] C:\Program Files\Zone Labs

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------


    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-06 21:01:40
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    folder error: C:\DOCUME~1\MAMAN~1.ALA\LOCALS~1\APPLIC~1

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:90][Doss:3] C:\DOCUME~1\MAMAN~1.ALA\LOCALS~1\Temp
    /!\ [Fich:16][Doss:0] C:\DOCUME~1\MAMAN~1.ALA\Cookies
    /!\ [Fich:153][Doss:5] C:\DOCUME~1\MAMAN~1.ALA\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 21:03:29,81 ]----------------------
    6 Avril 2008 21:08:16

    Mon pc se porte mieux ! merci !
    je n'ai plus vu aucune forme de fenêtres CID et mon adsl est moins lent

    Merci bien en tout cas , dois-je mettre "résolu" ?
    6 Avril 2008 21:17:33

    C’est OK, tu n’es plus infecté(e) :p 

    1) Télécharge ToolsCleaner sur ton bureau.
    http://www.commentcamarche.net/telecharger/toolscleaner...

    Ce programme va te faire désinstaller tous les outils que je t’ai faits utiliser.

  • Clique sur Recherche et laisse le scan agir ...
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    2) Télécharge et installe Ccleaner :
    http://www.01net.com/telecharger/windows/Utilitaire/net...
  • Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires". Ensuite, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Clique sur l'onglet "Nettoyeur" puis sur "Lancer le Nettoyage".
  • Ensuite clique sur l'onglet Registre, clique sur "Chercher des erreurs" puis sur "Réparer les erreurs sélectionnées". Il est inutile de faire des sauvegardes des clés. Répète l'opération autant de fois qu'il le faut jusqu'à qu'il ne trouve plus d'erreurs.
  • Tutorial ici : http://www.infos-du-net.com/forum/272336-7-ccleaner-und...
    3)
  • Désactive ta restauration systeme

  • Réactive ta restauration systeme

  • Tutorial ici : http://www.infos-du-net.com/forum/272480-11-desactiver-...
    ********************************************************************************

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Ce serait sympa de rapporter ton infection sur > Malware-Complaints < pour faire condamner ses auteurs

    - Règles du forum <- ici
    - Poster un message <- ici ( par Malekal )

    Pour t'enregistrer clique sur le bouton register ( en haut )
    Si tu as plus de 13 ans choisis " I Agree to these terms and am over or exactly 13 years of age "
    Si tu as moins de 13 ans choisis " I Agree to these terms and am under 13 years of age "

    Tu auras une liste par type d'infection
    Si ton infection n'est pas dans la liste crée un message dans Autres infections

    a+ et bon surf :hello: 


    Quelques liens intéressants :

    http://mickael.barroux.free.fr/securite/
    http://www.malekal.com/
    http://www.infos-du-net.com/forum/275481-11-dossier-pre...
    8 Avril 2008 18:10:52

    merci beaucoup !

    tu m'as trop aidé
    20 Avril 2008 17:46:25

    hey, mon pc est redevenu lent ,tu crois que je suis encore infecté ?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:41:35, on 20/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS1\System32\smss.exe
    C:\WINDOWS1\system32\winlogon.exe
    C:\WINDOWS1\system32\services.exe
    C:\WINDOWS1\system32\lsass.exe
    C:\WINDOWS1\system32\svchost.exe
    C:\WINDOWS1\System32\svchost.exe
    C:\WINDOWS1\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS1\Explorer.EXE
    C:\WINDOWS1\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS1\system32\svchost.exe
    C:\WINDOWS1\SOUNDMAN.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS1\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS1\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\PROGRA~1\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Maman.ALAN\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS1\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS1\system32\HPZipm12.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS1\system32\ZoneLabs\vsmon.exe

    --
    End of file - 5982 bytes
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS