Se connecter / S'enregistrer
Votre question

online security guide

Tags :
  • online
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Novembre 2007 13:24:13

Bonjour. J'ai été infécté par online security guide. Que faire SVP. :( 

Autres pages sur : online security guide

21 Novembre 2007 13:35:42

Re bonjour désolé pour le deuxieme message mais j'ai analysé mon ordi
avec HijackThis v.2.0.2

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:10, on 21/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\regsvr32.exe
C:\Program Files\SecCenter\scprot4.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Documents and Settings\Jim Zoladek_2\Mes documents\telecharges\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [HPWPTOOLBOX] C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe "-i"
O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [xgxqnezi] rundll32.exe "C:\Program Files\xgxqnezi\dapstqhy.dll",Init
O4 - HKLM\..\Run: [udabelgt] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\udabelgt.dll"
O4 - HKLM\..\Run: [SC2] C:\Program Files\SecCenter\scprot4.exe
O4 - HKLM\..\Run: [18431a3c] rundll32.exe "C:\WINDOWS\system32\mjfmklwv.dll",b
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 11497 bytes

merci de m'aider S.V.P. Merci
25 Novembre 2007 12:33:07

Il me faut vraimant un helper comme angel par exemple. S'il vous plaît. :cry:  je n'y connait rien en informatique :ouch:  .
Contenus similaires
25 Novembre 2007 12:53:19

Salut,


Infection Vundo :

Fais ces manips dans l’ordre :

1/ Télécharge VundoFix.exe (d’ Atribune) :

Double-clique VundoFix.exe .
Clique sur Scan for Vundo.
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Ensuite clique sur YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu auras un message comme quoi l’ordinateur va s’éteindre, fais ok

Poste le rapport qui se trouve dans C:\vundofix.txt

2/ Télécharge Combofix (de sUBs) sur ton Bureau.

Désactive toute protection résidente ! (Antivirus, antispywares..)
Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : C:\Combofix.txt

3/ Poste un nouveau rapport HiJackThis (en ayant renommé HiJackthis.exe en SCANNER.EXE)
25 Novembre 2007 19:15:29

Tu n'est pas un helper je crois,non? :heink:  Je vais essayer dans un instant.
25 Novembre 2007 20:02:34

voilà
1)

VundoFix V6.6.2

Checking Java version...

Sun Java not detected
Scan started at 19:18:22 25/11/2007

Listing files found while scanning....

C:\windows\system32\gjkmp.ini
C:\windows\system32\gjkmp.ini2
C:\windows\system32\pmkjg.dll
C:\windows\system32\yxxtpoek.dllbox

Beginning removal...

Attempting to delete C:\windows\system32\gjkmp.ini
C:\windows\system32\gjkmp.ini Has been deleted!

Attempting to delete C:\windows\system32\gjkmp.ini2
C:\windows\system32\gjkmp.ini2 Has been deleted!

Attempting to delete C:\windows\system32\pmkjg.dll
C:\windows\system32\pmkjg.dll Has been deleted!

Attempting to delete C:\windows\system32\yxxtpoek.dllbox
C:\windows\system32\yxxtpoek.dllbox Has been deleted!

Performing Repairs to the registry.
Done!

2)

ComboFix 07-11-19.3 - Jim Zoladek_2 2007-11-25 19:39:45.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.449 [GMT 1:00]
Running from: C:\Documents and Settings\Jim Zoladek_2\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data.\udabelgt.dll
C:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk
C:\Documents and Settings\Jim Zoladek_2\Bureau\Live Safety Center.lnk
C:\Documents and Settings\Jim Zoladek_2\Bureau\Online Security Guide.lnk
C:\Program Files\SecCenter
C:\Program Files\SecCenter\scprot4.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\fibagbia
C:\WINDOWS\system32\fibagbia\bg1.gif
C:\WINDOWS\system32\fibagbia\bgtop.gif
C:\WINDOWS\system32\fibagbia\bottom1.gif
C:\WINDOWS\system32\fibagbia\essentials.gif
C:\WINDOWS\system32\fibagbia\fibagbia1.exe
C:\WINDOWS\system32\fibagbia\fibagbia2.exe
C:\WINDOWS\system32\fibagbia\fibagbia3.exe
C:\WINDOWS\system32\fibagbia\icon1.ico
C:\WINDOWS\system32\fibagbia\install1.gif
C:\WINDOWS\system32\fibagbia\left1.gif
C:\WINDOWS\system32\fibagbia\li.gif
C:\WINDOWS\system32\fibagbia\logo.gif
C:\WINDOWS\system32\fibagbia\main.htm
C:\WINDOWS\system32\fibagbia\mainframe.htm
C:\WINDOWS\system32\fibagbia\reinstall1.gif
C:\WINDOWS\system32\fibagbia\right1.gif
C:\WINDOWS\system32\fibagbia\s1.htm
C:\WINDOWS\system32\fibagbia\s2.htm
C:\WINDOWS\system32\fibagbia\s3.htm
C:\WINDOWS\system32\fibagbia\SMTop1.gif
C:\WINDOWS\system32\fibagbia\SMTop2.gif
C:\WINDOWS\system32\fibagbia\SMTop3.gif
C:\WINDOWS\system32\fibagbia\SMTop4.gif
C:\WINDOWS\system32\fibagbia\soft1_off.gif
C:\WINDOWS\system32\fibagbia\soft1_off_ext.gif
C:\WINDOWS\system32\fibagbia\soft1_on.gif
C:\WINDOWS\system32\fibagbia\soft1_on_ext.gif
C:\WINDOWS\system32\fibagbia\soft2_off.gif
C:\WINDOWS\system32\fibagbia\soft2_off_ext.gif
C:\WINDOWS\system32\fibagbia\soft2_on.gif
C:\WINDOWS\system32\fibagbia\soft2_on_ext.gif
C:\WINDOWS\system32\fibagbia\soft3_off.gif
C:\WINDOWS\system32\fibagbia\soft3_off_ext.gif
C:\WINDOWS\system32\fibagbia\soft3_on.gif
C:\WINDOWS\system32\fibagbia\soft3_on_ext.gif
C:\WINDOWS\system32\fibagbia\softbottom_off.gif
C:\WINDOWS\system32\fibagbia\softbottom_on.gif
C:\WINDOWS\system32\fibagbia\softleft_off.gif
C:\WINDOWS\system32\fibagbia\softleft_on.gif
C:\WINDOWS\system32\fibagbia\top1.gif
C:\WINDOWS\system32\fibagbia\top2.gif
C:\WINDOWS\system32\fibagbia\turnoff1.gif
C:\WINDOWS\system32\fibagbia\turnon1.gif
C:\WINDOWS\system32\winrzf32.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-25 to 2007-11-25 ))))))))))))))))))))))))))))))))))))
.

2007-11-25 19:35 143 --a------ C:\WINDOWS\system32\mcrh.tmp
2007-11-25 19:18 <REP> d-------- C:\VundoFix Backups
2007-11-25 12:42 81,490 --a------ C:\WINDOWS\system32\lkfwbhyd.dll
2007-11-25 12:36 79,936 --a------ C:\WINDOWS\system32\tlpydyfu.dll
2007-11-23 19:42 <REP> d-------- C:\Program Files\iPod
2007-11-23 18:05 83,520 --a------ C:\WINDOWS\system32\mbewucki.dll
2007-11-23 18:03 <REP> d-------- C:\Program Files\Panda Security
2007-11-23 18:02 81,625 --a------ C:\WINDOWS\system32\mmpuwsbk.dll
2007-11-22 18:03 79,936 --a------ C:\WINDOWS\system32\cfsriykw.dll
2007-11-22 17:57 81,625 --a------ C:\WINDOWS\system32\usvivrbl.dll
2007-11-20 20:26 <REP> d-------- C:\Program Files\Mozilla Thunderbird
2007-11-20 20:26 <REP> d-------- C:\Documents and Settings\Jim Zoladek_2\Application Data\Thunderbird
2007-11-20 19:45 2,589 --a------ C:\WINDOWS\mozver.dat
2007-11-20 18:31 <REP> d-------- C:\Documents and Settings\Jim Zoladek_2\Application Data\Comodo
2007-11-20 18:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2007-11-20 18:24 <REP> d-------- C:\Program Files\Comodo
2007-11-20 18:13 <REP> d-------- C:\Program Files\Lavasoft
2007-11-20 18:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-20 18:12 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-11-20 18:04 1,169,159 ---hs---- C:\WINDOWS\system32\vwlkmfjm.ini
2007-11-20 18:04 84,545 --a------ C:\WINDOWS\system32\mjfmklwv.dll
2007-11-20 18:01 84,544 --a------ C:\WINDOWS\system32\skqnxbbc.dll
2007-11-18 19:59 78,705 --a------ C:\WINDOWS\system32\gtwtsniw.dll
2007-11-18 19:50 4,156 --a------ C:\WINDOWS\system32\rcftbevs.dll
2007-11-16 18:09 <REP> d-------- C:\Program Files\xgxqnezi
2007-11-16 18:09 <REP> d-------- C:\Program Files\Juvqiskf
2007-11-16 18:09 38,912 --a------ C:\WINDOWS\system32\vtussqn.dll
2007-11-14 23:43 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2007-11-14 23:43 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2007-11-13 21:12 <REP> d-------- C:\Documents and Settings\Jim Zoladek_2\Application Data\ALLCapture
2007-11-12 18:30 <REP> d-------- C:\Documents and Settings\Jim Zoladek_2\Application Data\Skype
2007-11-12 18:29 <REP> d-------- C:\Program Files\Skype
2007-11-12 18:29 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2007-11-12 18:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-11-07 12:06 127,034 -r------- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-11-03 18:38 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-02 20:54 <REP> d-------- C:\Program Files\HHD Software
2007-11-02 19:23 <REP> d-------- C:\Program Files\CycoreFX HD 1.5
2007-11-02 19:23 90,112 --a------ C:\WINDOWS\unvise32.exe
2007-11-02 15:37 8,704 --a--c--- C:\WINDOWS\system32\dllcache\kbdjpn.dll
2007-11-02 15:37 8,192 --a--c--- C:\WINDOWS\system32\dllcache\kbdkor.dll
2007-11-02 15:37 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd106.dll
2007-11-02 15:37 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101c.dll
2007-11-02 15:37 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101b.dll
2007-11-02 15:37 5,632 --a--c--- C:\WINDOWS\system32\dllcache\kbd103.dll
2007-11-02 15:03 980 --a------ C:\WINDOWS\eReg.dat
2007-11-02 14:00 <REP> dr-h----- C:\Documents and Settings\Jim Zoladek_2\Application Data\SecuROM
2007-11-02 14:00 108,144 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-11-02 13:19 <REP> d-------- C:\Program Files\CAPCOM
2007-10-30 20:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-10-30 20:02 <REP> d-------- C:\Program Files\Bonjour
2007-10-30 19:55 625,032 --a------ C:\WINDOWS\system32\SymNeti.dll
2007-10-30 19:55 242,056 --a------ C:\WINDOWS\system32\SymRedir.dll
2007-10-30 19:53 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2007-10-30 17:07 <REP> d-------- C:\Documents and Settings\Jim Zoladek_2\Application Data\Download Manager
2007-10-30 11:37 <REP> d-------- C:\Documents and Settings\Jim Zoladek_2\Application Data\Media Player Classic
2007-10-30 09:41 22,112 -ra------ C:\WINDOWS\system32\drivers\COH_Mon.sys
2007-10-30 09:41 10,592 -ra------ C:\WINDOWS\system32\drivers\COH_Mon.cat
2007-10-30 09:41 705 -ra------ C:\WINDOWS\system32\drivers\COH_Mon.inf
2007-10-29 17:35 <REP> d-------- C:\Program Files\Norton Internet Security
2007-10-29 17:34 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-10-27 18:00 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-10-27 18:00 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2007-10-27 17:38 <REP> d--h----- C:\WINDOWS\PIF
2007-10-27 15:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2007-10-27 15:39 <REP> d-------- C:\Program Files\Pinnacle
2007-10-27 15:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2007-10-27 15:35 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2007-10-26 19:49 <REP> d-------- C:\Documents and Settings\Jim Zoladek_2\Contacts
2007-10-26 19:42 7,104 -ra------ C:\WINDOWS\system32\drivers\lv302af.sys
2007-10-26 19:41 2,180,096 -ra------ C:\WINDOWS\system32\drivers\LVSVF2.sys
2007-10-26 19:41 912,768 -ra------ C:\WINDOWS\system32\drivers\LV302AV.SYS
2007-10-26 19:41 372,736 -ra------ C:\WINDOWS\system32\LVUI2RC.dll
2007-10-26 19:41 204,800 -ra------ C:\WINDOWS\system32\LVUI2.dll
2007-10-26 19:41 22,016 -ra------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2007-10-26 19:38 <REP> d-------- C:\Program Files\Fichiers communs\FotoWire
2007-10-26 19:38 <REP> d-------- C:\Documents and Settings\Jim Zoladek_2\Application Data\FotoWire
2007-10-26 19:32 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2007-10-26 19:31 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2007-10-26 19:30 <REP> d-------- C:\Program Files\Logitech
2007-10-26 19:30 466,944 --a------ C:\WINDOWS\system32\QCUI2.dll
2007-10-26 19:30 282,624 --a------ C:\WINDOWS\system32\camcpl.cpl
2007-10-26 19:30 259,072 --a------ C:\WINDOWS\system32\LTDIS12n.dll
2007-10-26 19:30 90,112 --a------ C:\WINDOWS\system32\LQCUI2.dll
2007-10-26 19:30 86,016 --a------ C:\WINDOWS\system32\vatee.ax
2007-10-26 19:30 81,920 -r------- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-25 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-25 16:56 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-11-25 11:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-23 18:42 --------- d-----w C:\Program Files\iTunes
2007-11-23 18:38 --------- d-----w C:\Program Files\QuickTime
2007-11-21 12:57 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-17 14:05 224 ----a-w C:\Documents and Settings\Jim Zoladek_2\Application Data\wklnhst.dat
2007-11-05 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-02 14:06 --------- d-----w C:\Program Files\EA GAMES
2007-10-30 19:02 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-10-30 18:55 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys
2007-10-30 18:55 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
2007-10-30 18:55 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
2007-10-30 18:55 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
2007-10-30 18:55 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
2007-10-30 18:55 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
2007-10-30 18:55 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
2007-10-30 18:24 12,963 ----a-w C:\WINDOWS\system32\drivers\SymRedir.cat
2007-10-30 18:24 1,358 ----a-w C:\WINDOWS\system32\drivers\SymRedir.inf
2007-10-29 16:42 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-10-29 16:42 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-10-29 16:42 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-10-29 16:42 --------- d-----w C:\Program Files\Symantec
2007-10-27 17:03 --------- d-----w C:\Documents and Settings\Jim Zoladek_2\Application Data\EPSON
2007-10-26 18:32 --------- d-----w C:\Program Files\Fichiers communs\logishrd
2007-10-24 17:39 --------- d-----w C:\Program Files\Google
2007-10-23 16:52 --------- d-----w C:\Program Files\microsoft money 2005
2007-10-18 17:18 92,368 ----a-w C:\Documents and Settings\Jim Zoladek_2\Application Data\GDIPFONTCACHEV1.DAT
2007-10-14 12:55 --------- d-----w C:\Program Files\MSXML 4.0
2007-10-14 12:04 --------- d-----w C:\Program Files\Club-Internet
2007-10-14 11:02 --------- d-----w C:\Program Files\Electronic Arts
2007-10-14 10:48 --------- d-----w C:\Documents and Settings\Jim Zoladek_2\Application Data\Apple Computer
2007-10-14 10:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-10-14 10:47 --------- d-----w C:\Program Files\Apple Software Update
2007-10-14 10:46 --------- d-----w C:\Program Files\Fichiers communs\Apple
2007-10-14 10:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-10-14 10:15 --------- d-----w C:\Program Files\PDFCreator
2007-10-13 19:35 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-10-13 19:34 --------- d-----w C:\Program Files\epson
2007-10-13 19:33 --------- d-----w C:\Program Files\NewSoft
2007-10-13 19:33 --------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
2007-10-13 19:28 --------- d-----w C:\Program Files\Hewlett-Packard
2007-10-13 19:24 --------- d-----w C:\Program Files\Microsoft AutoRoute
2007-10-13 19:22 --------- d-----w C:\Program Files\Picture It! Premium 10
2007-10-13 19:22 --------- d-----w C:\Program Files\Encarta
2007-10-13 19:13 --------- d-----w C:\Program Files\Microsoft Works
2007-10-13 19:07 --------- d-----w C:\Program Files\Microsoft Works Suite 2005
2007-10-13 18:31 --------- d-----w C:\Documents and Settings\Jim Zoladek_2\Application Data\ATI
2007-10-13 18:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\MotiveSysIDs
2007-10-13 18:10 --------- d-----w C:\Program Files\Motive
2007-10-13 18:10 --------- d-----w C:\Program Files\Fichiers communs\Motive
2007-10-13 18:10 --------- d-----w C:\Program Files\Common Files
2007-10-13 18:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Motive
2007-10-13 18:05 --------- d-----w C:\Program Files\BroadJump
2007-10-13 17:24 95,168 ----a-w C:\WINDOWS\system32\drivers\CTERFXFX.sys
2007-10-13 17:24 93,632 ----a-w C:\WINDOWS\system32\drivers\COMMONFX.sys
2007-10-13 17:24 9,216 ----a-w C:\WINDOWS\system32\drivers\pfmodnt.sys
2007-10-13 17:24 9,216 ----a-w C:\WINDOWS\system32\ctpres.dll
2007-10-13 17:24 86,528 ----a-w C:\WINDOWS\system32\drivers\emupia2k.sys
2007-10-13 17:24 86,016 ----a-w C:\WINDOWS\system32\ctcoinst.dll
2007-10-13 17:24 791,040 ----a-w C:\WINDOWS\system32\drivers\ha10kx2k.sys
2007-10-13 17:24 7,680 ----a-w C:\WINDOWS\system32\drivers\ctprxy2k.sys
2007-10-13 17:24 68,032 ----a-w C:\WINDOWS\system32\drivers\CTHWIUT.sys
2007-10-13 17:24 560,576 ----a-w C:\WINDOWS\system32\drivers\CTSBLFX.sys
2007-10-13 17:24 549,312 ----a-w C:\WINDOWS\system32\drivers\CTAUDFX.sys
2007-10-13 17:24 521,344 ----a-w C:\WINDOWS\system32\drivers\ctaud2k.sys
2007-10-13 17:24 504,320 ----a-w C:\WINDOWS\system32\drivers\ctac32k.sys
2007-10-13 17:24 340,176 ----a-w C:\WINDOWS\system32\drivers\ctdvda2k.sys
2007-10-13 17:24 323,520 ----a-w C:\WINDOWS\system32\drivers\CTEDSPSY.sys
2007-10-13 17:24 3,072 ----a-w C:\WINDOWS\CTXFIRES.DLL
2007-10-13 17:24 280,512 ----a-w C:\WINDOWS\system32\drivers\CTEDSPFX.sys
2007-10-13 17:24 192,448 ----a-w C:\WINDOWS\system32\drivers\CT20XUT.sys
2007-10-13 17:24 182,784 ----a-w C:\WINDOWS\system32\drivers\haP17v2k.sys
2007-10-13 17:24 171,520 ----a-w C:\WINDOWS\system32\ctdvinst.dll
2007-10-13 17:24 167,360 ----a-w C:\WINDOWS\system32\drivers\CTEAPSFX.sys
2007-10-13 17:24 156,160 ----a-w C:\WINDOWS\system32\drivers\haP16v2k.sys
2007-10-13 17:24 150,528 ----a-w C:\WINDOWS\system32\drivers\ctsfm2k.sys
2007-10-13 17:24 128,960 ----a-w C:\WINDOWS\system32\drivers\CTEDSPIO.sys
2007-10-13 17:24 121,856 ----a-w C:\WINDOWS\system32\ctsfinst.dll
2007-10-13 17:24 119,808 ----a-w C:\WINDOWS\system32\drivers\ctoss2k.sys
2007-10-13 17:24 11,776 ----a-w C:\WINDOWS\system32\inres.dll
2007-10-13 17:24 11,776 ----a-w C:\WINDOWS\INRES.DLL
2007-10-13 17:24 10,240 ----a-w C:\WINDOWS\system32\ctdcres.dll
2007-10-13 17:24 10,240 ----a-w C:\WINDOWS\CTDCRES.DLL
2007-10-13 17:24 1,333,184 ----a-w C:\WINDOWS\system32\drivers\CTEXFIFX.sys
2007-10-13 17:24 1,166,848 ----a-w C:\WINDOWS\system32\drivers\ha20x2k.sys
2007-10-13 17:23 89,336 ----a-w C:\WINDOWS\system32\ctpxst32.exe
2007-10-13 17:23 782,336 ----a-w C:\WINDOWS\system32\OALInst.exe
2007-10-13 17:23 77,824 ----a-w C:\WINDOWS\system32\eaxac3.dll
2007-10-13 17:23 77,824 ----a-w C:\WINDOWS\system32\ctmmactl.dll
2007-10-13 17:23 69,120 ----a-w C:\WINDOWS\system32\ctosuser.dll
2007-10-13 17:23 64,512 ----a-w C:\WINDOWS\system32\piaproxy.dll
2007-10-13 17:23 6,144 ----a-w C:\WINDOWS\system32\sfman32.dll
2007-10-13 17:23 56,832 ----a-w C:\WINDOWS\system32\CTpcmcia.dll
2007-10-13 17:23 512,512 ----a-w C:\WINDOWS\system32\CTAPO32.dll
2007-10-13 17:23 5,120 ----a-w C:\WINDOWS\system32\enlocstr.exe
2007-10-13 17:23 49,664 ----a-w C:\WINDOWS\system32\ctdproxy.dll
2007-10-13 17:23 48,400 ----a-w C:\WINDOWS\system32\AddCat.exe
2007-10-13 17:23 46,592 ----a-w C:\WINDOWS\system32\ctasio.dll
2007-10-13 17:23 45,568 ----a-w C:\WINDOWS\system32\ctppld.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{200D0AAD-71B1-51C9-DDB0-092BA4662A54}]
2007-11-16 18:09 114688 --a------ C:\Program Files\Juvqiskf\ygvxmskn.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2C80EAD3-74CD-4700-83A4-AA878CD1C03C}]
2007-11-16 18:09 38912 --a------ C:\WINDOWS\system32\vtussqn.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8E2393FA-828F-4293-B154-CE23B52CA22C}]
C:\WINDOWS\system32\pmkjg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ceabe468-41e9-4c6e-9540-ccc2c64b1b5d}]
2007-11-25 12:36 79936 --a------ C:\WINDOWS\system32\tlpydyfu.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-24 13:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-13 19:39]
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" [2007-09-14 18:06]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" []
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-01-18 16:07]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 23:06]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2004-08-10 03:04]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 13:43]
"ACU"="C:\Program Files\Atheros\ACU.exe" [2006-08-09 22:20]
"CTHelper"="CTHELPER.EXE" [2007-10-13 18:23 C:\WINDOWS\system32\CtHelper.exe]
"CTxfiHlp"="CTXFIHLP.EXE" [2007-10-13 18:23 C:\WINDOWS\system32\Ctxfihlp.exe]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 16:16]
"StandardInstall"="" []
"HPWPTOOLBOX"="C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe" [2004-10-21 02:31]
"EEventManager"="C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2005-04-08 13:09]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 10:52]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 16:47]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 16:37]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-19 18:25]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-02-19 18:24]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22]
"18431a3c"="C:\WINDOWS\system32\mjfmklwv.dll" [2007-11-20 18:04]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-11-21 13:04]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-14 23:43]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-24 13:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{2C80EAD3-74CD-4700-83A4-AA878CD1C03C}"= C:\WINDOWS\system32\vtussqn.dll [2007-11-16 18:09 38912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtussqn]
vtussqn.dll 2007-11-16 18:09 38912 C:\WINDOWS\system32\vtussqn.dll


*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-10-14 10:47:21 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-05 19:47:46 C:\WINDOWS\Tasks\Norton Internet Security Online - Analyse système complète - Jim Zoladek_2.job"
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-25 19:48:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-25 19:52:49 - machine was rebooted
.
--- E O F ---


3)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:25, on 25/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Atheros\ACU.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Jim Zoladek_2\Bureau\SCANNER.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {200D0AAD-71B1-51C9-DDB0-092BA4662A54} - C:\Program Files\Juvqiskf\ygvxmskn.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {2C80EAD3-74CD-4700-83A4-AA878CD1C03C} - C:\WINDOWS\system32\vtussqn.dll
O2 - BHO: (no name) - {8E2393FA-828F-4293-B154-CE23B52CA22C} - C:\WINDOWS\system32\pmkjg.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: {d5b1b46c-2ccc-0459-e6c4-9e14864ebaec} - {ceabe468-41e9-4c6e-9540-ccc2c64b1b5d} - C:\WINDOWS\system32\tlpydyfu.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [HPWPTOOLBOX] C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe "-i"
O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [18431a3c] rundll32.exe "C:\WINDOWS\system32\mjfmklwv.dll",b
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: vtussqn - C:\WINDOWS\SYSTEM32\vtussqn.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 12256 bytes


Il n'y a plus les icones ni sur le bureau ni dans le menu démarrer.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS