infection ( peu etre ) coup de pouce !

[psychocat]

bon ouai

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:22:23, on 24/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Program Files (x86)Lexmark 2500 Serieslxddmon.exe
C:Program Files (x86)Lexmark 2500 Serieslxddamon.exe
C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe
C:Program Files (x86)Common FilesAheadLibNMBgMonitor.exe
C:Program Files (x86)Windows LiveMessengermsnmsgr.exe
C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtMng.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Program Files (x86)Javajre1.6.0_07injusched.exe
C:Program Files (x86)CyberLinkPowerDVDPDVDServ.exe
C:Program Files (x86)ScanSoftOmniPageSE4OpWareSE4.exe
C:Program FilesLogitechSetPointx86SetPoint32.exe
C:Program Files (x86)ToshibaBluetooth Toshiba StackTosA2dp.exe
C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtHid.exe
C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtHsp.exe
C:Program Files (x86)ToshibaBluetooth Toshiba StackTosAVRC.exe
C:Program Files (x86)Common FilesAheadLibNMIndexStoreSvr.exe
C:WindowsSysWOW64conime.exe
C:Program Files (x86)Internet Explorerieuser.exe
C:UsersMechain CedricDownloadsHiJackThis.exe
C:WindowsSysWOW64DllHost.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.orange.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:Program Files (x86)BitComet oolsBitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre1.6.0_07inssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program Files (x86)Javajre1.6.0_07injusched.exe"
O4 - HKLM..Run: [NBKeyScan] "C:Program Files (x86)NeroNero 7Nero BackItUpNBKeyScan.exe"
O4 - HKLM..Run: [RemoteControl] "C:Program Files (x86)CyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [LanguageShortcut] "C:Program Files (x86)CyberLinkPowerDVDLanguageLanguage.exe"
O4 - HKLM..Run: [FaxCenterServer] "C:Program Files (x86)Lexmark Fax Solutionsfm3032.exe" /s
O4 - HKLM..Run: [OPSE reminder] "C:Program Files (x86)ScanSoftOmniPageSE2.0EregFreEreg.exe" -r "C:Program Files (x86)ScanSoftOmniPageSE2.0EregFreereg.ini"
O4 - HKLM..Run: [SSBkgdUpdate] "C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe" -Embedding -boot
O4 - HKLM..Run: [OpwareSE4] "C:Program Files (x86)ScanSoftOmniPageSE4OpwareSE4.exe"
O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 - HKCU..Run: [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program Files (x86)Common FilesAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [MsnMsgr] "C:Program Files (x86)Windows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:Program Files (x86)BitCometBitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:Program Files (x86)BitCometBitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:Program Files (x86)BitCometBitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:Program Files (x86)BitComet oolsBitCometBHO_1.2.2.28.dll/206 (file missing)
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:Program FilesCommon FilesLogitechBluetoothLBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program Files (x86)Common FilesLightScribeLSSrvc.exe
O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:Windowssystem32spoolDRIVERSx643\lxddserv.exe
O23 - Service: lxdd_device - - C:Windowssystem32lxddcoms.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:Program Files (x86)NeroNero 7Nero BackItUpNBService.exe
O23 - Service: @%SystemRoot%System32
etlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:Program Files (x86)Common FilesAheadLibNMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:Windowssystem32
vvsvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:WindowsSysWOW64IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:Program Files (x86)CyberLinkShared FilesRichVideo.exe
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

--
End of file - 8995 bytes

voila merci de me dire quoi , moi je vois rien de bizarre mais bon je suis une quiche !

[Skynet]

Salut psychocat ,

Les lignes inconnues à vérifier (Windows 64bits) :

C:WindowsSysWOW64conime.exe

C:WindowsSysWOW64DllHost.exe

Les lignes à effacer navigateur fermé :

F2 - REG:system.ini: UserInit=userinit.exe

O13 - Gopher Prefix:

Les fichiers absents à effacer :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:Program Files (x86)BitComet oolsBitCometBHO_1.2.2.28.dll/206 (file missing)

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)

[psychocat]

merci toi

bon apres un fixe checked

a part :

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:Program Files (x86)BitComet oolsBitCometBHO_1.2.2.28.dll/206 (file missing)

ils reviennent tous a chaque nouveau scan !

[Skynet]

En mode sans échec ?