no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
IEXPLORE.EXE
oakley, le lun. 05 sept. 2005 à 01:22:03
j'ai effectué tes étapes en totalité.
Et ce n'est que du bonheur quand je redemarre le pc et que le processus Iexplore.exe n'etait pas activé.
Je vous poste le dernier log au cas ou .

Je vous remerci du fond du coeur de m'avoir aidé, dirigé, et réglé mon souci.
Je vous tiens au courant de l'eradication complette dans les prochains jours.

merci a toi Jean et Moe31, vous etes vraiment des coeurs...que du bonheur...merci


Logfile of HijackThis v1.99.1
Scan saved at 01:11:40, on 05/09/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Logitiels\antivirus\aswclnr-avest antivirus\aswUpdSv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Logitiels\antivirus\aswclnr-avest antivirus\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\LOGITI~1\DSSIN~1\-3DSTU~1\Brazil\Licensing\sfmgr\sfmgr.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\System32\devldr32.exe
C:\Logitiels\Internet\dumeter3\DU Meter\DUMeter.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\LOGITI~1\ANTIVI~1\ASWCLN~1\ashDisp.exe
C:\Logitiels\antivirus\zone alarm\ZoneAlarm\zlclient.exe
C:\Logitiels\Internet\Microsoft Antispyware\antispyware\gcasServ.exe
D:\moto gp 3\antiblaxx\Anti-Blaxx\Anti-Blaxx.exe
C:\Logitiels\Internet\Microsoft Antispyware\antispyware\gcasDtServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Logitiels\antivirus\aswclnr-avest antivirus\ashMaiSv.exe
C:\Logitiels\antivirus\aswclnr-avest antivirus\ashWebSv.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Logitiels\antivirus\Spybot13\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cukecvxtvxkpggm.org/d5Bqu/7XUIAN0UWC5_lQHh0CfS2_DVSnVCspxg8eGsyF4LC6QBOBdcDhQm32tfmn.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.altbinnewsgroup.com/index.php?country=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cukecvxtvxkpggm.org/d5Bqu/7XUIAN0UWC5_lQHh0CfS2_DVSnVCspxg8eGsyF4LC6QBOBdcDhQm32tfmn.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.altbinnewsgroup.com/index.php?country=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\logitiels\déssin\adobe acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\LOGITI~1\ANTIVI~1\Spybot13\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\LOGITI~1\Internet\Flashget\FlashGet\jccatch.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [DU Meter] C:\Logitiels\Internet\dumeter3\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\LOGITI~1\ANTIVI~1\ASWCLN~1\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\System32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Logitiels\antivirus\zone alarm\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWFX5V_0001_0802NetInstaller.exe"/BEFOREINSTALL
O4 - HKLM\..\Run: [gcasServ] "C:\Logitiels\Internet\Microsoft Antispyware\antispyware\gcasServ.exe"
O4 - HKLM\..\Run: [Anti-Blaxx Manager] D:\moto gp 3\antiblaxx\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Logitiels\antivirus\Spybot13\Spybot - Search & Destroy\TeaTimer.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Logitiels\Internet\Flashget\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Logitiels\Internet\Flashget\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\LOGITI~1\Internet\Flashget\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\LOGITI~1\Internet\Flashget\FlashGet\flashget.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\LOGITI~1\Internet\YAHOOM~1\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\LOGITI~1\Internet\YAHOOM~1\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Logitiels\antivirus\aswclnr-avest antivirus\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Logitiels\antivirus\aswclnr-avest antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Logitiels\antivirus\aswclnr-avest antivirus\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Logitiels\antivirus\aswclnr-avest antivirus\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: CaReTaKeR-CT NetMgr 1.2.1 (sfmgr) - Unknown owner - C:\LOGITI~1\DSSIN~1\-3DSTU~1\Brazil\Licensing\sfmgr\sfmgr.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Précédentmoe31
sept. 05
moe31
sept. 05
Suivant
REPONSES
stael
sept. 05
oakley
sept. 05
jean38
sept. 05
oakley
sept. 05
jean38
sept. 05
oakley
sept. 05
jean38
sept. 05
moe31
sept. 05
oakley
sept. 05
moe31
sept. 05
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save