Trojan-Downloader.JS.gen
clandé
Messages postés
3
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour, je suis infecté par un trojan, et dans Kaspersky lors de l'analyse, dans l'onglet "infecté" il m'indique : "découvert : cheval de Troie Trojan-Downloader.JS.gen (modification) Script : http://www.summervids.com/index.html[4] " ainsi que : "BAD_STATUS(1) <inconnu> (modification)"
je ne sais pas ou se loge le virus n'y comment m'en débarasser! Si vous pouvez m'aider. merci
je ne sais pas ou se loge le virus n'y comment m'en débarasser! Si vous pouvez m'aider. merci
A voir également:
- Trojan-Downloader.JS.gen
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Trojan al11 ✓ - Forum Virus
- Virus trojan al11 ✓ - Forum Virus
- Trojan win32 - Forum Virus
3 réponses
Salut,
fait ça pour vérifier
Télécharge HijackThis:
hijackthis
Installe le dans son propre dossier:
-clic droit sur le bureau, choisis "nouveau dossier" puis installe le dedans.
Lance le, clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici stp
fait ça pour vérifier
Télécharge HijackThis:
hijackthis
Installe le dans son propre dossier:
-clic droit sur le bureau, choisis "nouveau dossier" puis installe le dedans.
Lance le, clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici stp
Désinstalle AVG antivirus tu as déjà Kaspersky c'est plus que suffisant.
Fait ça:
¤ Pour mettre à jour JAVA
-Clique sur démarrer, panneau de configuration, en haut à gauche, tu choisis "basculer vers l'affichage classique"
- Tu choisis l'icône "Java" double clique dessus, clique sur l'onglet "mise à jour" puis "mise à jour maintenant" et télécharge la dernière version qu'il te trouvera
Puis
telecharge ComboFix
http://download.bleepingcomputer.com/sUBs/combofix.exe
appuyes sur "Y" pour continuer
Attends quelques minutes..un rapport va s'ouvrir enregistre son contenu, puis copie et colle le sur ici stp
Fait ça:
¤ Pour mettre à jour JAVA
-Clique sur démarrer, panneau de configuration, en haut à gauche, tu choisis "basculer vers l'affichage classique"
- Tu choisis l'icône "Java" double clique dessus, clique sur l'onglet "mise à jour" puis "mise à jour maintenant" et télécharge la dernière version qu'il te trouvera
Puis
telecharge ComboFix
http://download.bleepingcomputer.com/sUBs/combofix.exe
appuyes sur "Y" pour continuer
Attends quelques minutes..un rapport va s'ouvrir enregistre son contenu, puis copie et colle le sur ici stp
voila ca me met : St‚phane - 06-12-04 0:47:55,03 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\St‚phane\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 ))))))))))))))))))))))))))))))))))
2006-12-03 23:12 <REP> d-------- C:\Program Files\NewsLeecher
2006-12-03 14:35 5,120 --a------ C:\explorer1.exe
2006-12-01 18:52 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\CopyToDvd
2006-12-01 18:47 81,920 --a------ C:\Documents and Settings\St‚phane\Application Data\ezpinst.exe
2006-12-01 18:47 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2006-12-01 18:47 47,360 --a------ C:\Documents and Settings\St‚phane\Application Data\pcouffin.sys
2006-12-01 18:47 <REP> d-------- C:\Program Files\VSO
2006-12-01 18:47 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\Vso
2006-11-28 00:23 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\vlc
2006-11-27 22:53 <REP> d-------- C:\Program Files\VideoLAN
2006-11-26 05:05 <REP> d-------- C:\WINDOWS\system32\LogFiles
2006-11-24 20:00 <REP> d-------- C:\WINDOWS\Sun
2006-11-24 20:00 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\Sun
2006-11-23 23:08 <REP> d-------- C:\Program Files\WinRAR
2006-11-23 21:25 <REP> d-------- C:\Downloads
2006-11-23 20:37 <REP> d-------- C:\Program Files\GrabIt
2006-11-22 19:03 <REP> d-------- C:\Documents and Settings\St‚phane\Shared
2006-11-22 19:03 <REP> d-------- C:\Documents and Settings\St‚phane\Incomplete
2006-11-22 19:00 <REP> d-------- C:\Documents and Settings\St‚phane\.limewire
2006-11-22 00:05 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\AVG7
2006-11-22 00:02 <REP> d-------- C:\Program Files\Grisoft
2006-11-22 00:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2006-11-21 23:52 <REP> d-------- C:\Program Files\Shareaza
2006-11-21 23:26 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\UseNeXT
2006-11-21 23:00 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\Google
2006-11-21 20:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-11-10 19:03 <REP> d--hs---- C:\WINDOWS\ftpcache
2006-11-10 19:03 <REP> d-------- C:\Program Files\Free
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-04 00:44 -------- d---s---- C:\Documents and Settings\St‚phane\Application Data\Microsoft
2006-12-02 11:37 -------- d-------- C:\Program Files\eMule
2006-12-01 18:48 34 --a------ C:\Documents and Settings\St‚phane\Application Data\pcouffin.log
2006-12-01 18:47 7176 --a------ C:\Documents and Settings\St‚phane\Application Data\pcouffin.cat
2006-12-01 18:47 1144 --a------ C:\Documents and Settings\St‚phane\Application Data\pcouffin.inf
2006-12-01 00:01 -------- d-------- C:\Documents and Settings\St‚phane\Application Data\BearShare
2006-11-24 08:09 -------- d-------- C:\Program Files\BitComet
2006-11-23 23:36 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll
2006-11-23 19:14 -------- d-------- C:\Program Files\Services en ligne
2006-11-21 20:01 -------- d-------- C:\Program Files\Google
2006-11-21 18:30 61072 --a------ C:\WINDOWS\system32\drivers\klick.sys
2006-11-21 18:30 59536 --a------ C:\WINDOWS\system32\drivers\klin.sys
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_04\\bin\\jusched.exe"
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"PTHOSTTR"="C:\\Program Files\\HPQ\\HP ProtectTools Security Manager\\PTHOSTTR.EXE /Start"
"UpdateManager"="\"C:\\Program Files\\Fichiers communs\\Sonic\\Update Manager\\sgtray.exe\" /r"
"DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"
"eabconfg.cpl"="C:\\Program Files\\HPQ\\Quick Launch Buttons\\EabServr.exe /Start"
"CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe"
"kis"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe\""
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Completion time: 06-12-04 0:48:44.70
C:\ComboFix.txt ... 06-12-04 00:48
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\St‚phane\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 ))))))))))))))))))))))))))))))))))
2006-12-03 23:12 <REP> d-------- C:\Program Files\NewsLeecher
2006-12-03 14:35 5,120 --a------ C:\explorer1.exe
2006-12-01 18:52 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\CopyToDvd
2006-12-01 18:47 81,920 --a------ C:\Documents and Settings\St‚phane\Application Data\ezpinst.exe
2006-12-01 18:47 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2006-12-01 18:47 47,360 --a------ C:\Documents and Settings\St‚phane\Application Data\pcouffin.sys
2006-12-01 18:47 <REP> d-------- C:\Program Files\VSO
2006-12-01 18:47 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\Vso
2006-11-28 00:23 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\vlc
2006-11-27 22:53 <REP> d-------- C:\Program Files\VideoLAN
2006-11-26 05:05 <REP> d-------- C:\WINDOWS\system32\LogFiles
2006-11-24 20:00 <REP> d-------- C:\WINDOWS\Sun
2006-11-24 20:00 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\Sun
2006-11-23 23:08 <REP> d-------- C:\Program Files\WinRAR
2006-11-23 21:25 <REP> d-------- C:\Downloads
2006-11-23 20:37 <REP> d-------- C:\Program Files\GrabIt
2006-11-22 19:03 <REP> d-------- C:\Documents and Settings\St‚phane\Shared
2006-11-22 19:03 <REP> d-------- C:\Documents and Settings\St‚phane\Incomplete
2006-11-22 19:00 <REP> d-------- C:\Documents and Settings\St‚phane\.limewire
2006-11-22 00:05 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\AVG7
2006-11-22 00:02 <REP> d-------- C:\Program Files\Grisoft
2006-11-22 00:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2006-11-21 23:52 <REP> d-------- C:\Program Files\Shareaza
2006-11-21 23:26 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\UseNeXT
2006-11-21 23:00 <REP> d-------- C:\Documents and Settings\St‚phane\Application Data\Google
2006-11-21 20:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-11-10 19:03 <REP> d--hs---- C:\WINDOWS\ftpcache
2006-11-10 19:03 <REP> d-------- C:\Program Files\Free
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-04 00:44 -------- d---s---- C:\Documents and Settings\St‚phane\Application Data\Microsoft
2006-12-02 11:37 -------- d-------- C:\Program Files\eMule
2006-12-01 18:48 34 --a------ C:\Documents and Settings\St‚phane\Application Data\pcouffin.log
2006-12-01 18:47 7176 --a------ C:\Documents and Settings\St‚phane\Application Data\pcouffin.cat
2006-12-01 18:47 1144 --a------ C:\Documents and Settings\St‚phane\Application Data\pcouffin.inf
2006-12-01 00:01 -------- d-------- C:\Documents and Settings\St‚phane\Application Data\BearShare
2006-11-24 08:09 -------- d-------- C:\Program Files\BitComet
2006-11-23 23:36 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll
2006-11-23 19:14 -------- d-------- C:\Program Files\Services en ligne
2006-11-21 20:01 -------- d-------- C:\Program Files\Google
2006-11-21 18:30 61072 --a------ C:\WINDOWS\system32\drivers\klick.sys
2006-11-21 18:30 59536 --a------ C:\WINDOWS\system32\drivers\klin.sys
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_04\\bin\\jusched.exe"
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"PTHOSTTR"="C:\\Program Files\\HPQ\\HP ProtectTools Security Manager\\PTHOSTTR.EXE /Start"
"UpdateManager"="\"C:\\Program Files\\Fichiers communs\\Sonic\\Update Manager\\sgtray.exe\" /r"
"DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"
"eabconfg.cpl"="C:\\Program Files\\HPQ\\Quick Launch Buttons\\EabServr.exe /Start"
"CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe"
"kis"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe\""
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Completion time: 06-12-04 0:48:44.70
C:\ComboFix.txt ... 06-12-04 00:48
Scan saved at 23:00:06, on 03/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Stéphane\Bureau\Nouveau dossier\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = ASEV
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe