VIRUS HELP
nuldel'info
-
nuldel'info -
nuldel'info -
Bonsoir,
je vous ecris car j'ai un petit probleme...
En effet en téléchargeant des programmes j'ai du tomber sur "des" ou "un" virus.
J'ai avast comme anti-virus, il m'indique que c'est un cheval de troie et me demande d'abandonner la connection que je fait aussitot et environ 30 sec, un autre message qui m'indique un virus/ver que je supprime.
Le problème c'est que ses messages d'Alertes reviennent toutes les 10 mins et rien ne change...
En parallèle, je pense que j'ai été infecté d'un spyware car j'ai pas mal de pop-up.
Cioncidence le même jour, j'ai un soucis avec ma carte son qui ne fait plus de son alor qu'elle marchait bien la veille...
Donc les questions sont :
-Suis je infecté par le cheval de troie et le ver ?
-Y-a t'il un rapport avec le ou les virus ?
Merci beaucoup beaucoup pour votre patience envers mon pavé...
gfile of HijackThis v1.99.1
Scan saved at 19:12:17, on 26/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Creative\News\NewsUpd.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\winmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: XBTP05231 Class - {031F120A-BBAF-45d8-B306-375F2A6B9398} - C:\PROGRA~1\ALCOHO~1\ALCOHO~2\a120_tb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VPNS System - {366B2151-E1C7-44a3-86A3-E5686C2A3D2F} - C:\WINDOWS\iedrives.dll
O2 - BHO: (no name) - {6171AEFD-8E56-66A1-8941-09A8A851A203} - C:\WINDOWS\system32\bdfqqgn.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8ADD8B35-10AE-4582-BB89-930B5750D03A} - C:\WINDOWS\system32\mljjh.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\epfukdlw.dll
O2 - BHO: (no name) - {EB56076C-EEB4-4FB9-BE89-04A5B6980A8E} - C:\WINDOWS\system32\mljjgfe.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [cdrom one else nurb] C:\Documents and Settings\All Users\Application Data\IDOL BAT CDROM ONE\InternetSend.exe
O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe
O4 - HKLM\..\Run: [dvsehug.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\frederic\Local Settings\Application Data\dvsehug.dll",cflvojb
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvgaf.dll,startup
O4 - HKLM\..\Run: [WinMsg] C:\WINDOWS\winmsgr.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [blah hole] C:\DOCUME~1\frederic\APPLIC~1\STUPID~1\peakgrid.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?27c90f98d4ed410aa82007108b032791
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?27c90f98d4ed410aa82007108b032791
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00000005-0000-0000-0000-100005000004} - http://code.trasferimento.biz/l/86e5ff33bd8c51fc6e56c661d619d925_35.exe
O16 - DPF: {03E0869B-EB5A-416A-8E06-93B7BCC47906} (D61315.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61315.CAB
O16 - DPF: {06FE035E-08EE-45E6-AEBA-AF58309AD512} (D21313.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21313.CAB
O16 - DPF: {0BCBDFAC-5711-4E20-9F90-3BF9DBEB718B} (D31317.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31317.CAB
O16 - DPF: {0F7E45E9-DDBF-427E-BF4F-6D16B39DD984} (D31315.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31315.CAB
O16 - DPF: {111080FC-A9B6-4FCC-A93E-97107464CFD3} (D41316.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41316.CAB
O16 - DPF: {160ABEDA-FF24-4DC7-A536-F05C75B776F7} (ENIXtras.XtrasManager) - http://srv4.mediapluspro.net/mediaplus6/Download/ENIXtras.CAB
O16 - DPF: {268E5AE2-6258-42D8-AAC4-B1D088918AEE} (D21314.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21314.CAB
O16 - DPF: {2C22D0EA-6C5E-42D0-8024-2BD8F37C3E04} (D21315.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21315.CAB
O16 - DPF: {33C7AF5C-C2B7-426C-A6AA-B8233BD8E3CC} (D61312.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61312.CAB
O16 - DPF: {3B3E8EDC-A1C9-4F19-A402-F925B8E75A8D} (D61314.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61314.CAB
O16 - DPF: {3B5AD116-7561-4983-AEA8-F18C86FBE51C} (D41317.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41317.CAB
O16 - DPF: {3B73D584-7084-45F0-AEFA-ABB0F80F689E} (ENIRtm.RuntimeManager) - http://srv4.mediapluspro.net/mediaplus6/Download/ENIRtm.CAB
O16 - DPF: {4086CE64-0D3A-44AC-B81F-9F7475286967} (D41318.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41318.CAB
O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://srv4.mediapluspro.net/mediaplus6/Download/HtmlHelpViewer.CAB
O16 - DPF: {550C6929-C77A-42D6-A9DF-FA00123C836A} (D41313.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41313.CAB
O16 - DPF: {58704D08-CAAC-4105-9DFB-7E6FF3F94CC0} (D41312.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41312.CAB
O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://srv4.mediapluspro.net/mediaplus6/Download/Inet1.CAB
O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_FR_XP.cab
O16 - DPF: {74615031-BE13-4364-A7A7-0CD1412AE189} (D21312.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21312.CAB
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://srv4.mediapluspro.net/mediaplus6/Download/tsccinst.cab
O16 - DPF: {7C07CCD1-7260-4B46-9786-70AC0873DC10} (D41311.Question0122) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41311.CAB
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {86E8C41B-D72E-4EC8-91E7-10A48C1FD75E} (D61313.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61313.CAB
O16 - DPF: {8CA6DFCD-5172-42D7-BE83-BB9BF924C9AA} (D31316.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31316.CAB
O16 - DPF: {909A40AE-D613-4C40-B610-F4036023CA20} (D21316.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21316.CAB
O16 - DPF: {93ADA669-BC67-4188-8135-C0896529EFBC} (D613.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d613.CAB
O16 - DPF: {957FABBC-B071-4CBD-83B8-99FB236AE1D2} (D41314.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41314.CAB
O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://srv4.mediapluspro.net/mediaplus6/Download/ENIBP.CAB
O16 - DPF: {A421A8A6-9133-4551-BCBB-CF2E79A9F494} (D61311.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61311.CAB
O16 - DPF: {AB907F38-6725-471A-843D-D8F7D0F9D715} (D31313.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31313.CAB
O16 - DPF: {BAEE50CA-109B-4280-8AAA-8A316C902F0E} (D31311.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31311.CAB
O16 - DPF: {C942A79B-01ED-47EE-9DAA-1EFAA70DAB8E} (VacPro.int_ver22b) - http://www.muiegaozsicur.com/ocx/intES_ver22b.CAB
O16 - DPF: {CD4410E2-B040-4C86-B2B8-1E3E158157F0} (D21311.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21311.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D163ED65-9880-49B3-B83A-E120D542C6C1} (D31312.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31312.CAB
O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://srv4.mediapluspro.net/mediaplus6/Download/ENIInetTools.CAB
O16 - DPF: {E7E826BF-9635-4CB7-A6F5-20A6C5E7DEBB} (D31314.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31314.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: mljjgfe - C:\WINDOWS\SYSTEM32\mljjgfe.dll
O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winmyy32 - C:\WINDOWS\SYSTEM32\winmyy32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Ps: j'envoi un rapport avec Hijack
je vous ecris car j'ai un petit probleme...
En effet en téléchargeant des programmes j'ai du tomber sur "des" ou "un" virus.
J'ai avast comme anti-virus, il m'indique que c'est un cheval de troie et me demande d'abandonner la connection que je fait aussitot et environ 30 sec, un autre message qui m'indique un virus/ver que je supprime.
Le problème c'est que ses messages d'Alertes reviennent toutes les 10 mins et rien ne change...
En parallèle, je pense que j'ai été infecté d'un spyware car j'ai pas mal de pop-up.
Cioncidence le même jour, j'ai un soucis avec ma carte son qui ne fait plus de son alor qu'elle marchait bien la veille...
Donc les questions sont :
-Suis je infecté par le cheval de troie et le ver ?
-Y-a t'il un rapport avec le ou les virus ?
Merci beaucoup beaucoup pour votre patience envers mon pavé...
gfile of HijackThis v1.99.1
Scan saved at 19:12:17, on 26/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Creative\News\NewsUpd.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\winmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: XBTP05231 Class - {031F120A-BBAF-45d8-B306-375F2A6B9398} - C:\PROGRA~1\ALCOHO~1\ALCOHO~2\a120_tb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VPNS System - {366B2151-E1C7-44a3-86A3-E5686C2A3D2F} - C:\WINDOWS\iedrives.dll
O2 - BHO: (no name) - {6171AEFD-8E56-66A1-8941-09A8A851A203} - C:\WINDOWS\system32\bdfqqgn.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8ADD8B35-10AE-4582-BB89-930B5750D03A} - C:\WINDOWS\system32\mljjh.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\epfukdlw.dll
O2 - BHO: (no name) - {EB56076C-EEB4-4FB9-BE89-04A5B6980A8E} - C:\WINDOWS\system32\mljjgfe.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [cdrom one else nurb] C:\Documents and Settings\All Users\Application Data\IDOL BAT CDROM ONE\InternetSend.exe
O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe
O4 - HKLM\..\Run: [dvsehug.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\frederic\Local Settings\Application Data\dvsehug.dll",cflvojb
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvgaf.dll,startup
O4 - HKLM\..\Run: [WinMsg] C:\WINDOWS\winmsgr.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [blah hole] C:\DOCUME~1\frederic\APPLIC~1\STUPID~1\peakgrid.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?27c90f98d4ed410aa82007108b032791
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?27c90f98d4ed410aa82007108b032791
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00000005-0000-0000-0000-100005000004} - http://code.trasferimento.biz/l/86e5ff33bd8c51fc6e56c661d619d925_35.exe
O16 - DPF: {03E0869B-EB5A-416A-8E06-93B7BCC47906} (D61315.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61315.CAB
O16 - DPF: {06FE035E-08EE-45E6-AEBA-AF58309AD512} (D21313.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21313.CAB
O16 - DPF: {0BCBDFAC-5711-4E20-9F90-3BF9DBEB718B} (D31317.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31317.CAB
O16 - DPF: {0F7E45E9-DDBF-427E-BF4F-6D16B39DD984} (D31315.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31315.CAB
O16 - DPF: {111080FC-A9B6-4FCC-A93E-97107464CFD3} (D41316.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41316.CAB
O16 - DPF: {160ABEDA-FF24-4DC7-A536-F05C75B776F7} (ENIXtras.XtrasManager) - http://srv4.mediapluspro.net/mediaplus6/Download/ENIXtras.CAB
O16 - DPF: {268E5AE2-6258-42D8-AAC4-B1D088918AEE} (D21314.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21314.CAB
O16 - DPF: {2C22D0EA-6C5E-42D0-8024-2BD8F37C3E04} (D21315.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21315.CAB
O16 - DPF: {33C7AF5C-C2B7-426C-A6AA-B8233BD8E3CC} (D61312.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61312.CAB
O16 - DPF: {3B3E8EDC-A1C9-4F19-A402-F925B8E75A8D} (D61314.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61314.CAB
O16 - DPF: {3B5AD116-7561-4983-AEA8-F18C86FBE51C} (D41317.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41317.CAB
O16 - DPF: {3B73D584-7084-45F0-AEFA-ABB0F80F689E} (ENIRtm.RuntimeManager) - http://srv4.mediapluspro.net/mediaplus6/Download/ENIRtm.CAB
O16 - DPF: {4086CE64-0D3A-44AC-B81F-9F7475286967} (D41318.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41318.CAB
O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://srv4.mediapluspro.net/mediaplus6/Download/HtmlHelpViewer.CAB
O16 - DPF: {550C6929-C77A-42D6-A9DF-FA00123C836A} (D41313.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41313.CAB
O16 - DPF: {58704D08-CAAC-4105-9DFB-7E6FF3F94CC0} (D41312.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41312.CAB
O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://srv4.mediapluspro.net/mediaplus6/Download/Inet1.CAB
O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_FR_XP.cab
O16 - DPF: {74615031-BE13-4364-A7A7-0CD1412AE189} (D21312.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21312.CAB
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://srv4.mediapluspro.net/mediaplus6/Download/tsccinst.cab
O16 - DPF: {7C07CCD1-7260-4B46-9786-70AC0873DC10} (D41311.Question0122) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41311.CAB
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {86E8C41B-D72E-4EC8-91E7-10A48C1FD75E} (D61313.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61313.CAB
O16 - DPF: {8CA6DFCD-5172-42D7-BE83-BB9BF924C9AA} (D31316.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31316.CAB
O16 - DPF: {909A40AE-D613-4C40-B610-F4036023CA20} (D21316.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21316.CAB
O16 - DPF: {93ADA669-BC67-4188-8135-C0896529EFBC} (D613.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d613.CAB
O16 - DPF: {957FABBC-B071-4CBD-83B8-99FB236AE1D2} (D41314.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/413F/D41314.CAB
O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://srv4.mediapluspro.net/mediaplus6/Download/ENIBP.CAB
O16 - DPF: {A421A8A6-9133-4551-BCBB-CF2E79A9F494} (D61311.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/613F/d61311.CAB
O16 - DPF: {AB907F38-6725-471A-843D-D8F7D0F9D715} (D31313.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31313.CAB
O16 - DPF: {BAEE50CA-109B-4280-8AAA-8A316C902F0E} (D31311.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31311.CAB
O16 - DPF: {C942A79B-01ED-47EE-9DAA-1EFAA70DAB8E} (VacPro.int_ver22b) - http://www.muiegaozsicur.com/ocx/intES_ver22b.CAB
O16 - DPF: {CD4410E2-B040-4C86-B2B8-1E3E158157F0} (D21311.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/213F/D21311.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D163ED65-9880-49B3-B83A-E120D542C6C1} (D31312.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31312.CAB
O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://srv4.mediapluspro.net/mediaplus6/Download/ENIInetTools.CAB
O16 - DPF: {E7E826BF-9635-4CB7-A6F5-20A6C5E7DEBB} (D31314.Module) - http://srv4.mediapluspro.net/mediaplus6/Download/313F/D31314.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: mljjgfe - C:\WINDOWS\SYSTEM32\mljjgfe.dll
O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winmyy32 - C:\WINDOWS\SYSTEM32\winmyy32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Ps: j'envoi un rapport avec Hijack
A voir également:
- VIRUS HELP
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
