[VIRUS] Infecté par Trojan-Downloader.win32
Maffiou
-
atomy Messages postés 442 Statut Membre -
atomy Messages postés 442 Statut Membre -
Rapport de AVG AntiSpyware :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:00:05 22/03/2007
+ Résultat de l'analyse:
:mozilla.80:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.73:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.43:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.40:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.55:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.57:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.69:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.71:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.72:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.49:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.50:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.52:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.53:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.54:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.36:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.37:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.38:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.76:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.77:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.78:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.34:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.35:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
[1364] VM_00AF0000 -> Trojan.Small.fb : Aucune action entreprise.
[1744] VM_00B40000 -> Trojan.Small.fb : Aucune action entreprise.
[2064] VM_009F0000 -> Trojan.Small.fb : Aucune action entreprise.
[2112] VM_00AA0000 -> Trojan.Small.fb : Aucune action entreprise.
[2136] VM_016E0000 -> Trojan.Small.fb : Aucune action entreprise.
[2172] VM_00B60000 -> Trojan.Small.fb : Aucune action entreprise.
[2484] VM_00A30000 -> Trojan.Small.fb : Aucune action entreprise.
[2552] VM_00B50000 -> Trojan.Small.fb : Aucune action entreprise.
[2816] VM_00920000 -> Trojan.Small.fb : Aucune action entreprise.
[2860] VM_003D0000 -> Trojan.Small.fb : Aucune action entreprise.
[3140] VM_00A50000 -> Trojan.Small.fb : Aucune action entreprise.
[3252] VM_022E0000 -> Trojan.Small.fb : Aucune action entreprise.
[3476] VM_01030000 -> Trojan.Small.fb : Aucune action entreprise.
[432] VM_00A80000 -> Trojan.Small.fb : Aucune action entreprise.
[484] VM_00BE0000 -> Trojan.Small.fb : Aucune action entreprise.
[592] VM_00BA0000 -> Trojan.Small.fb : Aucune action entreprise.
[796] VM_035B0000 -> Trojan.Small.fb : Aucune action entreprise.
[820] VM_00D70000 -> Trojan.Small.fb : Aucune action entreprise.
Fin du rapport
----------------------------------------------------------------
Rapport de HijackThis :
Logfile of HijackThis v1.99.1
Scan saved at 19:33:29, on 22/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Dial-Messenger.lnk = C:\Program Files\Dial-Messenger\Dial-Messenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Dial-Messenger.lnk = C:\Program Files\Dial-Messenger\Dial-Messenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{566829E0-EF9A-4444-A93F-9363EE68221D}: NameServer = 85.255.115.60,85.255.112.136
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DBF2672-6542-427E-95C5-DADBB9FD19D2}: NameServer = 85.255.115.60,85.255.112.136
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.136
O17 - HKLM\System\CS1\Services\Tcpip\..\{566829E0-EF9A-4444-A93F-9363EE68221D}: NameServer = 85.255.115.60,85.255.112.136
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.136
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Merci D'avance :)
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:00:05 22/03/2007
+ Résultat de l'analyse:
:mozilla.80:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.73:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.43:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.40:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.55:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.57:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.69:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.71:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.72:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.49:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.50:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.52:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.53:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.54:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.36:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.37:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.38:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.76:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.77:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.78:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.34:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.35:C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\ltxuasro.Yoann\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
[1364] VM_00AF0000 -> Trojan.Small.fb : Aucune action entreprise.
[1744] VM_00B40000 -> Trojan.Small.fb : Aucune action entreprise.
[2064] VM_009F0000 -> Trojan.Small.fb : Aucune action entreprise.
[2112] VM_00AA0000 -> Trojan.Small.fb : Aucune action entreprise.
[2136] VM_016E0000 -> Trojan.Small.fb : Aucune action entreprise.
[2172] VM_00B60000 -> Trojan.Small.fb : Aucune action entreprise.
[2484] VM_00A30000 -> Trojan.Small.fb : Aucune action entreprise.
[2552] VM_00B50000 -> Trojan.Small.fb : Aucune action entreprise.
[2816] VM_00920000 -> Trojan.Small.fb : Aucune action entreprise.
[2860] VM_003D0000 -> Trojan.Small.fb : Aucune action entreprise.
[3140] VM_00A50000 -> Trojan.Small.fb : Aucune action entreprise.
[3252] VM_022E0000 -> Trojan.Small.fb : Aucune action entreprise.
[3476] VM_01030000 -> Trojan.Small.fb : Aucune action entreprise.
[432] VM_00A80000 -> Trojan.Small.fb : Aucune action entreprise.
[484] VM_00BE0000 -> Trojan.Small.fb : Aucune action entreprise.
[592] VM_00BA0000 -> Trojan.Small.fb : Aucune action entreprise.
[796] VM_035B0000 -> Trojan.Small.fb : Aucune action entreprise.
[820] VM_00D70000 -> Trojan.Small.fb : Aucune action entreprise.
Fin du rapport
----------------------------------------------------------------
Rapport de HijackThis :
Logfile of HijackThis v1.99.1
Scan saved at 19:33:29, on 22/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Dial-Messenger.lnk = C:\Program Files\Dial-Messenger\Dial-Messenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Dial-Messenger.lnk = C:\Program Files\Dial-Messenger\Dial-Messenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{566829E0-EF9A-4444-A93F-9363EE68221D}: NameServer = 85.255.115.60,85.255.112.136
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DBF2672-6542-427E-95C5-DADBB9FD19D2}: NameServer = 85.255.115.60,85.255.112.136
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.136
O17 - HKLM\System\CS1\Services\Tcpip\..\{566829E0-EF9A-4444-A93F-9363EE68221D}: NameServer = 85.255.115.60,85.255.112.136
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.136
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Merci D'avance :)
A voir également:
- [VIRUS] Infecté par Trojan-Downloader.win32
- Virus mcafee - Accueil - Piratage
- Softonic virus ✓ - Forum Virus
- Artemis virus - Forum Virus
- Virus informatique - Guide
- Virus facebook demande d'amis - Accueil - Facebook
1 réponse
Salut,
Si tu as un virus... met tous les fichiers en quarantaine... et ensuite vérifie si tout fonctionne normalement... si telle est le cas, tu pourras effacer les fichiers infectés... au sinon... il faudra chercher quelque chose d'autres...
Tant que les fichiers sont en quarantaine, ils ne pourront rien faire... mais si tu ne fais rien, ils vont continuer à s'amuser...
Si tu as un virus... met tous les fichiers en quarantaine... et ensuite vérifie si tout fonctionne normalement... si telle est le cas, tu pourras effacer les fichiers infectés... au sinon... il faudra chercher quelque chose d'autres...
Tant que les fichiers sont en quarantaine, ils ne pourront rien faire... mais si tu ne fais rien, ils vont continuer à s'amuser...
