Infecté par un trojan SOS besoin daide
Résolu
imissu16-jenn
-
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
bonjour je suis actuellemet en train d'essayer de debarrasser mon ordi d'un trojan, je pensait m'en être debarraser mais je recoit encore des message d'avertissement de avast. actuellement je suis en scann en ligne bitdefender, j'ai deja fais ccleaner et ad aware. et la j'aaten la fin de bitdefender pour faire msnfix.
je demande un pe d'aide pour savoir si je m en suis bien debarrasser
je demande un pe d'aide pour savoir si je m en suis bien debarrasser
A voir également:
- Infecté par un trojan SOS besoin daide
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Trojan sms-par google - Accueil - Virus
- Google Messages va mieux vous protéger des liens dangereux - Accueil - Messagerie instantanée
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Trojan b901 system32 win config 34 ✓ - Forum Virus
7 réponses
Bienvenue sur le forum d’entraide de CommentCaMarche.net
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre-le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
Clique sur "do a system scan and save logfile" (cf démo)
Faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre-le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
Clique sur "do a system scan and save logfile" (cf démo)
Faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:45, on 15/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ps2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] C:\WINDOWS\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
Scan saved at 12:32:45, on 15/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ps2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] C:\WINDOWS\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
OK
Télécharge Combofix sUBs :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Télécharge Combofix sUBs :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
ComboFix 07-08-14.4 - "Benjamin" 2007-08-15 13:39:59.2 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.152 [GMT 2:00]
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\BENJAM~1.NOM.\aria.txt
C:\WINDOWS\DOWNLO~1\USDR6V_0001_D18M3107NetInstaller.exe
((((((((((((((((((((((((( Files Created from 2007-07-15 to 2007-08-15 )))))))))))))))))))))))))))))))
2007-08-15 13:37 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-15 12:30 401,720 --a------ C:\HijackThis.exe
2007-08-15 11:06 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-08-15 11:06 3,290 --a------ C:\WINDOWS\system32\gnc.exe
2007-08-15 10:49 <REP> d-------- C:\Program Files\Navilog1
2007-08-13 13:56 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-08-05 16:04 <REP> d-------- C:\Program Files\Fichiers communs\i4j_jres
2007-07-15 10:34 287,592 --a------ C:\Program Files\dxwebsetup.exe
2007-07-15 10:05 <REP> d-------- C:\a2f023422160baf1787924
2007-07-15 10:04 <REP> d-------- C:\Program Files\Windows Media Connect 2
2007-07-15 10:02 <REP> d-------- C:\WINDOWS\NV23201948.TMP
2007-07-15 10:00 <REP> d-------- C:\NVIDIA
2007-07-15 09:59 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-13 13:37 --------- d-------- C:\Program Files\RegCleaner
2007-08-13 13:14 --------- d-------- C:\Program Files\Lavasoft
2007-08-13 13:11 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-13 13:10 --------- d-------- C:\Program Files\CCleaner
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a--c--- C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-07-19 08:58 3583488 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-15 10:21 --------- d-------- C:\Program Files\Mozilla Thunderbird
2007-07-13 01:30 765952 --a--c--- C:\WINDOWS\system32\dllcache\vgx.dll
2007-06-27 15:24 823808 --a--c--- C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --a--c--- C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --a--c--- C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 -----c--- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --a--c--- C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --a--c--- C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 -----c--- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 -----c--- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 -----c--- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --a--c--- C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 -----c--- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 -----c--- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 -----c--- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --a--c--- C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 -----c--- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 -----c--- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 -----c--- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --a--c--- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 08:09 1104896 --a--c--- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-25 18:54 --------- d-------- C:\Program Files\Windows Live
2007-06-25 18:54 --------- d-------- C:\Program Files\MSN Messenger
2007-06-25 18:54 --------- d-------- C:\Program Files\Messenger Plus! Live
2007-06-25 09:00 --------- d-------- C:\Program Files\iGraal
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32 282112 -----c--- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-06-13 15:22 1037312 -----c--- C:\WINDOWS\system32\dllcache\explorer.exe
2007-05-17 13:29 549376 --a------ C:\WINDOWS\system32\oleaut32.dll
2007-05-17 13:29 549376 -----c--- C:\WINDOWS\system32\dllcache\oleaut32.dll
2007-05-16 17:13 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:13 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:13 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:13 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:13 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2007-01-30 14:51 4964776 --a------ C:\Program Files\Windows-KB890830-V1.24.exe
2004-11-18 18:08:53 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2003-11-03 17:50]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 16:57]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-12-05 20:50]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55]
R3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys
Contents of the 'Scheduled Tasks' folder
2007-08-10 15:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
2007-08-15 11:16:08 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
2007-01-11 19:53:59 C:\WINDOWS\Tasks\XoftSpy.job - C:\Program Files\XoftSpy\XoftSpy.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-15 13:43:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
Completion time: 2007-08-15 13:45:05
C:\ComboFix-quarantined-files.txt ... 2007-08-15 13:44
--- E O F ---
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.152 [GMT 2:00]
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\BENJAM~1.NOM.\aria.txt
C:\WINDOWS\DOWNLO~1\USDR6V_0001_D18M3107NetInstaller.exe
((((((((((((((((((((((((( Files Created from 2007-07-15 to 2007-08-15 )))))))))))))))))))))))))))))))
2007-08-15 13:37 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-15 12:30 401,720 --a------ C:\HijackThis.exe
2007-08-15 11:06 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-08-15 11:06 3,290 --a------ C:\WINDOWS\system32\gnc.exe
2007-08-15 10:49 <REP> d-------- C:\Program Files\Navilog1
2007-08-13 13:56 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-08-05 16:04 <REP> d-------- C:\Program Files\Fichiers communs\i4j_jres
2007-07-15 10:34 287,592 --a------ C:\Program Files\dxwebsetup.exe
2007-07-15 10:05 <REP> d-------- C:\a2f023422160baf1787924
2007-07-15 10:04 <REP> d-------- C:\Program Files\Windows Media Connect 2
2007-07-15 10:02 <REP> d-------- C:\WINDOWS\NV23201948.TMP
2007-07-15 10:00 <REP> d-------- C:\NVIDIA
2007-07-15 09:59 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-13 13:37 --------- d-------- C:\Program Files\RegCleaner
2007-08-13 13:14 --------- d-------- C:\Program Files\Lavasoft
2007-08-13 13:11 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-13 13:10 --------- d-------- C:\Program Files\CCleaner
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a--c--- C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-07-19 08:58 3583488 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-15 10:21 --------- d-------- C:\Program Files\Mozilla Thunderbird
2007-07-13 01:30 765952 --a--c--- C:\WINDOWS\system32\dllcache\vgx.dll
2007-06-27 15:24 823808 --a--c--- C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --a--c--- C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --a--c--- C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 -----c--- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --a--c--- C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --a--c--- C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 -----c--- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 -----c--- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 -----c--- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --a--c--- C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 -----c--- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 -----c--- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 -----c--- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --a--c--- C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 -----c--- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 -----c--- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 -----c--- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --a--c--- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 08:09 1104896 --a--c--- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-25 18:54 --------- d-------- C:\Program Files\Windows Live
2007-06-25 18:54 --------- d-------- C:\Program Files\MSN Messenger
2007-06-25 18:54 --------- d-------- C:\Program Files\Messenger Plus! Live
2007-06-25 09:00 --------- d-------- C:\Program Files\iGraal
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32 282112 -----c--- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-06-13 15:22 1037312 -----c--- C:\WINDOWS\system32\dllcache\explorer.exe
2007-05-17 13:29 549376 --a------ C:\WINDOWS\system32\oleaut32.dll
2007-05-17 13:29 549376 -----c--- C:\WINDOWS\system32\dllcache\oleaut32.dll
2007-05-16 17:13 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:13 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:13 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:13 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:13 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2007-01-30 14:51 4964776 --a------ C:\Program Files\Windows-KB890830-V1.24.exe
2004-11-18 18:08:53 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2003-11-03 17:50]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 16:57]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-12-05 20:50]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55]
R3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys
Contents of the 'Scheduled Tasks' folder
2007-08-10 15:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
2007-08-15 11:16:08 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
2007-01-11 19:53:59 C:\WINDOWS\Tasks\XoftSpy.job - C:\Program Files\XoftSpy\XoftSpy.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-15 13:43:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
Completion time: 2007-08-15 13:45:05
C:\ComboFix-quarantined-files.txt ... 2007-08-15 13:44
--- E O F ---
Scan saved at 12:32:45, on 15/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ps2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] C:\WINDOWS\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe