Sujet Précédent Sujet Suivant

Win 32 nilage AI

Fermé
sophie - 30 août 2007 à 19:31
 sophie - 4 sept. 2007 à 17:28
Bonjour,
j'ai un virus !!! win32 nilage AI, et bien sur suis pas très douée en informatique, j'ai téléchargé AVAST, mais le virus résiste, j'ai donc suivi votre procédure et je joint ci dessous les 3 rapports, si quelqu'un peut m'aider ...
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 15:37:22 30/08/2007

+ Résultat de l'analyse:



HKLM\SOFTWARE\Alexa Internet -> Adware.Alexa : Nettoyé.
HKU\S-1-5-21-1960408961-1957994488-1343024091-1005\Software\Alexa Internet -> Adware.Alexa : Nettoyé.
C:\Documents and Settings\bebe\Cookies\bebe@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\bebe\Cookies\bebe@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\bebe\Cookies\bebe@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\bebe\Cookies\bebe@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\bebe\Cookies\bebe@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\bebe\Cookies\bebe@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\bebe\Cookies\bebe@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\bebe\Cookies\bebe@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.


Fin du rapport

BitDefender Online Scanner



Scan report generated at: Thu, Aug 30, 2007 - 18:36:20





Scan path: C:\;D:\;







Statistics

Time
00:12:48

Files
39396

Folders
2127

Boot Sectors
2

Archives
354

Packed Files
159




Results

Identified Viruses
16

Infected Files
51

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
40




Engines Info

Virus Definitions
30243

Engine build
AVCORE v1.0 (build 2411) (i386) (Jul 9 2007 12:10:22)

Scan plugins
2

Archive plugins
10

Unpack plugins
2

E-mail plugins
1

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\PegeFile.pif
Infected with: BehavesLike:Trojan.ShellHook

C:\PegeFile.pif
Disinfection failed

C:\PegeFile.pif
Deleted

C:\Program Files\Internet Explorer\PLUGINS\NewTemp.bak
Infected with: BehavesLike:Trojan.ShellHook

C:\Program Files\Internet Explorer\PLUGINS\NewTemp.bak
Disinfection failed

C:\Program Files\Internet Explorer\PLUGINS\NewTemp.bak
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006065.pif
Infected with: BehavesLike:Trojan.ShellHook

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006065.pif
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006065.pif
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006080.pif
Infected with: BehavesLike:Trojan.ShellHook

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006080.pif
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006080.pif
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006087.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006087.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006087.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006088.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006088.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006088.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006089.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006089.exe
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006089.exe
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006117.pif
Infected with: BehavesLike:Trojan.ShellHook

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006117.pif
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006117.pif
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006124.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006124.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006124.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006125.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006125.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006125.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006126.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006126.exe
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP35\A0006126.exe
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006127.pif
Infected with: BehavesLike:Trojan.ShellHook

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006127.pif
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006127.pif
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006141.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006141.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006141.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006142.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006142.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006142.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006143.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006143.exe
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006143.exe
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006154.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006154.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006154.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006156.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006156.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006156.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006157.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006157.exe
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006157.exe
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006194.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006194.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006194.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006195.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006195.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006195.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006196.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006196.exe
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006196.exe
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006207.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006207.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006207.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006208.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006208.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006208.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006210.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006210.exe
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006210.exe
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006218.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006218.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006218.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006219.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006219.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006219.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006223.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006223.exe
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006223.exe
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006234.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006234.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006234.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006235.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006235.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006235.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006236.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006236.exe
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP36\A0006236.exe
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006368.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006368.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006368.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006369.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006369.dll
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006369.dll
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006371.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006371.exe
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006371.exe
Deleted

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006375.pif
Infected with: BehavesLike:Trojan.ShellHook

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006375.pif
Disinfection failed

C:\System Volume Information\_restore{1FCD42D8-DC5D-483F-840C-AB0737F2A5A5}\RP37\A0006375.pif
Deleted

C:\WINDOWS\DbgHlp32.exe
Infected with: DeepScan:Generic.PWS.Games.4.62F981A7

C:\WINDOWS\DbgHlp32.exe
Disinfection failed

C:\WINDOWS\DbgHlp32.exe
Deleted

C:\WINDOWS\neduwa.exe
Infected with: DeepScan:Generic.PWS.Games.4.E27945C7

C:\WINDOWS\neduwa.exe
Disinfection failed

C:\WINDOWS\neduwa.exe
Deleted

C:\WINDOWS\system32\DbgHlp32.dll
Infected with: Generic.Malware.PWS.04D36C99

C:\WINDOWS\system32\DbgHlp32.dll
Disinfection failed

C:\WINDOWS\system32\DbgHlp32.dll
Delete failed

C:\WINDOWS\system32\jzipri.dll
Infected with: Trojan.Downloader.Agent.YJA

C:\WINDOWS\system32\jzipri.dll
Disinfection failed

C:\WINDOWS\system32\jzipri.dll
Delete failed

C:\WINDOWS\system32\NVDispDrv.dll
Infected with: Generic.Malware.PWS.E64B3743

C:\WINDOWS\system32\NVDispDrv.dll
Disinfection failed

C:\WINDOWS\system32\NVDispDrv.dll
Delete failed

C:\WINDOWS\system32\qheins.exe
Infected with: DeepScan:Generic.Dld.Agent.7B850DE0

C:\WINDOWS\system32\qheins.exe
Disinfection failed

C:\WINDOWS\system32\qheins.exe
Deleted

C:\WINDOWS\system32\qhepri.dll
Infected with: DeepScan:Generic.Dld.Agent.6628339C

C:\WINDOWS\system32\qhepri.dll
Disinfection failed

C:\WINDOWS\system32\qhepri.dll
Delete failed

C:\WINDOWS\system32\qjgpri.dll
Infected with: DeepScan:Generic.Dld.Agent.8B26DF4F

C:\WINDOWS\system32\qjgpri.dll
Disinfection failed

C:\WINDOWS\system32\qjgpri.dll
Delete failed

C:\WINDOWS\system32\shaman.dll
Infected with: DeepScan:Generic.Dld.Agent.7C7189C5

C:\WINDOWS\system32\shaman.dll
Disinfection failed

C:\WINDOWS\system32\shaman.dll
Delete failed

C:\WINDOWS\system32\tlvins.exe
Infected with: DeepScan:Generic.Dld.Agent.011BB943

C:\WINDOWS\system32\tlvins.exe
Disinfection failed

C:\WINDOWS\system32\tlvins.exe
Deleted

C:\WINDOWS\system32\tlvpri.dll
Infected with: DeepScan:Generic.Dld.Agent.783AECB1

C:\WINDOWS\system32\tlvpri.dll
Disinfection failed

C:\WINDOWS\system32\tlvpri.dll
Delete failed

C:\WINDOWS\system32\wggpri.dll
Infected with: BehavesLike:Trojan.WUDisable

C:\WINDOWS\system32\wggpri.dll
Disinfection failed

C:\WINDOWS\system32\wggpri.dll
Delete failed

C:\WINDOWS\system32\wlhins.exe
Infected with: DeepScan:Generic.Dld.Agent.96B12EAF

C:\WINDOWS\system32\wlhins.exe
Disinfection failed

C:\WINDOWS\system32\wlhins.exe
Deleted

C:\WINDOWS\system32\wlhpri.dll
Infected with: BehavesLike:Trojan.WUDisable

C:\WINDOWS\system32\wlhpri.dll
Disinfection failed

C:\WINDOWS\system32\wlhpri.dll
Delete failed

C:\WINDOWS\system32\ztaman.dll
Infected with: DeepScan:Generic.Dld.Agent.5DF5F786

C:\WINDOWS\system32\ztaman.dll
Disinfection failed

C:\WINDOWS\system32\ztaman.dll
Delete failed

C:\WINDOWS\system32\ztaset.exe
Infected with: DeepScan:Generic.Dld.Agent.C50257EF

C:\WINDOWS\system32\ztaset.exe
Disinfection failed

C:\WINDOWS\system32\ztaset.exe
Deleted

C:\WINDOWS\system32\zxipri.dll
Infected with: BehavesLike:Trojan.WUDisable

C:\WINDOWS\system32\zxipri.dll
Disinfection failed

C:\WINDOWS\system32\zxipri.dll
Delete failed

Logfile of HijackThis v1.99.1
Scan saved at 18:55:41, on 30/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Accélérateur de débit Alice\AccAlice.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Accélérateur de débit Alice\AccAlice-gui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\Accélérateur de débit Alice\AccAlice.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe
O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\neduwa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Accélérateur de débit Alice.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - AppInit_DLLs: ztaman.dll
O23 - Service: 66C2E75F - Unknown owner - C:\WINDOWS\system32\588383AB.EXE (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe



voilà ... j'espère que tout y est
A voir également:

7 réponses

Réponse 1 / 7
eclypse16 Messages postés 162 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 4 septembre 2007
30 août 2007 à 19:50
Salut

1°) Désactive ta restauration systeme : http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924
2°) Redemarre ton pc puis reactive celle ci
3°) Refais un scan antivirus
4°) J'analyse ton rapport

@+
0
Réponse 2 / 7
eclypse16 Messages postés 162 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 4 septembre 2007
30 août 2007 à 20:07
Re

1°) Ouvre hijackthis et coche
O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe
O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\neduwa.exe
O20 - AppInit_DLLs: ztaman.dll

Clique sur fix checked


Fais demarrer => executer => services.msc

Dedans cherche
588383AB.EXE

Si tu le trouves fais un clique droit puis propriete enfin tu choisis arreter puis dans demarrage tu mets desactiver


Reouvre hijackthis et coche
O23 - Service: 66C2E75F - Unknown owner - C:\WINDOWS\system32\588383AB.EXE (file missing)


Telechargement :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
http://www.malekal.com/download/clean.zip
http://www.alt-shift-return.org/Info/Fichiers/Navipromo07H.zip


LAnce navilog1 une fois installé a l'invite tape 1 un rapport souvrira poste le ici
Pour clean.zip tu fais bouton droit extraire tout rends toi dans le dossier clean tu verras un fichier nommé clean.cmd lance le puis choix 1

Pareil pour Navipromo

Donc au prochain poste tu dois me poster 4 rapports
Le rapports navilog
Le rapport clean
Le rapport navipromo
Le rapport hijackthis

@+
0
Réponse 3 / 7
sophie
31 août 2007 à 12:39
salut et merci ...
bon alors juste une petite question, j'ai fait comme indiqué dans premier message et je ne vois plus le virus nilage, (avast ne bip plus quand j'essaie d'ouvrir mon disque) et le scan ne detecte plus de virus, alors est ce que je dois quand même faire ce que tu me dis dans deuxieme message ? le virus est-il toujours là ?
0
Réponse 4 / 7
eclypse16 Messages postés 162 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 4 septembre 2007
31 août 2007 à 16:51
Salut

Fais le deuxieme message

@+

Eclypse
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
sophie
4 sept. 2007 à 15:19
salut, ce fut laborieux mais voilà les 4 rapports ....

Search Navipromo version 2.0.9 commencé le 04/09/2007 à 14:32:27,34

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 20.08.2007 a 22h30 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***




*** Recherche dossiers dans C:\WINDOWS ***




*** Recherche dossiers dans C:\Program Files ***




*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\bebe\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.

[+] Started on 09/04/07 at 14:32:29.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ........................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 09/04/07 at 14:34:11 (return code = 0).


*** Recherche avec GenericNaviSearch ***
!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!

Fichiers trouvés :

Aucun Fichier trouvé !

Fichiers suspects :

Aucun Fichier suspect trouvé !



*** Recherche fichiers ***




*** Recherche cles registre ***


Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control



*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********


3)Recherche Certificats :

Certificat Egroup absent !


*** Analyse Terminé le 04/09/2007 à 14:34:28,65 ***



04/09/2007 a 15:02:35,75

*** Recherche des fichiers dans C:
C:\autorun.inf FOUND

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !

Rapport Navipromo.bat 0.71 effectué depuis C:\Documents and Settings\bebe\Mes documents\virus le 04/09/2007 à 15:07:22,11
-- Le programme n'est pas lancé en mode sans échec par conséquent les résultats seront probablement faussés

** Recherche...

Fin du rapport de recherche
Adware Navipromo non trouvé avec cette méthode

Engagement de la méthode Heuristique

Rapport Navipromo.bat 0.72 effectué depuis C:\WINDOWS\system32 le 04/09/2007 à 15:07:22,42
Le programme n'est pas lancé en mode sans échec par conséquent les résultats seront probablement faussés

## Suppression Heuristique

* Backups :


Aucun résultat par la recherche heuristique


## Fin du rapport Heuristique


Logfile of HijackThis v1.99.1
Scan saved at 15:11:42, on 04/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Accélérateur de débit Alice\AccAlice.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Accélérateur de débit Alice\AccAlice-gui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\WINZIP\wzqkpick.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\Accélérateur de débit Alice\AccAlice.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Accélérateur de débit Alice.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - AppInit_DLLs: qjgpri.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
0
Réponse 6 / 7
eclypse16 Messages postés 162 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 4 septembre 2007
4 sept. 2007 à 15:41
Salut

Reouvre hijackthis et coche
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe...Ahead Nero Burning Rom
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"...HP Update Scheduler
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe...Adobe Acrobat Reader
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)...

clique sur fix checked

Redemarre en mode sans echec puis lance clean.cmd option 2

Poste le rapport + un nouvel hijackthis
0
Réponse 7 / 7
sophie
4 sept. 2007 à 17:28
ok voilà :

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 04/09/2007 a 17:14:39,24

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:
tentative de suppression de C:\autorun.inf

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32

*** Suppression des fichiers dans C:\Program Files

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Logfile of HijackThis v1.99.1
Scan saved at 17:27:15, on 04/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Accélérateur de débit Alice\AccAlice.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Accélérateur de débit Alice\AccAlice-gui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\slrundll.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7500
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\Accélérateur de débit Alice\AccAlice.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Accélérateur de débit Alice.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Afficher l'image originale. - res://C:\Program Files\Accélérateur de débit Alice\gui_resource.dll/328
O8 - Extra context menu item: Afficher toutes les images originales. - res://C:\Program Files\Accélérateur de débit Alice\gui_resource.dll/327
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9483DB3C-6C16-48F9-878C-55E27DF898DD}: NameServer = 213.36.80.1
O20 - AppInit_DLLs: shaman.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
0

Discussions similaires

Voxbone ? qui est-ce ?
fanfan54 -
djakool4 -

158 réponses
svp 32Gb est il egal a 32Go??
William Fernand -
nemrod18 -

3 réponses