Sujet Précédent Sujet Suivant

Infection trojan looksky

Fermé
from39 Messages postés 3 Date d'inscription samedi 29 septembre 2007 Statut Membre Dernière intervention 3 octobre 2007 - 29 sept. 2007 à 18:40
from39 Messages postés 3 Date d'inscription samedi 29 septembre 2007 Statut Membre Dernière intervention 3 octobre 2007 - 3 oct. 2007 à 20:40
Bonjour,

mon ordi a été infecté par looksky.
en lisant sur le forum, j'ai pu telecharger AVG antispyware, hijackthis, et fixnavi.
Si quelqu'un peut m'aider, car je ne suis pas expert et j'ai voulu tenter de reparer seul.
je vous remercie d'avance

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 10:42:57 29/09/2007

+ Résultat de l'analyse:



C:\WINDOWS\system32\libhelps.dll -> Backdoor.IRCBot.acd : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Vant. David\Cookies\vant._david@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@nike.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.348:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant. david@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.70:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.71:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant. david@connextra[1].txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@www.etracker[2].txt -> TrackingCookie.Etracker : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.370:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.371:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.372:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.373:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.374:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.375:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.376:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.377:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.378:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.379:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.380:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.267:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant. david@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.152:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.153:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.154:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant. david@ie.search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.404:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant. david@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@france.real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@realguide.real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@site.skype[2].txt -> TrackingCookie.Skype : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@skype[1].txt -> TrackingCookie.Skype : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@starware[1].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.323:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant. david@valueclick[3].txt -> TrackingCookie.Valueclick : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant. david@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.73:C:\Documents and Settings\Vant. David\Application Data\Mozilla\Firefox\Profiles\172feg8j.default\cookies.txt -> TrackingCookie.Xhit : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant. david@count.xhit[1].txt -> TrackingCookie.Xhit : Nettoyé.
C:\Documents and Settings\Vant. David\Cookies\vant._david@yadro[1].txt -> TrackingCookie.Yadro : Nettoyé.


Fin du rapport


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:31:42, on 29/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\acer\Empowering Technology\ePower\epm-dm.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Acer\Empowering Technology\admtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Vant. David\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 212.150.54.250 dv-networks.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSVPS System - {60D3EC53-56A8-46A8-9D01-1AB64410665C} - C:\WINDOWS\nsduo.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O21 - SSODL: drivers - {08D4B0C9-0177-4814-96E9-8BD75CA8FDEC} - (no file)
O21 - SSODL: msmdev - {0F04598F-EDC5-43EE-9333-CDCDCB663BFF} - C:\WINDOWS\msmdev.dll
O21 - SSODL: msmhost - {FBDA71AF-4C8E-479C-88BD-85AE71D35321} - C:\WINDOWS\msmhost.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
A voir également:

2 réponses

Réponse 1 / 2
from39 Messages postés 3 Date d'inscription samedi 29 septembre 2007 Statut Membre Dernière intervention 3 octobre 2007
1 oct. 2007 à 18:39


0
Réponse 2 / 2
from39 Messages postés 3 Date d'inscription samedi 29 septembre 2007 Statut Membre Dernière intervention 3 octobre 2007
3 oct. 2007 à 20:40
Quelqu'u pourrait il m'aider SVP!

merci
0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
Comment éliminer manuellement virus trojan?
ballag -
RClog -

12 réponses