Cheval de troie
Utilisateur anonyme
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
avast a trouvé dé cheval de troie sur mon ordi mè ne pe pa lé enlever alor g tenté bcp d choz mè j n sè pa si ca a marché . aidé moi svp voila l rapport combofix:
ComboFix 07-10-29.1 - AHMIMACHE 2007-10-31 19:23:48.1 - NTFSx86
Running from: C:\Documents and Settings\AHMIMACHE\Bureau\ComboFix.exe
* Created a new restore point
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Général\Bureau\internet.lnk
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\system32\b3
C:\WINDOWS\system32\bjrhdqgh.ini
C:\WINDOWS\system32\e1
C:\WINDOWS\system32\e1\caws83122.exe
C:\WINDOWS\system32\fgjlm.bak1
C:\WINDOWS\system32\fgjlm.bak2
C:\WINDOWS\system32\fgjlm.ini
C:\WINDOWS\system32\fgjlm.ini2
C:\WINDOWS\system32\fgjlm.tmp
C:\WINDOWS\system32\hgqdhrjb.dll
C:\WINDOWS\system32\iwqoaagj.dll
C:\WINDOWS\system32\klkjindo.dll
C:\WINDOWS\system32\mljgf.dll
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pxktpsut.ini
C:\WINDOWS\system32\rvgclxms.dll
C:\WINDOWS\system32\tusptkxp.dll
C:\WINDOWS\system32\u4
C:\WINDOWS\system32\u4\c124wvr.exe
C:\WINDOWS\system32\wekhwbfy.ini
C:\WINDOWS\system32\woduykdy.dll
C:\WINDOWS\system32\yfbwhkew.dll
C:\z.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-28 to 2007-10-31 ))))))))))))))))))))))))))))))))))))
.
2007-10-31 19:19 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-31 18:56 <REP> d-------- C:\VundoFix Backups
2007-10-30 18:21 <REP> d-------- C:\Documents and Settings\Général\Application Data\Apple Computer
2007-10-30 18:00 <REP> d-------- C:\Documents and Settings\Général\Application Data\Talkback
2007-10-30 17:57 <REP> d-------- C:\Documents and Settings\Général\Application Data\Windows Desktop Search
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Voisinage réseau
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Voisinage réseau
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Voisinage d'impression
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Voisinage d'impression
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Modèles
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Modèles
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Mes documents
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Mes documents
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Menu Démarrer
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Menu Démarrer
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Favoris
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Favoris
2007-10-30 17:53 <REP> d-------- C:\Documents and Settings\Général\Bureau
2007-10-30 17:53 <REP> d-------- C:\Documents and Settings\Général\Bureau
2007-10-30 17:53 <REP> d-------- C:\Documents and Settings\Général\Application Data\Symantec
2007-10-30 16:35 <REP> d-------- C:\Program Files\LimeWire
2007-10-30 16:00 <REP> d-------- C:\Program Files\iPod
2007-10-30 15:59 <REP> d-------- C:\Program Files\iTunes
2007-10-30 15:06 <REP> d-------- C:\WINDOWS\peernet
2007-10-30 11:40 28,672 --a------ C:\Documents and Settings\AHMIMACHE\update.exe
2007-10-30 10:37 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-10-30 09:32 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-10-30 09:29 82 --a------ C:\n.bat
2007-10-30 09:29 0 --a------ C:\z.dat
2007-10-30 09:28 <REP> d-------- C:\WINDOWS\system32\Mz18r
2007-10-30 09:28 <REP> d-------- C:\Temp\mZOr
2007-10-30 09:28 <REP> d-------- C:\Temp
2007-10-30 09:28 32,256 --a------ C:\WINDOWS\system32\awtspon.dll
2007-10-25 10:26 53,248 --a------ C:\WINDOWS\bdoscandel.exe
2007-10-20 16:33 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-10-20 16:33 59,264 --a------ C:\WINDOWS\system32\dllcache\usbaudio.sys
2007-10-20 16:32 78,464 --a------ C:\WINDOWS\system32\drivers\usbvideo.sys
2007-10-20 16:32 78,464 --a------ C:\WINDOWS\system32\dllcache\usbvideo.sys
2007-10-20 16:31 9,602,944 --a------ C:\WINDOWS\system32\drivers\snp2uvc.sys
2007-10-20 16:31 569,344 --a------ C:\WINDOWS\vsnp2uvc.exe
2007-10-20 16:31 299,008 --a------ C:\WINDOWS\system32\vsnp2uvc.dll
2007-10-20 16:31 167,936 --a------ C:\WINDOWS\system32\rsnp2uvc.dll
2007-10-20 16:31 94,208 --a------ C:\WINDOWS\system32\drivers\camfilt2.sys
2007-10-20 16:31 53,248 --a------ C:\WINDOWS\system32\csnp2uvc.dll
2007-10-20 16:31 28,160 --a------ C:\WINDOWS\system32\drivers\sncduvc.sys
2007-10-20 16:30 3,600,384 --a------ C:\WINDOWS\ffmpeg.exe
2007-10-20 16:29 <REP> d-------- C:\WINDOWS\system32\HWC HD
2007-10-20 16:29 <REP> d-------- C:\Program Files\Hercules
2007-10-20 16:27 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\InstallShield
2007-10-06 20:19 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\DivX
2007-10-06 14:52 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-10-06 14:52 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-10-06 14:52 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-10-06 14:49 <REP> d-------- C:\Program Files\DivX
2007-09-29 23:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-09-29 23:02 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-09-29 23:00 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-09-29 22:57 <REP> d-------- C:\WINDOWS\Internet Logs
2007-09-29 21:22 <REP> d-------- C:\Program Files\CCleaner
2007-09-29 20:41 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-09-28 17:07 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 17:07 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-09-28 17:07 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-09-28 17:05 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-09-28 17:05 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-09-28 17:05 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-09-28 17:05 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-09-28 17:05 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-09-28 17:05 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2007-09-28 17:05 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-09-28 17:05 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-09-26 21:28 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\Windows Desktop Search
2007-09-26 21:16 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\Adssite Advanced Toolbar
2007-09-25 18:27 <REP> d-------- C:\Program Files\Dofus
2007-09-13 17:56 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\MSNInstaller
2007-09-10 19:27 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Incoming
2007-09-08 12:33 719,872 --a------ C:\WINDOWS\system32\devil.dll
2007-09-08 12:33 394,240 --a------ C:\WINDOWS\system32\Smab.dll
2007-09-08 12:33 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
2007-09-08 12:33 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-09-08 12:33 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-09-08 12:33 66,560 --a------ C:\WINDOWS\MOTA113.exe
2007-09-08 12:33 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-09-08 12:32 502,784 --a------ C:\WINDOWS\x2.64.exe
2007-09-08 12:32 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2007-09-08 12:32 217,073 --a------ C:\WINDOWS\meta4.exe
2007-09-04 18:52 <REP> d-------- C:\WINDOWS\Sun
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-31 17:23 --------- d-----w C:\Documents and Settings\AHMIMACHE\Application Data\LimeWire
2007-10-31 10:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-10-30 13:29 --------- d-----w C:\Program Files\Spyware Doctor
2007-10-30 10:43 278,534 ----a-w C:\WINDOWS\Fonts\Setup.exe
2007-10-30 08:27 278,533 --sh--w C:\WINDOWS\Fonts\svchost.exe
2007-10-25 20:48 5,736 ----a-w C:\Documents and Settings\AHMIMACHE\Application Data\wklnhst.dat
2007-10-20 15:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-14 12:09 --------- d-----w C:\Documents and Settings\AHMIMACHE\Application Data\Canon
2007-10-04 17:50 --------- d-----w C:\Program Files\Java
2007-09-28 16:07 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-09-26 20:23 --------- d-----w C:\Program Files\Windows Desktop Search
2007-09-26 18:23 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-09-26 18:22 --------- d-----w C:\Program Files\Windows Live
2007-09-26 18:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-09-13 17:18 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-09-13 17:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-09-11 18:21 --------- d-----w C:\Program Files\Apple Software Update
2007-09-08 11:12 --------- d-----w C:\Program Files\Fichiers communs\AVSMedia
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-29 13:35 --------- d-----w C:\Program Files\Picasa2
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 09:59 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-20 09:59 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-20 09:59 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 09:59 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 09:59 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 09:59 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-20 09:59 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 09:59 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-08-20 09:59 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-08-20 09:59 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 09:59 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-20 09:59 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-20 09:59 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-20 09:59 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-08-20 09:59 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-08-20 09:59 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-20 09:59 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-20 09:59 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-08-20 09:59 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-20 09:59 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-08-20 09:59 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-08-20 09:59 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-08-20 09:59 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-17 10:22 63,488 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-08-17 10:22 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-08-17 10:22 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-08-17 07:34 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-08-16 14:17 51,568 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 17:19 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-07-30 17:19 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2007-07-12 23:30 765,952 ----a-w C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-09 13:19 582,656 ----a-w C:\WINDOWS\system32\rpcrt4.dll
2007-07-09 13:19 582,656 ----a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{65BD1468-09D5-4827-BFC8-78F0D23AEBB3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 09:11]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-09-23 12:41]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-08-14 16:02]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
"PCMService"="C:\Program Files\Acer TV-FM\PCMService.exe" [2006-03-29 20:50]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 10:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 06:00]
"MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2006-05-04 13:55]
"LaunchApp"="Alaunch" []
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-04-13 05:07]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 11:41]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 06:00]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-20 14:27]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 13:40]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2006-06-09 11:24]
"Acer Empowering Technology Monitor"="C:\WINDOWS\system32\SysMonitor.exe" [2006-04-18 18:54]
"snp2uvc"="C:\WINDOWS\vsnp2uvc.exe" [2007-03-12 17:49]
"SiSPower"="SiSPower.dll" [2005-08-25 18:05 C:\WINDOWS\system32\SiSPower.dll]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hyperappel de l'Encyclopédie Universelle Larousse"="C:\Program Files\Larousse\Encyclopédie Universelle Larousse 2007\Bin\Hyperappel.exe" [2006-07-17 13:25]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 06:00]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-10-21 15:42:07]
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 19:25:14]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
Outil de mise à jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-06-23 13:18:29]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 14:40:46]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\mljgf.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
R1 oreans32;oreans32;\??\C:\WINDOWS\system32\drivers\oreans32.sys
R3 camfilt2;camfilt2;C:\WINDOWS\system32\Drivers\camfilt2.sys
R3 int15.sys;int15.sys;\??\C:\acer\Empowering Technology\eRecovery\int15.sys
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC);C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 CAM1210;SM0121 USB 2.0 Video Camera;C:\WINDOWS\system32\Drivers\cam1210.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0855590c-1ab1-11db-96a2-806d6172696f}]
AutoRun\command - E:\setup.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-31 17:48:30 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
.
**************************************************************************
catchme 0.3.1239 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-31 19:35:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-31 19:40:47 - machine was rebooted
.
--- E O F ---
et voila l rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 19:44:12, on 31/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer TV-FM\PCMService.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\WINDOWS\vsnp2uvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse 2007\Bin\Hyperappel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {65BD1468-09D5-4827-BFC8-78F0D23AEBB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer TV-FM\PCMService.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Hyperappel de l'Encyclopédie Universelle Larousse] "C:\Program Files\Larousse\Encyclopédie Universelle Larousse 2007\Bin\Hyperappel.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
avast a trouvé dé cheval de troie sur mon ordi mè ne pe pa lé enlever alor g tenté bcp d choz mè j n sè pa si ca a marché . aidé moi svp voila l rapport combofix:
ComboFix 07-10-29.1 - AHMIMACHE 2007-10-31 19:23:48.1 - NTFSx86
Running from: C:\Documents and Settings\AHMIMACHE\Bureau\ComboFix.exe
* Created a new restore point
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Général\Bureau\internet.lnk
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\system32\b3
C:\WINDOWS\system32\bjrhdqgh.ini
C:\WINDOWS\system32\e1
C:\WINDOWS\system32\e1\caws83122.exe
C:\WINDOWS\system32\fgjlm.bak1
C:\WINDOWS\system32\fgjlm.bak2
C:\WINDOWS\system32\fgjlm.ini
C:\WINDOWS\system32\fgjlm.ini2
C:\WINDOWS\system32\fgjlm.tmp
C:\WINDOWS\system32\hgqdhrjb.dll
C:\WINDOWS\system32\iwqoaagj.dll
C:\WINDOWS\system32\klkjindo.dll
C:\WINDOWS\system32\mljgf.dll
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pxktpsut.ini
C:\WINDOWS\system32\rvgclxms.dll
C:\WINDOWS\system32\tusptkxp.dll
C:\WINDOWS\system32\u4
C:\WINDOWS\system32\u4\c124wvr.exe
C:\WINDOWS\system32\wekhwbfy.ini
C:\WINDOWS\system32\woduykdy.dll
C:\WINDOWS\system32\yfbwhkew.dll
C:\z.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-28 to 2007-10-31 ))))))))))))))))))))))))))))))))))))
.
2007-10-31 19:19 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-31 18:56 <REP> d-------- C:\VundoFix Backups
2007-10-30 18:21 <REP> d-------- C:\Documents and Settings\Général\Application Data\Apple Computer
2007-10-30 18:00 <REP> d-------- C:\Documents and Settings\Général\Application Data\Talkback
2007-10-30 17:57 <REP> d-------- C:\Documents and Settings\Général\Application Data\Windows Desktop Search
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Voisinage réseau
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Voisinage réseau
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Voisinage d'impression
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Voisinage d'impression
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Modèles
2007-10-30 17:53 <REP> d--h----- C:\Documents and Settings\Général\Modèles
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Mes documents
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Mes documents
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Menu Démarrer
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Menu Démarrer
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Favoris
2007-10-30 17:53 <REP> dr------- C:\Documents and Settings\Général\Favoris
2007-10-30 17:53 <REP> d-------- C:\Documents and Settings\Général\Bureau
2007-10-30 17:53 <REP> d-------- C:\Documents and Settings\Général\Bureau
2007-10-30 17:53 <REP> d-------- C:\Documents and Settings\Général\Application Data\Symantec
2007-10-30 16:35 <REP> d-------- C:\Program Files\LimeWire
2007-10-30 16:00 <REP> d-------- C:\Program Files\iPod
2007-10-30 15:59 <REP> d-------- C:\Program Files\iTunes
2007-10-30 15:06 <REP> d-------- C:\WINDOWS\peernet
2007-10-30 11:40 28,672 --a------ C:\Documents and Settings\AHMIMACHE\update.exe
2007-10-30 10:37 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-10-30 09:32 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-10-30 09:29 82 --a------ C:\n.bat
2007-10-30 09:29 0 --a------ C:\z.dat
2007-10-30 09:28 <REP> d-------- C:\WINDOWS\system32\Mz18r
2007-10-30 09:28 <REP> d-------- C:\Temp\mZOr
2007-10-30 09:28 <REP> d-------- C:\Temp
2007-10-30 09:28 32,256 --a------ C:\WINDOWS\system32\awtspon.dll
2007-10-25 10:26 53,248 --a------ C:\WINDOWS\bdoscandel.exe
2007-10-20 16:33 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-10-20 16:33 59,264 --a------ C:\WINDOWS\system32\dllcache\usbaudio.sys
2007-10-20 16:32 78,464 --a------ C:\WINDOWS\system32\drivers\usbvideo.sys
2007-10-20 16:32 78,464 --a------ C:\WINDOWS\system32\dllcache\usbvideo.sys
2007-10-20 16:31 9,602,944 --a------ C:\WINDOWS\system32\drivers\snp2uvc.sys
2007-10-20 16:31 569,344 --a------ C:\WINDOWS\vsnp2uvc.exe
2007-10-20 16:31 299,008 --a------ C:\WINDOWS\system32\vsnp2uvc.dll
2007-10-20 16:31 167,936 --a------ C:\WINDOWS\system32\rsnp2uvc.dll
2007-10-20 16:31 94,208 --a------ C:\WINDOWS\system32\drivers\camfilt2.sys
2007-10-20 16:31 53,248 --a------ C:\WINDOWS\system32\csnp2uvc.dll
2007-10-20 16:31 28,160 --a------ C:\WINDOWS\system32\drivers\sncduvc.sys
2007-10-20 16:30 3,600,384 --a------ C:\WINDOWS\ffmpeg.exe
2007-10-20 16:29 <REP> d-------- C:\WINDOWS\system32\HWC HD
2007-10-20 16:29 <REP> d-------- C:\Program Files\Hercules
2007-10-20 16:27 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\InstallShield
2007-10-06 20:19 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\DivX
2007-10-06 14:52 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-10-06 14:52 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-10-06 14:52 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-10-06 14:49 <REP> d-------- C:\Program Files\DivX
2007-09-29 23:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-09-29 23:02 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-09-29 23:00 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-09-29 22:57 <REP> d-------- C:\WINDOWS\Internet Logs
2007-09-29 21:22 <REP> d-------- C:\Program Files\CCleaner
2007-09-29 20:41 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-09-28 17:07 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 17:07 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-09-28 17:07 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-09-28 17:05 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-09-28 17:05 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-09-28 17:05 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-09-28 17:05 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-09-28 17:05 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-09-28 17:05 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2007-09-28 17:05 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-09-28 17:05 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-09-26 21:28 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\Windows Desktop Search
2007-09-26 21:16 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\Adssite Advanced Toolbar
2007-09-25 18:27 <REP> d-------- C:\Program Files\Dofus
2007-09-13 17:56 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Application Data\MSNInstaller
2007-09-10 19:27 <REP> d-------- C:\Documents and Settings\AHMIMACHE\Incoming
2007-09-08 12:33 719,872 --a------ C:\WINDOWS\system32\devil.dll
2007-09-08 12:33 394,240 --a------ C:\WINDOWS\system32\Smab.dll
2007-09-08 12:33 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
2007-09-08 12:33 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-09-08 12:33 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-09-08 12:33 66,560 --a------ C:\WINDOWS\MOTA113.exe
2007-09-08 12:33 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-09-08 12:32 502,784 --a------ C:\WINDOWS\x2.64.exe
2007-09-08 12:32 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2007-09-08 12:32 217,073 --a------ C:\WINDOWS\meta4.exe
2007-09-04 18:52 <REP> d-------- C:\WINDOWS\Sun
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-31 17:23 --------- d-----w C:\Documents and Settings\AHMIMACHE\Application Data\LimeWire
2007-10-31 10:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-10-30 13:29 --------- d-----w C:\Program Files\Spyware Doctor
2007-10-30 10:43 278,534 ----a-w C:\WINDOWS\Fonts\Setup.exe
2007-10-30 08:27 278,533 --sh--w C:\WINDOWS\Fonts\svchost.exe
2007-10-25 20:48 5,736 ----a-w C:\Documents and Settings\AHMIMACHE\Application Data\wklnhst.dat
2007-10-20 15:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-14 12:09 --------- d-----w C:\Documents and Settings\AHMIMACHE\Application Data\Canon
2007-10-04 17:50 --------- d-----w C:\Program Files\Java
2007-09-28 16:07 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-09-26 20:23 --------- d-----w C:\Program Files\Windows Desktop Search
2007-09-26 18:23 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-09-26 18:22 --------- d-----w C:\Program Files\Windows Live
2007-09-26 18:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-09-13 17:18 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-09-13 17:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-09-11 18:21 --------- d-----w C:\Program Files\Apple Software Update
2007-09-08 11:12 --------- d-----w C:\Program Files\Fichiers communs\AVSMedia
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-29 13:35 --------- d-----w C:\Program Files\Picasa2
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 09:59 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-20 09:59 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-20 09:59 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 09:59 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 09:59 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 09:59 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-20 09:59 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 09:59 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-08-20 09:59 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-08-20 09:59 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 09:59 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-20 09:59 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-20 09:59 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-20 09:59 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-08-20 09:59 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-08-20 09:59 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-20 09:59 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-20 09:59 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-08-20 09:59 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-20 09:59 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-08-20 09:59 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-08-20 09:59 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-08-20 09:59 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-17 10:22 63,488 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-08-17 10:22 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-08-17 10:22 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-08-17 07:34 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-08-16 14:17 51,568 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 17:19 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-07-30 17:19 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2007-07-12 23:30 765,952 ----a-w C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-09 13:19 582,656 ----a-w C:\WINDOWS\system32\rpcrt4.dll
2007-07-09 13:19 582,656 ----a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{65BD1468-09D5-4827-BFC8-78F0D23AEBB3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 09:11]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-09-23 12:41]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-08-14 16:02]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
"PCMService"="C:\Program Files\Acer TV-FM\PCMService.exe" [2006-03-29 20:50]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 10:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 06:00]
"MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2006-05-04 13:55]
"LaunchApp"="Alaunch" []
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-04-13 05:07]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 11:41]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 06:00]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-20 14:27]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 13:40]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2006-06-09 11:24]
"Acer Empowering Technology Monitor"="C:\WINDOWS\system32\SysMonitor.exe" [2006-04-18 18:54]
"snp2uvc"="C:\WINDOWS\vsnp2uvc.exe" [2007-03-12 17:49]
"SiSPower"="SiSPower.dll" [2005-08-25 18:05 C:\WINDOWS\system32\SiSPower.dll]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hyperappel de l'Encyclopédie Universelle Larousse"="C:\Program Files\Larousse\Encyclopédie Universelle Larousse 2007\Bin\Hyperappel.exe" [2006-07-17 13:25]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 06:00]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-10-21 15:42:07]
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 19:25:14]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
Outil de mise à jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-06-23 13:18:29]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 14:40:46]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\mljgf.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
R1 oreans32;oreans32;\??\C:\WINDOWS\system32\drivers\oreans32.sys
R3 camfilt2;camfilt2;C:\WINDOWS\system32\Drivers\camfilt2.sys
R3 int15.sys;int15.sys;\??\C:\acer\Empowering Technology\eRecovery\int15.sys
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC);C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 CAM1210;SM0121 USB 2.0 Video Camera;C:\WINDOWS\system32\Drivers\cam1210.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0855590c-1ab1-11db-96a2-806d6172696f}]
AutoRun\command - E:\setup.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-31 17:48:30 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
.
**************************************************************************
catchme 0.3.1239 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-31 19:35:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-31 19:40:47 - machine was rebooted
.
--- E O F ---
et voila l rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 19:44:12, on 31/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer TV-FM\PCMService.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\WINDOWS\vsnp2uvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse 2007\Bin\Hyperappel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {65BD1468-09D5-4827-BFC8-78F0D23AEBB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer TV-FM\PCMService.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Hyperappel de l'Encyclopédie Universelle Larousse] "C:\Program Files\Larousse\Encyclopédie Universelle Larousse 2007\Bin\Hyperappel.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
A voir également:
- Cheval de troie
- Antivirus cheval de troie gratuit - Télécharger - Antivirus & Antimalwares
- Ordinateur bloqué cheval de troie - Accueil - Arnaque
- Qu'est ce que le cheval au poker - Forum Virus
- Comment se débarrasser d'un cheval de troie ✓ - Forum Virus
- Retrouver son cheval skyrim - Forum Jeux PC
1 réponse
slt
FIX CES LIGNES AVEC HIJACKTHIS (faire fix cheked apres avoir seléctionné sur la gauche les lignes)
O2 - BHO: (no name) - {65BD1468-09D5-4827-BFC8-78F0D23AEBB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
_______________________
colle le rapport d'un scan en ligne pour verifer car pas grand chose dans ton hijackthis
http://www.bitdefender.fr/scan_fr/scan8/ie.html
tu as des signes? pubs ou autres?
FIX CES LIGNES AVEC HIJACKTHIS (faire fix cheked apres avoir seléctionné sur la gauche les lignes)
O2 - BHO: (no name) - {65BD1468-09D5-4827-BFC8-78F0D23AEBB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
_______________________
colle le rapport d'un scan en ligne pour verifer car pas grand chose dans ton hijackthis
http://www.bitdefender.fr/scan_fr/scan8/ie.html
tu as des signes? pubs ou autres?
