Ordinateur presumé infecté... help needed
Résolu/Fermé
Les Patrons
-
5 nov. 2007 à 00:24
tribun Messages postés 64861 Date d'inscription vendredi 24 août 2007 Statut Membre Dernière intervention 20 février 2020 - 5 nov. 2007 à 06:31
tribun Messages postés 64861 Date d'inscription vendredi 24 août 2007 Statut Membre Dernière intervention 20 février 2020 - 5 nov. 2007 à 06:31
A voir également:
- Ordinateur presumé infecté... help needed
- Ordinateur lent - Guide
- Réinitialiser ordinateur - Guide
- Ordinateur ecran noir - Guide
- Pad ordinateur - Guide
- Cpu ordinateur - Guide
5 réponses
DarkRodWarrior
Messages postés
1755
Date d'inscription
vendredi 2 mars 2007
Statut
Membre
Dernière intervention
18 mai 2010
91
5 nov. 2007 à 00:28
5 nov. 2007 à 00:28
Salut
Et que raconte Nod32 ?
Et que raconte Nod32 ?
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
5 nov. 2007 à 00:30
5 nov. 2007 à 00:30
Bonjour
As-tu cherché une solution à tes problèmes
Si non = regarde dans ce lien
Et je pense que ton POST Hijackthis sera plus propre.
A+
http://www.commentcamarche.net/faq/sujet 3174 virus m thode pr liminaire de d sinfection version fr
As-tu cherché une solution à tes problèmes
Si non = regarde dans ce lien
Et je pense que ton POST Hijackthis sera plus propre.
A+
http://www.commentcamarche.net/faq/sujet 3174 virus m thode pr liminaire de d sinfection version fr
Utilisateur anonyme
5 nov. 2007 à 00:31
5 nov. 2007 à 00:31
Salut,
fix :
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzim029YYES
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-es.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c004C71D.dat
va sur www.virustotal.com et envoie : C:\APPS\IE\offline\sp.htm
si c'est un virus fix ca alors :
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\sp.htm
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\sp.htm
voilà dit moi le resultat de virus total je te dit la suite.
fix :
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzim029YYES
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-es.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c004C71D.dat
va sur www.virustotal.com et envoie : C:\APPS\IE\offline\sp.htm
si c'est un virus fix ca alors :
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\sp.htm
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\sp.htm
voilà dit moi le resultat de virus total je te dit la suite.
Bonjour,
alors voila les scans ce que ca a donne :
Le rapport de bitdefender :
Statistics
Time
01:46:41
Files
371263
Folders
9265
Boot Sectors
5
Archives
7754
Packed Files
17357
Results
Identified Viruses
10
Infected Files
33
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
32
Engines Info
Virus Definitions
860256
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\NiNa\Configuración local\Datos de programa\xalvfqzdve.exe
Detected with: Adware.Navipromo.BYZ
C:\Documents and Settings\NiNa\Configuración local\Datos de programa\xalvfqzdve.exe
Disinfection failed
C:\Documents and Settings\NiNa\Configuración local\Datos de programa\xalvfqzdve.exe
Deleted
C:\Documents and Settings\NiNa\Datos de programa\VideoEgg\Updater\updater.exe
Infected with: Trojan.Generic.25658
C:\Documents and Settings\NiNa\Datos de programa\VideoEgg\Updater\updater.exe
Disinfection failed
C:\Documents and Settings\NiNa\Datos de programa\VideoEgg\Updater\updater.exe
Deleted
C:\Documents and Settings\NiNa\Escritorio\VideoEggPublisher.exe=>(NSIS o)=>lzma_solid_nsis0013
Infected with: Trojan.Generic.25658
C:\Documents and Settings\NiNa\Escritorio\VideoEggPublisher.exe=>(NSIS o)=>lzma_solid_nsis0013
Disinfection failed
C:\Documents and Settings\NiNa\Escritorio\VideoEggPublisher.exe=>(NSIS o)=>lzma_solid_nsis0013
Deleted
C:\Documents and Settings\NiNa\Escritorio\VideoEggPublisher.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067522.dll
Infected with: DeepScan:Generic.Virtumod.9DBF95A2
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067522.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067522.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067572.dll
Infected with: DeepScan:Generic.Virtumod.9DBF95A2
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067572.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067572.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067667.dll
Infected with: DeepScan:Generic.Virtumod.8DD6A2F7
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067667.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067667.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067770.dll
Infected with: Trojan.Downloader.Agent.YPO
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067770.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068770.dll
Infected with: DeepScan:Generic.Virtumod.199508B9
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068770.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068770.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068878.dll
Infected with: DeepScan:Generic.Virtumod.199508B9
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068878.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068878.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068924.dll
Infected with: DeepScan:Generic.Virtumod.1B6A3021
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068924.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068924.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068947.dll
Infected with: DeepScan:Generic.Virtumod.99345FDF
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068947.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068947.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0069007.dll
Infected with: DeepScan:Generic.Virtumod.99345FDF
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0069007.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0069007.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP278\A0069162.dll
Infected with: Trojan.Downloader.Agent.YPN
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP278\A0069162.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP278\A0069443.dll
Infected with: Trojan.Downloader.Agent.YPN
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP278\A0069443.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069593.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069593.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069593.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069661.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069661.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069661.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069688.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069688.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069688.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0069741.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0069741.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0069741.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070787.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070787.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070787.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070807.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070807.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070807.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070842.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070842.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070842.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0070998.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0070998.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0070998.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071098.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071098.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071098.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071200.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071200.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071200.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP282\A0072097.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP282\A0072097.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP282\A0072097.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072154.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072154.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072154.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072228.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072228.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072228.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072240.dll
Infected with: DeepScan:Generic.Virtumod.9DBF95A2
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072240.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072240.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078058.exe
Detected with: Adware.Navipromo.BYZ
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078058.exe
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078058.exe
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078059.exe
Infected with: Trojan.Generic.25658
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078059.exe
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078059.exe
Deleted
C:\WINDOWS\system32\awvvu.dll
Detected with: Adware.Virtumonde.GGX
C:\WINDOWS\system32\awvvu.dll
Disinfection failed
C:\WINDOWS\system32\awvvu.dll
Delete failed
C:\WINDOWS\system32\mlchmq.exe
Detected with: Adware.Navipromo.BYZ
C:\WINDOWS\system32\mlchmq.exe
Disinfection failed
C:\WINDOWS\system32\mlchmq.exe
Deleted
C:\WINDOWS\system32\ynmbgejcz.exe
Detected with: Adware.Navipromo.BYZ
C:\WINDOWS\system32\ynmbgejcz.exe
Disinfection failed
C:\WINDOWS\system32\ynmbgejcz.exe
Deleted
ET VOICI LE RAPPORT DE HIJACK THIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:46:00, on 05/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Domino.exe
C:\Archivos de programa\Eset\nod32kui.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Archivos de programa\Eset\nod32krn.exe
C:\Archivos de programa\NTR global\NTRconnect\NTRconnect.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Archivos comunes\Ulead Systems\DVD\ULCDRSvr.exe
C:\Archivos de programa\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\ARCHIV~1\COMMON~1\X10\Common\x10nets.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\alg.exe
C:\Archivos de programa\MSN Messenger\usnsvc.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\ARCHIV~1\MOZILL~1\FIREFOX.EXE
C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=SP&range=AD&phase=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\sp.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=7&key=MED
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzim029YYES
O8 - Extra context menu item: Download all links using BitComet - res://C:\Documents and Settings\NiNa\Mis documentos\telecharger programme\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Documents and Settings\NiNa\Mis documentos\telecharger programme\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Documents and Settings\NiNa\Mis documentos\telecharger programme\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\sp.htm
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/21.13/uploader2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://youandherbalife.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-es.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by129fd.bay129.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c004C71D.dat
O23 - Service: Adobe LM Service - Adobe Systems - C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servicio del iPod (iPod Service) - Unknown owner - C:\Archivos de programa\iPod\bin\iPodService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Archivos de programa\Eset\nod32krn.exe
O23 - Service: NTRconnect (ntrconnect) - Net Transmit & Receive - C:\Archivos de programa\NTR global\NTRconnect\NTRconnect.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Archivos de programa\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Archivos de programa\Archivos comunes\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Archivos de programa\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Archivos de programa\Windows Live\installer\WLSetupSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\ARCHIV~1\COMMON~1\X10\Common\x10nets.exe
alors voila les scans ce que ca a donne :
Le rapport de bitdefender :
Statistics
Time
01:46:41
Files
371263
Folders
9265
Boot Sectors
5
Archives
7754
Packed Files
17357
Results
Identified Viruses
10
Infected Files
33
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
32
Engines Info
Virus Definitions
860256
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\NiNa\Configuración local\Datos de programa\xalvfqzdve.exe
Detected with: Adware.Navipromo.BYZ
C:\Documents and Settings\NiNa\Configuración local\Datos de programa\xalvfqzdve.exe
Disinfection failed
C:\Documents and Settings\NiNa\Configuración local\Datos de programa\xalvfqzdve.exe
Deleted
C:\Documents and Settings\NiNa\Datos de programa\VideoEgg\Updater\updater.exe
Infected with: Trojan.Generic.25658
C:\Documents and Settings\NiNa\Datos de programa\VideoEgg\Updater\updater.exe
Disinfection failed
C:\Documents and Settings\NiNa\Datos de programa\VideoEgg\Updater\updater.exe
Deleted
C:\Documents and Settings\NiNa\Escritorio\VideoEggPublisher.exe=>(NSIS o)=>lzma_solid_nsis0013
Infected with: Trojan.Generic.25658
C:\Documents and Settings\NiNa\Escritorio\VideoEggPublisher.exe=>(NSIS o)=>lzma_solid_nsis0013
Disinfection failed
C:\Documents and Settings\NiNa\Escritorio\VideoEggPublisher.exe=>(NSIS o)=>lzma_solid_nsis0013
Deleted
C:\Documents and Settings\NiNa\Escritorio\VideoEggPublisher.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067522.dll
Infected with: DeepScan:Generic.Virtumod.9DBF95A2
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067522.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067522.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067572.dll
Infected with: DeepScan:Generic.Virtumod.9DBF95A2
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067572.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067572.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067667.dll
Infected with: DeepScan:Generic.Virtumod.8DD6A2F7
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067667.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067667.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067770.dll
Infected with: Trojan.Downloader.Agent.YPO
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0067770.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068770.dll
Infected with: DeepScan:Generic.Virtumod.199508B9
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068770.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068770.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068878.dll
Infected with: DeepScan:Generic.Virtumod.199508B9
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068878.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP275\A0068878.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068924.dll
Infected with: DeepScan:Generic.Virtumod.1B6A3021
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068924.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068924.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068947.dll
Infected with: DeepScan:Generic.Virtumod.99345FDF
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068947.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0068947.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0069007.dll
Infected with: DeepScan:Generic.Virtumod.99345FDF
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0069007.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP276\A0069007.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP278\A0069162.dll
Infected with: Trojan.Downloader.Agent.YPN
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP278\A0069162.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP278\A0069443.dll
Infected with: Trojan.Downloader.Agent.YPN
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP278\A0069443.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069593.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069593.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069593.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069661.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069661.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069661.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069688.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069688.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP279\A0069688.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0069741.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0069741.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0069741.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070787.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070787.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070787.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070807.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070807.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070807.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070842.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070842.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP280\A0070842.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0070998.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0070998.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0070998.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071098.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071098.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071098.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071200.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071200.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP281\A0071200.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP282\A0072097.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP282\A0072097.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP282\A0072097.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072154.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072154.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072154.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072228.dll
Detected with: Adware.Virtumonde.GGX
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072228.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072228.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072240.dll
Infected with: DeepScan:Generic.Virtumod.9DBF95A2
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072240.dll
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP283\A0072240.dll
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078058.exe
Detected with: Adware.Navipromo.BYZ
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078058.exe
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078058.exe
Deleted
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078059.exe
Infected with: Trojan.Generic.25658
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078059.exe
Disinfection failed
C:\System Volume Information\_restore{BA67144F-19FA-49BA-9708-71C2B7D8B069}\RP298\A0078059.exe
Deleted
C:\WINDOWS\system32\awvvu.dll
Detected with: Adware.Virtumonde.GGX
C:\WINDOWS\system32\awvvu.dll
Disinfection failed
C:\WINDOWS\system32\awvvu.dll
Delete failed
C:\WINDOWS\system32\mlchmq.exe
Detected with: Adware.Navipromo.BYZ
C:\WINDOWS\system32\mlchmq.exe
Disinfection failed
C:\WINDOWS\system32\mlchmq.exe
Deleted
C:\WINDOWS\system32\ynmbgejcz.exe
Detected with: Adware.Navipromo.BYZ
C:\WINDOWS\system32\ynmbgejcz.exe
Disinfection failed
C:\WINDOWS\system32\ynmbgejcz.exe
Deleted
ET VOICI LE RAPPORT DE HIJACK THIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:46:00, on 05/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Domino.exe
C:\Archivos de programa\Eset\nod32kui.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Archivos de programa\Eset\nod32krn.exe
C:\Archivos de programa\NTR global\NTRconnect\NTRconnect.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Archivos comunes\Ulead Systems\DVD\ULCDRSvr.exe
C:\Archivos de programa\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\ARCHIV~1\COMMON~1\X10\Common\x10nets.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\alg.exe
C:\Archivos de programa\MSN Messenger\usnsvc.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\ARCHIV~1\MOZILL~1\FIREFOX.EXE
C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=SP&range=AD&phase=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\sp.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=7&key=MED
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzim029YYES
O8 - Extra context menu item: Download all links using BitComet - res://C:\Documents and Settings\NiNa\Mis documentos\telecharger programme\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Documents and Settings\NiNa\Mis documentos\telecharger programme\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Documents and Settings\NiNa\Mis documentos\telecharger programme\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\sp.htm
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/21.13/uploader2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://youandherbalife.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-es.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by129fd.bay129.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c004C71D.dat
O23 - Service: Adobe LM Service - Adobe Systems - C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servicio del iPod (iPod Service) - Unknown owner - C:\Archivos de programa\iPod\bin\iPodService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Archivos de programa\Eset\nod32krn.exe
O23 - Service: NTRconnect (ntrconnect) - Net Transmit & Receive - C:\Archivos de programa\NTR global\NTRconnect\NTRconnect.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Archivos de programa\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Archivos de programa\Archivos comunes\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Archivos de programa\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Archivos de programa\Windows Live\installer\WLSetupSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\ARCHIV~1\COMMON~1\X10\Common\x10nets.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
tribun
Messages postés
64861
Date d'inscription
vendredi 24 août 2007
Statut
Membre
Dernière intervention
20 février 2020
12 510
5 nov. 2007 à 06:31
5 nov. 2007 à 06:31
bonjour
ben t'en avais rammasé des trucs !!
selon bitdefender tu est désinfecté ! deleted = supprimé
A
ben t'en avais rammasé des trucs !!
selon bitdefender tu est désinfecté ! deleted = supprimé
A
