Virus trojan Win 32
Fermé
to35
-
18 févr. 2008 à 09:30
Powax Messages postés 544 Date d'inscription jeudi 31 janvier 2008 Statut Membre Dernière intervention 17 avril 2009 - 27 févr. 2008 à 10:22
Powax Messages postés 544 Date d'inscription jeudi 31 janvier 2008 Statut Membre Dernière intervention 17 avril 2009 - 27 févr. 2008 à 10:22
A voir également:
- Virus trojan Win 32
- 32 bits - Guide
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Poweriso 32 bit - Télécharger - Gravure
- Message virus iphone site adulte - Forum iPhone
- Win setup from usb - Télécharger - Utilitaires
32 réponses
Powax
Messages postés
544
Date d'inscription
jeudi 31 janvier 2008
Statut
Membre
Dernière intervention
17 avril 2009
92
18 févr. 2008 à 11:02
18 févr. 2008 à 11:02
Bonjour,
télécharge, installe et exécute:
http://www.commentcamarche.net/telecharger/telecharger 34055360 the cleaner
Tuto: http://www.commentcamarche.net/faq/sujet 9284 detecter les infections et desinfecter avec the cleaner
Poste le rapport stp.
télécharge, installe et exécute:
http://www.commentcamarche.net/telecharger/telecharger 34055360 the cleaner
Tuto: http://www.commentcamarche.net/faq/sujet 9284 detecter les infections et desinfecter avec the cleaner
Poste le rapport stp.
merci pour ta réponse Powax, j'ai eu un petit problème en suivant le tuto, j'ai procéder à la mise à jour mais j'ai un message d'erreur qui s'est alors affiché disant " database file C:\programe Files\The Cleaner Free\d0005.dat' does not exist", j'ai réessayer de mettre à jour et une erreur est survenue et ton programme m'a donné ce rapport:
[18/02/2008 12:01:17]init>Live Update Session Start
[18/02/2008 12:01:19]download>C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:01:19]download>Saving new file: C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:01:19]news>Checking for news
[18/02/2008 12:01:19]self update>Checking version information
[18/02/2008 12:01:19]news>No news found
[18/02/2008 12:01:19]self update>Current MD5: 2d6b51144f04bf4f81ca956757795595 Remote MD5: 2d6b51144f04bf4f81ca956757795595
[18/02/2008 12:01:21]update>Need ms0002.dll
[18/02/2008 12:01:21]update>Need d0003.dat
[18/02/2008 12:01:21]update>Need ms0005.dll
[18/02/2008 12:01:21]update>Need cleaner.exe
[18/02/2008 12:01:21]update>Need d0005.dat
[18/02/2008 12:01:21]update>Need ms0003.dll
[18/02/2008 12:01:26]user>Proceeding with update
[18/02/2008 12:01:27]updates>http://www.moosoft.com/updatestc5free/ms0002.dll
[18/02/2008 12:01:27]updates>C:\Program Files\The Cleaner Free\ms0002.dll
[18/02/2008 12:01:44]download>C:\Program Files\The Cleaner Free\ms0002.dll
[18/02/2008 12:01:44]download>Moved C:\Program Files\The Cleaner Free\ms0002.dll to C:\Program Files\The Cleaner Free\ms0002.dll.bak
[18/02/2008 12:01:44]download>Saving new file: C:\Program Files\The Cleaner Free\ms0002.dll
[18/02/2008 12:01:44]updates>http://www.moosoft.com/updatestc5free/d0003.dat
[18/02/2008 12:01:44]updates>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:01:46]download>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:01:46]download>Moved C:\Program Files\The Cleaner Free\d0003.dat to C:\Program Files\The Cleaner Free\d0003.dat.bak
[18/02/2008 12:01:46]download>Saving new file: C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:01:46]updates>http://www.moosoft.com/updatestc5free/ms0005.dll
[18/02/2008 12:01:46]updates>C:\Program Files\The Cleaner Free\ms0005.dll
[18/02/2008 12:02:03]download>C:\Program Files\The Cleaner Free\ms0005.dll
[18/02/2008 12:02:03]download>Moved C:\Program Files\The Cleaner Free\ms0005.dll to C:\Program Files\The Cleaner Free\ms0005.dll.bak
[18/02/2008 12:02:03]download>Saving new file: C:\Program Files\The Cleaner Free\ms0005.dll
[18/02/2008 12:02:03]updates>http://www.moosoft.com/updatestc5free/cleaner.exe
[18/02/2008 12:02:03]updates>C:\Program Files\The Cleaner Free\cleaner.exe
[18/02/2008 12:03:16]download>C:\Program Files\The Cleaner Free\cleaner.exe
[18/02/2008 12:03:16]download>Moved C:\Program Files\The Cleaner Free\cleaner.exe to C:\Program Files\The Cleaner Free\cleaner.exe.bak
[18/02/2008 12:03:16]download>Saving new file: C:\Program Files\The Cleaner Free\cleaner.exe
[18/02/2008 12:03:17]updates>http://www.moosoft.com/updatestc5free/d0005.dat
[18/02/2008 12:03:17]updates>C:\Program Files\The Cleaner Free\d0005.dat
[18/02/2008 12:03:17]download>C:\Program Files\The Cleaner Free\d0005.dat
[18/02/2008 12:03:17]download>Moved C:\Program Files\The Cleaner Free\d0005.dat to C:\Program Files\The Cleaner Free\d0005.dat.bak
[18/02/2008 12:03:17]download>Saving new file: C:\Program Files\The Cleaner Free\d0005.dat
[18/02/2008 12:03:17]error>Stream is empty!
[18/02/2008 12:03:17]error>d0005.dat: Expected and actual update mismatch. Expected: b952275ac0fc4210b485f457b8501681 Received: Unknown error downloading, file not found.
[18/02/2008 12:03:47]close>Live Update Session End
[18/02/2008 12:08:15]init>Live Update Session Start
[18/02/2008 12:08:16]download>C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:08:16]download>Moved C:\Program Files\The Cleaner Free\moolive4.dat to C:\Program Files\The Cleaner Free\moolive4.dat.bak
[18/02/2008 12:08:16]download>Saving new file: C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:08:16]error>Stream is empty!
[18/02/2008 12:08:16]error>Could not read update data
[18/02/2008 12:08:29]close>Live Update Session End
[18/02/2008 12:12:02]init>Live Update Session Start
[18/02/2008 12:12:04]download>C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:12:04]download>Saving new file: C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:12:04]news>Checking for news
[18/02/2008 12:12:04]self update>Checking version information
[18/02/2008 12:12:04]news>No news found
[18/02/2008 12:12:04]self update>Current MD5: 2d6b51144f04bf4f81ca956757795595 Remote MD5: 2d6b51144f04bf4f81ca956757795595
[18/02/2008 12:12:06]update>Need d0003.dat
[18/02/2008 12:12:06]update>Need d0009.dat
[18/02/2008 12:12:06]update>Need d0007.dat
[18/02/2008 12:12:06]update>Need d0006.dat
[18/02/2008 12:12:06]update>Need d0005.dat
[18/02/2008 12:12:06]update>Need d0008.dat
[18/02/2008 12:12:06]update>Need ms0003.dll
[18/02/2008 12:12:10]user>Proceeding with update
[18/02/2008 12:12:11]updates>http://www.moosoft.com/updatestc5free/d0003.dat
[18/02/2008 12:12:11]updates>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:12:13]download>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:12:13]error>d0003.dat: Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
[18/02/2008 12:12:19]close>Live Update Session End
[18/02/2008 12:17:20]init>Live Update Session Start
[18/02/2008 12:17:22]download>C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:17:22]download>Moved C:\Program Files\The Cleaner Free\moolive4.dat to C:\Program Files\The Cleaner Free\moolive4.dat.bak
[18/02/2008 12:17:22]download>Saving new file: C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:17:22]news>Checking for news
[18/02/2008 12:17:22]self update>Checking version information
[18/02/2008 12:17:22]news>No news found
[18/02/2008 12:17:22]self update>Current MD5: 2d6b51144f04bf4f81ca956757795595 Remote MD5: 2d6b51144f04bf4f81ca956757795595
[18/02/2008 12:17:24]update>Need d0003.dat
[18/02/2008 12:17:24]update>Need d0009.dat
[18/02/2008 12:17:24]update>Need d0007.dat
[18/02/2008 12:17:24]update>Need d0006.dat
[18/02/2008 12:17:24]update>Need d0005.dat
[18/02/2008 12:17:24]update>Need d0008.dat
[18/02/2008 12:17:24]update>Need ms0003.dll
[18/02/2008 12:17:27]user>Proceeding with update
[18/02/2008 12:17:28]updates>http://www.moosoft.com/updatestc5free/d0003.dat
[18/02/2008 12:17:28]updates>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:17:29]download>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:17:29]error>d0003.dat: Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
[18/02/2008 12:01:17]init>Live Update Session Start
[18/02/2008 12:01:19]download>C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:01:19]download>Saving new file: C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:01:19]news>Checking for news
[18/02/2008 12:01:19]self update>Checking version information
[18/02/2008 12:01:19]news>No news found
[18/02/2008 12:01:19]self update>Current MD5: 2d6b51144f04bf4f81ca956757795595 Remote MD5: 2d6b51144f04bf4f81ca956757795595
[18/02/2008 12:01:21]update>Need ms0002.dll
[18/02/2008 12:01:21]update>Need d0003.dat
[18/02/2008 12:01:21]update>Need ms0005.dll
[18/02/2008 12:01:21]update>Need cleaner.exe
[18/02/2008 12:01:21]update>Need d0005.dat
[18/02/2008 12:01:21]update>Need ms0003.dll
[18/02/2008 12:01:26]user>Proceeding with update
[18/02/2008 12:01:27]updates>http://www.moosoft.com/updatestc5free/ms0002.dll
[18/02/2008 12:01:27]updates>C:\Program Files\The Cleaner Free\ms0002.dll
[18/02/2008 12:01:44]download>C:\Program Files\The Cleaner Free\ms0002.dll
[18/02/2008 12:01:44]download>Moved C:\Program Files\The Cleaner Free\ms0002.dll to C:\Program Files\The Cleaner Free\ms0002.dll.bak
[18/02/2008 12:01:44]download>Saving new file: C:\Program Files\The Cleaner Free\ms0002.dll
[18/02/2008 12:01:44]updates>http://www.moosoft.com/updatestc5free/d0003.dat
[18/02/2008 12:01:44]updates>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:01:46]download>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:01:46]download>Moved C:\Program Files\The Cleaner Free\d0003.dat to C:\Program Files\The Cleaner Free\d0003.dat.bak
[18/02/2008 12:01:46]download>Saving new file: C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:01:46]updates>http://www.moosoft.com/updatestc5free/ms0005.dll
[18/02/2008 12:01:46]updates>C:\Program Files\The Cleaner Free\ms0005.dll
[18/02/2008 12:02:03]download>C:\Program Files\The Cleaner Free\ms0005.dll
[18/02/2008 12:02:03]download>Moved C:\Program Files\The Cleaner Free\ms0005.dll to C:\Program Files\The Cleaner Free\ms0005.dll.bak
[18/02/2008 12:02:03]download>Saving new file: C:\Program Files\The Cleaner Free\ms0005.dll
[18/02/2008 12:02:03]updates>http://www.moosoft.com/updatestc5free/cleaner.exe
[18/02/2008 12:02:03]updates>C:\Program Files\The Cleaner Free\cleaner.exe
[18/02/2008 12:03:16]download>C:\Program Files\The Cleaner Free\cleaner.exe
[18/02/2008 12:03:16]download>Moved C:\Program Files\The Cleaner Free\cleaner.exe to C:\Program Files\The Cleaner Free\cleaner.exe.bak
[18/02/2008 12:03:16]download>Saving new file: C:\Program Files\The Cleaner Free\cleaner.exe
[18/02/2008 12:03:17]updates>http://www.moosoft.com/updatestc5free/d0005.dat
[18/02/2008 12:03:17]updates>C:\Program Files\The Cleaner Free\d0005.dat
[18/02/2008 12:03:17]download>C:\Program Files\The Cleaner Free\d0005.dat
[18/02/2008 12:03:17]download>Moved C:\Program Files\The Cleaner Free\d0005.dat to C:\Program Files\The Cleaner Free\d0005.dat.bak
[18/02/2008 12:03:17]download>Saving new file: C:\Program Files\The Cleaner Free\d0005.dat
[18/02/2008 12:03:17]error>Stream is empty!
[18/02/2008 12:03:17]error>d0005.dat: Expected and actual update mismatch. Expected: b952275ac0fc4210b485f457b8501681 Received: Unknown error downloading, file not found.
[18/02/2008 12:03:47]close>Live Update Session End
[18/02/2008 12:08:15]init>Live Update Session Start
[18/02/2008 12:08:16]download>C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:08:16]download>Moved C:\Program Files\The Cleaner Free\moolive4.dat to C:\Program Files\The Cleaner Free\moolive4.dat.bak
[18/02/2008 12:08:16]download>Saving new file: C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:08:16]error>Stream is empty!
[18/02/2008 12:08:16]error>Could not read update data
[18/02/2008 12:08:29]close>Live Update Session End
[18/02/2008 12:12:02]init>Live Update Session Start
[18/02/2008 12:12:04]download>C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:12:04]download>Saving new file: C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:12:04]news>Checking for news
[18/02/2008 12:12:04]self update>Checking version information
[18/02/2008 12:12:04]news>No news found
[18/02/2008 12:12:04]self update>Current MD5: 2d6b51144f04bf4f81ca956757795595 Remote MD5: 2d6b51144f04bf4f81ca956757795595
[18/02/2008 12:12:06]update>Need d0003.dat
[18/02/2008 12:12:06]update>Need d0009.dat
[18/02/2008 12:12:06]update>Need d0007.dat
[18/02/2008 12:12:06]update>Need d0006.dat
[18/02/2008 12:12:06]update>Need d0005.dat
[18/02/2008 12:12:06]update>Need d0008.dat
[18/02/2008 12:12:06]update>Need ms0003.dll
[18/02/2008 12:12:10]user>Proceeding with update
[18/02/2008 12:12:11]updates>http://www.moosoft.com/updatestc5free/d0003.dat
[18/02/2008 12:12:11]updates>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:12:13]download>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:12:13]error>d0003.dat: Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
[18/02/2008 12:12:19]close>Live Update Session End
[18/02/2008 12:17:20]init>Live Update Session Start
[18/02/2008 12:17:22]download>C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:17:22]download>Moved C:\Program Files\The Cleaner Free\moolive4.dat to C:\Program Files\The Cleaner Free\moolive4.dat.bak
[18/02/2008 12:17:22]download>Saving new file: C:\Program Files\The Cleaner Free\moolive4.dat
[18/02/2008 12:17:22]news>Checking for news
[18/02/2008 12:17:22]self update>Checking version information
[18/02/2008 12:17:22]news>No news found
[18/02/2008 12:17:22]self update>Current MD5: 2d6b51144f04bf4f81ca956757795595 Remote MD5: 2d6b51144f04bf4f81ca956757795595
[18/02/2008 12:17:24]update>Need d0003.dat
[18/02/2008 12:17:24]update>Need d0009.dat
[18/02/2008 12:17:24]update>Need d0007.dat
[18/02/2008 12:17:24]update>Need d0006.dat
[18/02/2008 12:17:24]update>Need d0005.dat
[18/02/2008 12:17:24]update>Need d0008.dat
[18/02/2008 12:17:24]update>Need ms0003.dll
[18/02/2008 12:17:27]user>Proceeding with update
[18/02/2008 12:17:28]updates>http://www.moosoft.com/updatestc5free/d0003.dat
[18/02/2008 12:17:28]updates>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:17:29]download>C:\Program Files\The Cleaner Free\d0003.dat
[18/02/2008 12:17:29]error>d0003.dat: Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Powax
Messages postés
544
Date d'inscription
jeudi 31 janvier 2008
Statut
Membre
Dernière intervention
17 avril 2009
92
18 févr. 2008 à 13:40
18 févr. 2008 à 13:40
Télécharge HiJackThis: http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
* Dézippe-le dans un dossier prévu à cet effet à la racine du disque. Par exemple C:\hijackthis
* Exécute-le puis clic sur "Do a system scan and save a logfile"
* Copie-colle le rapport dans ta prochaine réponse.
* Dézippe-le dans un dossier prévu à cet effet à la racine du disque. Par exemple C:\hijackthis
* Exécute-le puis clic sur "Do a system scan and save a logfile"
* Copie-colle le rapport dans ta prochaine réponse.
voila le rapport que j'obtiens avec hijack, merci pour tout:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:22, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Joly\Cassini\CassiniServer2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S92.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Cassini ASP.NET 2.0 Server - UltiDev LLC - C:\Program Files\Joly\Cassini\CassiniServer2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:22, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Joly\Cassini\CassiniServer2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S92.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Cassini ASP.NET 2.0 Server - UltiDev LLC - C:\Program Files\Joly\Cassini\CassiniServer2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voila le rapport que j'obtiens avec hijack, merci pour tout:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:22, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Joly\Cassini\CassiniServer2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S92.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Cassini ASP.NET 2.0 Server - UltiDev LLC - C:\Program Files\Joly\Cassini\CassiniServer2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:22, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Joly\Cassini\CassiniServer2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S92.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Cassini ASP.NET 2.0 Server - UltiDev LLC - C:\Program Files\Joly\Cassini\CassiniServer2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
Powax
Messages postés
544
Date d'inscription
jeudi 31 janvier 2008
Statut
Membre
Dernière intervention
17 avril 2009
92
18 févr. 2008 à 14:08
18 févr. 2008 à 14:08
Tu as le virus amvo
Essaye une analyse BitDefender à partir d'IE: https://www.bitdefender.fr/
(bouton BitDefender scan online dans la colonne de gauche)
Poste le rapport stp.
Si ça marche pas, y'a un plan B ;o)
Essaye une analyse BitDefender à partir d'IE: https://www.bitdefender.fr/
(bouton BitDefender scan online dans la colonne de gauche)
Poste le rapport stp.
Si ça marche pas, y'a un plan B ;o)
C:\Documents and Settings\thomas\Bureau\rapport.html
voila le lien pour accéder au rapport de bitdefender, je suis pas sur que c'est bien ce que tu voulais sinon j'essaie de te le mettre en copier coller directement sur le post
encore merki pour tout, je serai vraiment paumé si vous étiez pas là :)))
voila le lien pour accéder au rapport de bitdefender, je suis pas sur que c'est bien ce que tu voulais sinon j'essaie de te le mettre en copier coller directement sur le post
encore merki pour tout, je serai vraiment paumé si vous étiez pas là :)))
Au passage j'ai zappé de me deconnecter pour faire le scan, je sais pas si c'est grave, sinon je voulais savoir si ce p..tain de virus est dangeureux ? est ce qu'il pouvait provenir de MSN et si oui y a t'il un risque que je le fasse circuler? comment faire pour ne pas être infecté periodiquement ? Et j'ai un disque dur externe (que je n'ai pas sous la main) peut il être aussi infecté et si oui est-il possible de le nettoyé séparement un peu plus tard ?
En espérant que ton plan A aura la peau de ce salo de amvo ;)
En espérant que ton plan A aura la peau de ce salo de amvo ;)
Powax
Messages postés
544
Date d'inscription
jeudi 31 janvier 2008
Statut
Membre
Dernière intervention
17 avril 2009
92
18 févr. 2008 à 15:25
18 févr. 2008 à 15:25
* "voila le lien pour accéder au rapport de bitdefender, je suis pas sur que c'est bien ce que tu voulais sinon j'essaie de te le mettre en copier coller directement sur le post"
>> A moins que je ne prenne la main sur ton pc, je ne peux rien faire avec ce chemin ...
>> donc copie-colle le contenu de cete page stp ;o)
* pour vérifier que tu n'as pas le virus msn:
Télécharge MSNFix.zip sur ton bureau: http://sosvirus.changelog.fr/MSNFix.zip
* Décompresse-le (clic droit << Extraire ici) et double-clique sur le fichier MSNFix.bat
* Exécute l'option R
* Si l'infection est détectée, exécute l'option N
* Sauvegarde le rapport puis copie/colle-le ici
>> A moins que je ne prenne la main sur ton pc, je ne peux rien faire avec ce chemin ...
>> donc copie-colle le contenu de cete page stp ;o)
* pour vérifier que tu n'as pas le virus msn:
Télécharge MSNFix.zip sur ton bureau: http://sosvirus.changelog.fr/MSNFix.zip
* Décompresse-le (clic droit << Extraire ici) et double-clique sur le fichier MSNFix.bat
* Exécute l'option R
* Si l'infection est détectée, exécute l'option N
* Sauvegarde le rapport puis copie/colle-le ici
pour éviter de perdre du temps je te mets directement le rapport, je suis pas très expert donc désolé si je galère un peu parfois:
BitDefender Online Scanner
Scan report generated at: Mon, Feb 18, 2008 - 15:08:07
Scan path: C:\;D:\;
Statistics
Time
00:54:10
Files
228095
Folders
5169
Boot Sectors
3
Archives
1663
Packed Files
10826
Results
Identified Viruses
4
Infected Files
33
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
33
Engines Info
Virus Definitions
981625
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
41
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Désinfecté
Second Action
Supprimé
Heuristics
Oui
Enable Warnings
Oui
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Oui
Scan Archives
Oui
Scan Packed
Oui
Scan Files
Oui
Scan Boot
Oui
Scanned File
Status
C:\3wcxx91.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\3wcxx91.cmd
Echec de la désinfection
C:\3wcxx91.cmd
Supprimé
C:\d6fagcs8.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\d6fagcs8.cmd
Echec de la désinfection
C:\d6fagcs8.cmd
Supprimé
C:\Documents and Settings\thomas\Local Settings\Temp\help.exe
Infecté par: Packer.Malware.NSAnti.K
C:\Documents and Settings\thomas\Local Settings\Temp\help.exe
Echec de la désinfection
C:\Documents and Settings\thomas\Local Settings\Temp\help.exe
Supprimé
C:\Documents and Settings\thomas\Local Settings\Temp\vlmmrcd5.dll
Infecté par: Packer.Malware.NSAnti.K
C:\Documents and Settings\thomas\Local Settings\Temp\vlmmrcd5.dll
Echec de la désinfection
C:\Documents and Settings\thomas\Local Settings\Temp\vlmmrcd5.dll
Supprimé
C:\Documents and Settings\thomas\Local Settings\Temp\z5.dll
Infecté par: Packer.Malware.NSAnti.K
C:\Documents and Settings\thomas\Local Settings\Temp\z5.dll
Echec de la désinfection
C:\Documents and Settings\thomas\Local Settings\Temp\z5.dll
Supprimé
C:\Documents and Settings\thomas\Local Settings\Temporary Internet Files\Content.IE5\Y6LIRWGB\help[1].exe
Infecté par: Packer.Malware.NSAnti.K
C:\Documents and Settings\thomas\Local Settings\Temporary Internet Files\Content.IE5\Y6LIRWGB\help[1].exe
Echec de la désinfection
C:\Documents and Settings\thomas\Local Settings\Temporary Internet Files\Content.IE5\Y6LIRWGB\help[1].exe
Supprimé
C:\MSNFix\12122007_12484803.zip=>backup/8e9w3l6u1g1.exe
Infecté par: MemScan:Trojan.Dialer.VWC
C:\MSNFix\12122007_12484803.zip=>backup/8e9w3l6u1g1.exe
Supprimé
C:\MSNFix\12122007_12484803.zip
Mis à jour
C:\MSNFix\12122007_12484803.zip=>backup/carlton
Infecté par: MemScan:Trojan.Dialer.VWC
C:\MSNFix\12122007_12484803.zip=>backup/carlton
Supprimé
C:\MSNFix\12122007_12484803.zip
Mis à jour
C:\MSNFix\12122007_12484803.zip=>backup/msimn.exe
Infecté par: Trojan.Downloader.JJFD
C:\MSNFix\12122007_12484803.zip=>backup/msimn.exe
Supprimé
C:\MSNFix\12122007_12484803.zip
Mis à jour
C:\MSNFix\12122007_12484803.zip=>backup/party_jpg.zip=>www.party_jpg_Msn.com
Infecté par: Trojan.Downloader.JJFD
C:\MSNFix\12122007_12484803.zip=>backup/party_jpg.zip=>www.party_jpg_Msn.com
Supprimé
C:\MSNFix\12122007_12484803.zip=>backup/party_jpg.zip
Mis à jour
C:\MSNFix\12122007_12484803.zip
Mis à jour
C:\Program Files\HPQ\Default Settings\CpqsetVer.exe
Infecté par: Backdoor.Agent.AHJ
C:\Program Files\HPQ\Default Settings\CpqsetVer.exe
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022022.com
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022022.com
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022022.com
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022047.com
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022047.com
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022047.com
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022071.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022071.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022071.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022076.exe
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022076.exe
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022076.exe
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022090.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022090.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022090.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022095.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022095.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022095.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022111.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022111.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022111.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022116.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022116.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022116.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022125.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022125.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022125.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022138.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022138.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022138.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022143.exe
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022143.exe
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022143.exe
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022181.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022181.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022181.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022186.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022186.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022186.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022199.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022199.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022199.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022204.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022204.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022204.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022206.exe
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022206.exe
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022206.exe
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022267.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022267.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022267.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022268.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022268.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022268.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022273.exe
Infecté par: Backdoor.Agent.AHJ
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022273.exe
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022273.exe
Supprimé
C:\WINDOWS\system32\amvo.exe
Infecté par: Packer.Malware.NSAnti.K
C:\WINDOWS\system32\amvo.exe
Echec de la désinfection
C:\WINDOWS\system32\amvo.exe
Supprimé
C:\WINDOWS\system32\amvo1.dll
Infecté par: Packer.Malware.NSAnti.K
C:\WINDOWS\system32\amvo1.dll
Echec de la désinfection
C:\WINDOWS\system32\amvo1.dll
Supprimé
C:\x.com
Infecté par: Packer.Malware.NSAnti.K
C:\x.com
Echec de la désinfection
C:\x.com
Supprimé
j'espère que tu trouvera ce dont tu as besoin et encore merci pour le temps que tu passes à m'aider
BitDefender Online Scanner
Scan report generated at: Mon, Feb 18, 2008 - 15:08:07
Scan path: C:\;D:\;
Statistics
Time
00:54:10
Files
228095
Folders
5169
Boot Sectors
3
Archives
1663
Packed Files
10826
Results
Identified Viruses
4
Infected Files
33
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
33
Engines Info
Virus Definitions
981625
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
41
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Désinfecté
Second Action
Supprimé
Heuristics
Oui
Enable Warnings
Oui
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Oui
Scan Archives
Oui
Scan Packed
Oui
Scan Files
Oui
Scan Boot
Oui
Scanned File
Status
C:\3wcxx91.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\3wcxx91.cmd
Echec de la désinfection
C:\3wcxx91.cmd
Supprimé
C:\d6fagcs8.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\d6fagcs8.cmd
Echec de la désinfection
C:\d6fagcs8.cmd
Supprimé
C:\Documents and Settings\thomas\Local Settings\Temp\help.exe
Infecté par: Packer.Malware.NSAnti.K
C:\Documents and Settings\thomas\Local Settings\Temp\help.exe
Echec de la désinfection
C:\Documents and Settings\thomas\Local Settings\Temp\help.exe
Supprimé
C:\Documents and Settings\thomas\Local Settings\Temp\vlmmrcd5.dll
Infecté par: Packer.Malware.NSAnti.K
C:\Documents and Settings\thomas\Local Settings\Temp\vlmmrcd5.dll
Echec de la désinfection
C:\Documents and Settings\thomas\Local Settings\Temp\vlmmrcd5.dll
Supprimé
C:\Documents and Settings\thomas\Local Settings\Temp\z5.dll
Infecté par: Packer.Malware.NSAnti.K
C:\Documents and Settings\thomas\Local Settings\Temp\z5.dll
Echec de la désinfection
C:\Documents and Settings\thomas\Local Settings\Temp\z5.dll
Supprimé
C:\Documents and Settings\thomas\Local Settings\Temporary Internet Files\Content.IE5\Y6LIRWGB\help[1].exe
Infecté par: Packer.Malware.NSAnti.K
C:\Documents and Settings\thomas\Local Settings\Temporary Internet Files\Content.IE5\Y6LIRWGB\help[1].exe
Echec de la désinfection
C:\Documents and Settings\thomas\Local Settings\Temporary Internet Files\Content.IE5\Y6LIRWGB\help[1].exe
Supprimé
C:\MSNFix\12122007_12484803.zip=>backup/8e9w3l6u1g1.exe
Infecté par: MemScan:Trojan.Dialer.VWC
C:\MSNFix\12122007_12484803.zip=>backup/8e9w3l6u1g1.exe
Supprimé
C:\MSNFix\12122007_12484803.zip
Mis à jour
C:\MSNFix\12122007_12484803.zip=>backup/carlton
Infecté par: MemScan:Trojan.Dialer.VWC
C:\MSNFix\12122007_12484803.zip=>backup/carlton
Supprimé
C:\MSNFix\12122007_12484803.zip
Mis à jour
C:\MSNFix\12122007_12484803.zip=>backup/msimn.exe
Infecté par: Trojan.Downloader.JJFD
C:\MSNFix\12122007_12484803.zip=>backup/msimn.exe
Supprimé
C:\MSNFix\12122007_12484803.zip
Mis à jour
C:\MSNFix\12122007_12484803.zip=>backup/party_jpg.zip=>www.party_jpg_Msn.com
Infecté par: Trojan.Downloader.JJFD
C:\MSNFix\12122007_12484803.zip=>backup/party_jpg.zip=>www.party_jpg_Msn.com
Supprimé
C:\MSNFix\12122007_12484803.zip=>backup/party_jpg.zip
Mis à jour
C:\MSNFix\12122007_12484803.zip
Mis à jour
C:\Program Files\HPQ\Default Settings\CpqsetVer.exe
Infecté par: Backdoor.Agent.AHJ
C:\Program Files\HPQ\Default Settings\CpqsetVer.exe
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022022.com
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022022.com
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022022.com
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022047.com
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022047.com
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022047.com
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022071.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022071.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022071.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022076.exe
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022076.exe
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022076.exe
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022090.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022090.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022090.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022095.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022095.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022095.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022111.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022111.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022111.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022116.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022116.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP290\A0022116.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022125.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022125.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022125.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022138.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022138.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022138.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022143.exe
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022143.exe
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022143.exe
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022181.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022181.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022181.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022186.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022186.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022186.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022199.dll
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022199.dll
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022199.dll
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022204.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022204.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022204.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022206.exe
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022206.exe
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP291\A0022206.exe
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022267.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022267.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022267.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022268.cmd
Infecté par: Packer.Malware.NSAnti.K
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022268.cmd
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022268.cmd
Supprimé
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022273.exe
Infecté par: Backdoor.Agent.AHJ
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022273.exe
Echec de la désinfection
C:\System Volume Information\_restore{8933D157-6639-479F-9585-33DC808F1222}\RP292\A0022273.exe
Supprimé
C:\WINDOWS\system32\amvo.exe
Infecté par: Packer.Malware.NSAnti.K
C:\WINDOWS\system32\amvo.exe
Echec de la désinfection
C:\WINDOWS\system32\amvo.exe
Supprimé
C:\WINDOWS\system32\amvo1.dll
Infecté par: Packer.Malware.NSAnti.K
C:\WINDOWS\system32\amvo1.dll
Echec de la désinfection
C:\WINDOWS\system32\amvo1.dll
Supprimé
C:\x.com
Infecté par: Packer.Malware.NSAnti.K
C:\x.com
Echec de la désinfection
C:\x.com
Supprimé
j'espère que tu trouvera ce dont tu as besoin et encore merci pour le temps que tu passes à m'aider
le précédent rapport était celui de bitdefender et je te fais suivre celui que j'ai obtenu par MSNFix:
C:\Documents and Settings\thomas\Bureau\MSNFix
Fix exécuté le 18/02/2008 - 15:34:36,34 By thomas
mode normal
************************ Recherche les fichiers présents
... C:\Autorun.inf
... C:\autorun.inf
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Suppression des fichiers
.. OK ... C:\Autorun.inf
.. OK ... C:\autorun.inf
************************ Nettoyage du registre
************************ Fichiers suspects
Aucun Fichier trouvé
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 18022008_15383871.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
et encore merki pour ta promptitude ...
C:\Documents and Settings\thomas\Bureau\MSNFix
Fix exécuté le 18/02/2008 - 15:34:36,34 By thomas
mode normal
************************ Recherche les fichiers présents
... C:\Autorun.inf
... C:\autorun.inf
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Suppression des fichiers
.. OK ... C:\Autorun.inf
.. OK ... C:\autorun.inf
************************ Nettoyage du registre
************************ Fichiers suspects
Aucun Fichier trouvé
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 18022008_15383871.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
et encore merki pour ta promptitude ...
Powax
Messages postés
544
Date d'inscription
jeudi 31 janvier 2008
Statut
Membre
Dernière intervention
17 avril 2009
92
18 févr. 2008 à 16:03
18 févr. 2008 à 16:03
Très bien, ils ont bien travaillé ^^
Poste un nouveau rapport HiJack stp.
Poste un nouveau rapport HiJack stp.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:05:15, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S92.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Cassini ASP.NET 2.0 Server - UltiDev LLC - C:\Program Files\Joly\Cassini\CassiniServer2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
Scan saved at 16:05:15, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S92.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Cassini ASP.NET 2.0 Server - UltiDev LLC - C:\Program Files\Joly\Cassini\CassiniServer2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
Powax
Messages postés
544
Date d'inscription
jeudi 31 janvier 2008
Statut
Membre
Dernière intervention
17 avril 2009
92
18 févr. 2008 à 16:14
18 févr. 2008 à 16:14
Il est revenu :o(
Télécharge ce patch et clique sur "patcher":
http://www.net-studio.org/software/AmvoRemover.rar
Une fois la manip effectuée, poste un nouveau rapport HiJack stp.
Télécharge ce patch et clique sur "patcher":
http://www.net-studio.org/software/AmvoRemover.rar
Une fois la manip effectuée, poste un nouveau rapport HiJack stp.
un rebel ce amvo mais j'ai beaucoup d'espoir en ton plan B, voila le dernier rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:28:18, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S92.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Cassini ASP.NET 2.0 Server - UltiDev LLC - C:\Program Files\Joly\Cassini\CassiniServer2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:28:18, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S92.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Cassini ASP.NET 2.0 Server - UltiDev LLC - C:\Program Files\Joly\Cassini\CassiniServer2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
Powax
Messages postés
544
Date d'inscription
jeudi 31 janvier 2008
Statut
Membre
Dernière intervention
17 avril 2009
92
18 févr. 2008 à 16:48
18 févr. 2008 à 16:48
Parfait, il est parti ^^
* Tu n'as pas de pare-feu actif (celui de windows ne compte pas!)
Télécharge et installe:
http://www.commentcamarche.net/telecharger/telecharger 206 kerio
* Tu connais Voissa Anonymo ?
* Tu n'as pas de pare-feu actif (celui de windows ne compte pas!)
Télécharge et installe:
http://www.commentcamarche.net/telecharger/telecharger 206 kerio
* Tu connais Voissa Anonymo ?
non connais pas mais je partage mon pc avec mes colocs donc je leur demanderai ce soir, sinon pour le parfeu je voulais savoir si y'a un risque de blocage avec azureus (je sais c'est pas bien le p2p mais j'en abuse pas ;)
Powax
Messages postés
544
Date d'inscription
jeudi 31 janvier 2008
Statut
Membre
Dernière intervention
17 avril 2009
92
18 févr. 2008 à 16:59
18 févr. 2008 à 16:59
non faudra ouvrir le port, c'est tout ;o)
je viens de télécharger ton firewall, par contre j'aurai besoin de quelques infos pour ouvrir le port, je suis un peu popo parfois. Sinon tu me confirme qu'on a eu la peau d'Amvo? est ce que tu sais comment j'i pu le choppé? et penses tu qu'il y a un risque que mon disque dur externe soit infecté?
Encore merki pout tout, mon pc et moi même te devont une fière chandelle :))
Encore merki pout tout, mon pc et moi même te devont une fière chandelle :))
Powax
Messages postés
544
Date d'inscription
jeudi 31 janvier 2008
Statut
Membre
Dernière intervention
17 avril 2009
92
18 févr. 2008 à 17:12
18 févr. 2008 à 17:12
Vui, Amvo est bel et bien mort :o)
Pour ouvrir le port, le pare-feu te demandera l'autorisation quand tu lanceras Azureus.
Bon surf !! ^^
Pour ouvrir le port, le pare-feu te demandera l'autorisation quand tu lanceras Azureus.
Bon surf !! ^^
je viens d'installer sunbelt / kerio et a peine mon pc redémaré que ton firewall me bloquait 3 tentatives d'intrusion de type injection de code (?), je sais pas si j'ai d'autres virus ou si c'est mes programmes qui se lançaient d'habitude au démarage qui bloquent.
J'espère que j'abuse pas trop de ton temps et de ta patience, merci pour ton aide
J'espère que j'abuse pas trop de ton temps et de ta patience, merci pour ton aide