Virus msn trojan help!! - Page 2

Précédent
  • 1
  • 2
  1. doc69du70 Messages postés 35 Statut Membre 1
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:00:00, on 14/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Orange\Systray\SystrayApp.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\vsnp2uvc.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\BitDownload\BitDownload.exe
    C:\Program Files\Logiciel Bluetooth\BTTray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe
    C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
    C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\System32\imapi.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: ContextEnhancer - {4C6C4BA2-1646-0F3A-1FAE-B393C162C92E} - C:\Program Files\ContextEnhancer\ContextEnhancer-1.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Mirar - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB58.dll (file missing)
    O3 - Toolbar: Mirar - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB58.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Nero DriveSpeed] C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
    O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
    O4 - HKLM\..\Run: [NI.UGESV_0001_N122M0303] "C:\Documents and Settings\Didier\Mes documents\fichier reçu\setup_fr.exe"
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitDownload] "C:\Program Files\BitDownload\BitDownload.exe" /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
    O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: WiFi Station pour Livebox.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Logiciel Bluetooth\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm
    O15 - Trusted Zone: http://click.getmirar.com (HKLM)
    O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    0
  2. doc69du70 Messages postés 35 Statut Membre 1
     
    Win32:Adware-gen [Adw]

    ce virus est dangereu? je vien de latrappé
    0
  3. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Re

    1) Affiche les fichiers et dossiers cachés …
    Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
    Ensuite, clique sur > Outils > Options des dossiers ...
    clique sur l' onglet « Affichage » et ...
    coche ---> Afficher les fichiers et dossiers cachés
    décoche > Masquer les extensions des fichiers dont le type est connu
    décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
    « Appliquer » et « OK ».

    Télécharges ComboFix à partir d'un de ces liens :
    En premier
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    Si cela ne fonctionne pas
    https://forospyware.com
    http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

    Et important, enregistre le sur le bureau.

    Avant d'utiliser ComboFix :

    ► Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

    ► Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

    Une fois fait, sur ton bureau double-clic sur Combofix.exe.

    - Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

    /!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

    - En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

    - Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

    ► Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    ► Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

    0
  4. doc69du70 Messages postés 35 Statut Membre 1
     
    ComboFix 08-03-14.4 - Didier 2008-03-15 15:43:05.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.963 [GMT 1:00]
    Endroit: C:\Documents and Settings\Didier\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\PlayMP3z
    C:\Program Files\PlayMP3z\uninstall.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-15 to 2008-03-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-15 11:57 . 2008-03-15 11:57 1,177 --a------ C:\WINDOWS\PMTAROT.DAT
    2008-03-14 21:34 . 2008-03-14 21:34 <REP> d-------- C:\VundoFix Backups
    2008-03-12 22:25 . 2008-03-12 22:25 3,932,214 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
    2008-03-12 22:25 . 2008-03-12 22:25 52,675 --a------ C:\WINDOWS\BricoPackUninst.cmd
    2008-03-12 22:21 . 2008-03-12 22:25 4,835 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-03-12 22:20 . 2008-03-12 22:20 <REP> d-------- C:\WINDOWS\BricoPacks
    2008-03-12 19:58 . 2008-03-12 21:39 <REP> d-------- C:\Program Files\MSNFix
    2008-03-12 19:41 . 2008-03-12 19:41 <REP> d-------- C:\Program Files\Trend Micro
    2008-03-10 20:57 . 2008-03-10 20:57 268 --ah----- C:\sqmdata02.sqm
    2008-03-10 20:57 . 2008-03-10 20:57 244 --ah----- C:\sqmnoopt02.sqm
    2008-03-09 21:46 . 2008-03-09 21:46 244 --ah----- C:\sqmnoopt01.sqm
    2008-03-09 21:46 . 2008-03-09 21:46 232 --ah----- C:\sqmdata01.sqm
    2008-03-09 21:44 . 2008-03-09 21:44 268 --ah----- C:\sqmdata00.sqm
    2008-03-09 21:44 . 2008-03-09 21:44 244 --ah----- C:\sqmnoopt00.sqm
    2008-03-04 22:15 . 2008-03-04 22:15 <REP> d-------- C:\Program Files\GTA3Mods
    2008-03-04 21:51 . 2008-03-04 21:51 <REP> d-------- C:\Documents and Settings\Didier\Application Data\Valusoft
    2008-03-04 21:51 . 2008-03-04 21:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Valusoft
    2008-03-04 21:50 . 2008-03-04 21:50 <REP> d-------- C:\Program Files\GamesBar
    2008-03-01 23:52 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
    2008-03-01 23:52 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
    2008-03-01 23:52 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
    2008-03-01 11:33 . 2008-03-01 11:37 <REP> d-------- C:\WINDOWS\CSO-DAX COMPILATOR
    2008-03-01 11:33 . 2008-03-01 11:34 <REP> d-------- C:\Program Files\CSO-DAX COMPILATOR
    2008-02-29 19:43 . 2008-03-15 15:45 <REP> d-------- C:\Documents and Settings\Didier\Application Data\BitDownload
    2008-02-29 19:04 . 2008-03-15 09:50 <REP> d-------- C:\Program Files\BitDownload
    2008-02-29 19:04 . 2008-03-01 14:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Htm Support Bait Deaf
    2008-02-29 19:02 . 2008-02-29 19:03 <REP> d-------- C:\Program Files\FBrowsingAdvisor
    2008-02-29 19:02 . 2008-02-29 19:03 <REP> d-------- C:\Program Files\FBrowserAdvisor
    2008-02-29 19:02 . 2008-03-15 12:38 <REP> d-------- C:\Program Files\ContextEnhancer
    2008-02-29 19:02 . 2008-02-29 19:02 90,112 --a------ C:\WINDOWS\system32\service.MSNFix
    2008-02-29 19:02 . 2006-04-14 23:05 9,952 --a------ C:\regxpcom.exe
    2008-02-26 16:15 . 2008-02-26 16:15 <REP> d-------- C:\Program Files\15355 Webcam Live
    2008-02-26 16:15 . 2007-06-22 18:19 9,602,944 --a------ C:\WINDOWS\system32\drivers\snp2uvc.sys
    2008-02-26 16:15 . 2007-06-22 18:19 569,344 --a------ C:\WINDOWS\vsnp2uvc.exe
    2008-02-26 16:15 . 2004-11-29 19:43 458,752 --a------ C:\WINDOWS\amcap.exe
    2008-02-26 16:15 . 2007-06-22 18:19 299,008 --a------ C:\WINDOWS\system32\vsnp2uvc.dll
    2008-02-26 16:15 . 2007-06-22 18:19 167,936 --a------ C:\WINDOWS\system32\rsnp2uvc.dll
    2008-02-26 16:15 . 2007-06-22 18:19 53,248 --a------ C:\WINDOWS\system32\csnp2uvc.dll
    2008-02-26 16:15 . 2007-06-22 18:19 28,160 --a------ C:\WINDOWS\system32\drivers\sncduvc.sys
    2008-02-26 16:15 . 2007-06-22 18:19 15,497 --a------ C:\WINDOWS\snp2uvc.ini
    2008-02-26 16:15 . 2007-06-22 18:19 13,022 --a------ C:\WINDOWS\snp2uvc.src
    2008-02-25 17:51 . 2008-02-25 17:51 <REP> d-------- C:\Program Files\Hercules
    2008-02-25 17:51 . 2007-02-15 10:36 432,128 --a------ C:\WINDOWS\system32\drivers\rt73u98.sys
    2008-02-25 17:51 . 2006-12-21 19:25 429,440 --a------ C:\WINDOWS\system32\drivers\rt73.sys
    2008-02-25 17:51 . 2007-02-15 10:36 242,816 --a------ C:\WINDOWS\system32\drivers\rt25u98.sys
    2008-02-25 17:51 . 2006-11-08 14:45 240,384 --a------ C:\WINDOWS\system32\drivers\rt2500usb.sys
    2008-02-25 17:51 . 2007-02-15 10:36 2,048 --a------ C:\WINDOWS\system32\drivers\rt73.bin
    2008-02-25 17:50 . 2008-02-25 17:50 <REP> d-------- C:\Documents and Settings\Didier\Application Data\InstallShield
    2008-02-24 21:05 . 2008-02-24 21:05 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-02-24 20:59 . 2006-08-21 10:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
    2008-02-24 20:59 . 2006-08-21 10:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
    2008-02-24 20:59 . 2006-08-21 13:26 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
    2008-02-24 20:54 . 2008-02-24 20:54 <REP> d-------- C:\Program Files\MSXML 4.0
    2008-02-24 19:23 . 2006-12-26 14:09 536,576 -----c--- C:\WINDOWS\system32\dllcache\msado15.dll
    2008-02-24 19:23 . 2006-12-19 19:17 334,336 -----c--- C:\WINDOWS\system32\dllcache\wiaservc.dll
    2008-02-24 19:23 . 2006-08-16 10:37 225,664 -----c--- C:\WINDOWS\system32\dllcache\tcpip6.sys
    2008-02-24 19:23 . 2006-12-26 14:09 200,704 -----c--- C:\WINDOWS\system32\dllcache\msadox.dll
    2008-02-24 19:23 . 2006-12-26 14:09 180,224 -----c--- C:\WINDOWS\system32\dllcache\msadomd.dll
    2008-02-24 19:23 . 2006-12-26 14:09 102,400 -----c--- C:\WINDOWS\system32\dllcache\msjro.dll
    2008-02-24 19:23 . 2006-08-16 12:59 100,352 -----c--- C:\WINDOWS\system32\dllcache\6to4svc.dll
    2008-02-24 19:22 . 2007-10-25 17:56 8,510,976 -----c--- C:\WINDOWS\system32\dllcache\shell32.dll
    2008-02-24 19:22 . 2007-02-28 17:02 2,182,400 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
    2008-02-24 19:22 . 2007-02-28 17:02 2,138,112 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
    2008-02-24 19:22 . 2007-02-28 17:02 2,059,648 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
    2008-02-24 19:22 . 2007-02-28 17:02 2,017,792 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
    2008-02-24 19:22 . 2006-06-22 06:13 1,440,768 -----c--- C:\WINDOWS\system32\dllcache\query.dll
    2008-02-24 19:22 . 2007-07-09 14:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
    2008-02-24 19:22 . 2006-08-14 11:34 332,928 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
    2008-02-24 19:22 . 2006-12-19 22:49 135,168 -----c--- C:\WINDOWS\system32\dllcache\shsvcs.dll
    2008-02-24 19:22 . 2006-06-22 06:13 69,120 -----c--- C:\WINDOWS\system32\dllcache\ciodm.dll
    2008-02-24 19:21 . 2007-06-26 07:09 1,104,896 -----c--- C:\WINDOWS\system32\dllcache\msxml3.dll
    2008-02-24 19:21 . 2006-10-14 09:13 981,760 -----c--- C:\WINDOWS\system32\dllcache\mfc42u.dll
    2008-02-24 19:21 . 2006-08-17 13:29 332,288 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll
    2008-02-24 19:21 . 2007-02-05 21:19 185,344 -----c--- C:\WINDOWS\system32\dllcache\upnphost.dll
    2008-02-24 19:21 . 2006-06-22 11:48 181,248 -----c--- C:\WINDOWS\system32\dllcache\rasmans.dll
    2008-02-24 19:21 . 2006-10-13 13:36 145,920 -----c--- C:\WINDOWS\system32\dllcache\nwprovau.dll
    2008-02-24 19:21 . 2006-08-17 13:29 132,096 -----c--- C:\WINDOWS\system32\dllcache\wkssvc.dll
    2008-02-24 19:19 . 2007-08-21 07:17 683,520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
    2008-02-24 19:19 . 2006-08-25 16:51 617,472 -----c--- C:\WINDOWS\system32\dllcache\comctl32.dll
    2008-02-24 19:19 . 2007-11-14 08:28 450,560 -----c--- C:\WINDOWS\system32\dllcache\jscript.dll
    2008-02-24 19:19 . 2007-03-17 14:44 293,376 -----c--- C:\WINDOWS\system32\dllcache\winsrv.dll
    2008-02-24 19:19 . 2006-06-14 09:47 172,416 -----c--- C:\WINDOWS\system32\dllcache\kmixer.sys
    2008-02-24 19:19 . 2006-05-19 14:23 112,128 -----c--- C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
    2008-02-24 19:19 . 2006-05-19 14:23 95,744 -----c--- C:\WINDOWS\system32\dllcache\iphlpapi.dll
    2008-02-24 19:19 . 2006-06-14 10:00 82,944 -----c--- C:\WINDOWS\system32\dllcache\wdmaud.sys
    2008-02-24 19:19 . 2006-06-14 09:47 6,400 -----c--- C:\WINDOWS\system32\dllcache\splitter.sys
    2008-02-24 19:17 . 2007-04-16 16:53 1,049,600 -----c--- C:\WINDOWS\system32\dllcache\kernel32.dll
    2008-02-24 19:17 . 2007-12-04 19:41 550,912 -----c--- C:\WINDOWS\system32\dllcache\oleaut32.dll
    2008-02-24 19:17 . 2006-05-05 10:41 453,120 -----c--- C:\WINDOWS\system32\dllcache\mrxsmb.sys
    2008-02-24 19:17 . 2006-05-05 10:47 174,592 -----c--- C:\WINDOWS\system32\dllcache\rdbss.sys
    2008-02-24 19:17 . 2006-06-26 18:41 148,480 -----c--- C:\WINDOWS\system32\dllcache\dnsapi.dll
    2008-02-24 19:17 . 2006-03-17 01:38 28,672 --------- C:\WINDOWS\system32\verclsid.exe
    2008-02-24 19:17 . 2006-06-26 18:41 8,192 -----c--- C:\WINDOWS\system32\dllcache\rasadhlp.dll
    2008-02-24 19:16 . 2007-01-23 20:31 546,304 -----c--- C:\WINDOWS\system32\dllcache\hhctrl.ocx
    2008-02-24 19:15 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-02-24 19:15 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
    2008-02-24 19:15 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-02-24 17:38 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
    2008-02-24 17:38 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
    2008-02-24 17:38 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-12 21:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-03-12 21:25 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
    2008-03-04 21:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-03-04 20:50 --------- d-----w C:\Program Files\Gamenext
    2008-03-04 20:50 --------- d-----w C:\Program Files\Fichiers communs\Oberon Media
    2008-03-03 15:16 --------- d-----w C:\Documents and Settings\Didier\Application Data\Wildfire
    2008-02-26 15:15 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-02-23 09:01 --------- d-----w C:\Program Files\CA
    2008-02-23 08:55 --------- d-----w C:\Program Files\Zylom Games
    2008-02-09 17:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\GamesBar
    2008-01-18 15:39 --------- d-----w C:\Program Files\EA Games
    2008-01-01 13:21 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll
    2008-01-01 13:21 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll
    2008-01-01 13:21 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll
    2006-11-25 20:36 41,040 ----a-w C:\Documents and Settings\Didier\Application Data\GDIPFONTCACHEV1.DAT
    2005-05-11 21:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
    .

    ------- Sigcheck -------

    2007-12-07 01:47 670208 c057d734b1951393fd07e2607513d4d9 C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\wininet.dll
    2003-04-24 13:00 603136 cbc50d46257c4a75644230507b488050 C:\WINDOWS\$NtServicePackUninstall$\wininet.dll
    2004-08-19 15:09 660480 4e958b97efc3d801f49283d1820f48b7 C:\WINDOWS\$NtUninstallKB944533$\wininet.dll
    2007-12-07 02:07 1141248 091a301dae64771dd18259856bbb40c3 C:\WINDOWS\ServicePackFiles\i386\wininet.dll
    2007-12-07 02:07 1141248 091a301dae64771dd18259856bbb40c3 C:\WINDOWS\system32\wininet.dll
    2007-12-07 02:07 663552 c5a40de381481d288addee45fc67f652 C:\WINDOWS\system32\dllcache\wininet.dll

    2007-06-13 14:22 3199488 d47db3366ecc9e9de86fb24eaa10b411 C:\WINDOWS\explorer.exe
    2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
    2003-04-24 13:00 1008128 82fe0d400cb1ac937234467b927b867a C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
    2004-08-19 15:09 1036288 2a7bd330924252a2fd80344fc949bb72 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
    2007-06-13 14:22 3199488 d47db3366ecc9e9de86fb24eaa10b411 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
    2007-06-13 14:22 1037312 d0288319660edcfed07c7e74c4ea38a5 C:\WINDOWS\system32\dllcache\explorer.exe
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4C6C4BA2-1646-0F3A-1FAE-B393C162C92E}]
    2007-12-30 21:48 1019904 --a------ C:\Program Files\ContextEnhancer\ContextEnhancer-1.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}]
    C:\WINDOWS\system32\WinNB58.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}"= "C:\WINDOWS\system32\WinNB58.dll" [ ]

    [HKEY_CLASSES_ROOT\clsid\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e}]
    [HKEY_CLASSES_ROOT\TypeLib\{566DEDE9-9ED8-45DA-9BE6-9B2EEAB17F49}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}"= C:\WINDOWS\system32\WinNB58.dll [ ]

    [HKEY_CLASSES_ROOT\clsid\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e}]
    [HKEY_CLASSES_ROOT\TypeLib\{566DEDE9-9ED8-45DA-9BE6-9B2EEAB17F49}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvMediaCenter"="C:\WINDOWS\System32\NVMCTRAY.DLL" [2003-09-24 12:32 49152]
    "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2006-09-22 21:33 16384]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
    "ares"="C:\Program Files\Ares\Ares.exe" [ ]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09 15360]
    "BitDownload"="C:\Program Files\BitDownload\BitDownload.exe" [2007-04-04 14:18 1103360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-09-24 12:32 5033984]
    "nwiz"="nwiz.exe" [2003-09-24 12:32 741376 C:\WINDOWS\system32\nwiz.exe]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 15:28 790528]
    "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2003-05-30 08:42 585728]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 22:12 49152]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
    "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-11-23 02:15 631362]
    "Logitech Utility"="Logi_MwX.Exe" [2002-11-08 10:50 19968 C:\WINDOWS\LOGI_MWX.EXE]
    "Anti-Blaxx Manager"="C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe" [2005-05-18 15:08 208896]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-04 13:59 98304]
    "Nero DriveSpeed"="C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE" [2003-06-16 16:45 434176]
    "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-03-16 16:56 1294446]
    "AntivirusRegistration"="C:\Program Files\CA\Etrust Antivirus\Register.exe" [2005-01-31 14:09 458752]
    "NWEReboot"="" []
    "SystrayORAHSS"="C:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 20:08 94208]
    "ORAHSSSessionManager"="C:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 19:10 102400]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "EoEngine"="" []
    "EoWeather"="" []
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "snp2uvc"="C:\WINDOWS\vsnp2uvc.exe" [2007-06-22 18:19 569344]
    "MDNS"="C:\WINDOWS\system32\service.exe" [ ]
    "NI.UGESV_0001_N122M0303"="C:\Documents and Settings\Didier\Mes documents\fichier reçu\setup_fr.exe" [2008-03-12 21:27 263192]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09 15360]

    C:\Documents and Settings\Didier\Menu D‚marrer\Programmes\D‚marrage\
    Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe [2002-09-30 20:09:06 131072]
    Y'z Toolbar.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe [2002-09-29 13:41:10 90112]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    BTTray.lnk - C:\Program Files\Logiciel Bluetooth\BTTray.exe [2003-12-01 15:28:00 499779]
    D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-11 23:49:24 73728]
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 22:23:26 282624]
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-09-22 21:33:12 169472]
    WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe [2008-02-25 17:51:26 721408]

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\jeux\\speed.exe"=
    "C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
    "C:\\Program Files\\Duke Nukem - Manhattan Project\\prism3d.exe"=
    "C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"=
    "C:\\Program Files\\Microsoft Games\\Age of Mythology\\aomx.exe"=
    "C:\\Program Files\\BitDownload\\BitDownload.exe"=

    R0 xmasbus;xmasbus;C:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 16:24]
    R0 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys [2003-12-20 19:03]
    R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys [2003-04-09 09:47]
    R2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2003-04-09 09:47]
    R2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2003-04-09 09:47]
    R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys [2003-04-09 09:47]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a838c2b-1039-11dc-bdf1-001060a2fd0a}]
    \Shell\AutoRun\command - G:\AutoRun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27bfd02a-f703-11db-bdde-001060a2fd0a}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{747cb39b-215a-11dc-baea-806d6172696f}]
    \Shell\AutoRun\command - G:\AutoRun.exe

    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-15 15:46:12
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-15 15:46:59
    ComboFix-quarantined-files.txt 2008-03-15 14:46:50
    .
    2008-03-12 21:34:30 --- E O F ---
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. doc69du70 Messages postés 35 Statut Membre 1
     
    que doi-je faire maintenant
    0
  7. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Salut

    Relance HijackThis
    Je repasse dès que je peux

    A++
    0
  8. doc69du70 Messages postés 35 Statut Membre 1
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:26:11, on 16/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Orange\Systray\SystrayApp.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\vsnp2uvc.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\BitDownload\BitDownload.exe
    C:\Program Files\Logiciel Bluetooth\BTTray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe
    C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
    C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\System32\imapi.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Orange\Launcher\Launcher.exe
    C:\Program Files\Orange\connectivity\connectivitymanager.exe
    C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Orange\browser\browser.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: ContextEnhancer - {4C6C4BA2-1646-0F3A-1FAE-B393C162C92E} - C:\Program Files\ContextEnhancer\ContextEnhancer-1.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Mirar - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB58.dll (file missing)
    O3 - Toolbar: Mirar - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB58.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Nero DriveSpeed] C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
    O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
    O4 - HKLM\..\Run: [NI.UGESV_0001_N122M0303] "C:\Documents and Settings\Didier\Mes documents\fichier reçu\setup_fr.exe"
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitDownload] "C:\Program Files\BitDownload\BitDownload.exe" /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-682003330-299502267-725345543-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'freenet')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
    O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: WiFi Station pour Livebox.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Logiciel Bluetooth\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm
    O15 - Trusted Zone: https://www.orange.fr/portail
    O15 - Trusted Zone: http://click.getmirar.com (HKLM)
    O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe
    O23 - Service: Freenet 0.7 darknet-8888 (freenet-darknet-8888) - Unknown owner - C:\Program Files\Freenet\bin\wrapper-windows-x86-32.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    0
  9. doc69du70 Messages postés 35 Statut Membre 1
     
    marie je suis desoler pour le retard
    0
  10. doc69du70 Messages postés 35 Statut Membre 1
     
    [b]SDFix: Version 1.158 [/b]

    Run by Didier on 18/03/2008 at 19:13

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\DOCUME~1\Didier\Bureau\sdfix\SDFix

    [b]Checking Services [/b]:

    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting

    [b]Checking Files [/b]:

    Trojan Files Found:

    C:\WINDOWS\system32\drivers\etc\BackupHosts.bak - Deleted

    Removing Temp Files

    [b]ADS Check [/b]:

    [b]Final Check [/b]:

    catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-18 19:51:24
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]
    "Epoch"=dword:00002060

    scanning hidden registry entries ...

    scanning hidden files ...

    C:\Program Files\Freenet\persistent-temp-58266\revocation-33486.fblob.tmp

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 1

    [b]Remaining Services [/b]:

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Disabled:backWeb-8876480"
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\jeux\\speed.exe"="C:\\Program Files\\jeux\\speed.exe:*:Enabled:speed"
    "C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
    "C:\\Program Files\\Duke Nukem - Manhattan Project\\prism3d.exe"="C:\\Program Files\\Duke Nukem - Manhattan Project\\prism3d.exe:*:Enabled:prism3d"
    "C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"="C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe:*:enabled:CSS"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
    "C:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"="C:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe:*:Enabled:RelicCOH"
    "C:\\Program Files\\Microsoft Games\\Age of Mythology\\aomx.exe"="C:\\Program Files\\Microsoft Games\\Age of Mythology\\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion"
    "C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Warez3"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [b]Remaining Files [/b]:

    File Backups: - C:\DOCUME~1\Didier\Bureau\sdfix\SDFix\backups\backups.zip

    [b]Files with Hidden Attributes [/b]:

    Sun 24 Feb 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT3C5.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT3C8.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BIT3CC.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT3C4.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT3C9.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT3C6.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT3CD.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BIT3CB.tmp"
    Sat 23 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a4147a8e69c2ca6d401c0a8a62e9bf23\BIT37D.tmp"
    Sat 23 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c8378ccca1581319d7b7f3a9d1188607\BIT37B.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT3C7.tmp"
    Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT3CA.tmp"

    [b]Finished![/b]
    0
  11. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Pas de soucis pour le retard, on se fait ce qu'on peut ;;))

    avec un nouveau log Hijackthis !
    0
  12. doc69du70 Messages postés 35 Statut Membre 1
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:10:39, on 20/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Orange\Systray\SystrayApp.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\vsnp2uvc.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\BitDownload\BitDownload.exe
    C:\Program Files\Logiciel Bluetooth\BTTray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe
    C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
    C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\System32\imapi.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Orange\Launcher\Launcher.exe
    C:\Program Files\Orange\connectivity\connectivitymanager.exe
    C:\Program Files\Orange\Deskboard\deskboard.exe
    C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Orange\browser\browser.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: ContextEnhancer - {4C6C4BA2-1646-0F3A-1FAE-B393C162C92E} - C:\Program Files\ContextEnhancer\ContextEnhancer-1.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Nero DriveSpeed] C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
    O4 - HKLM\..\Run: [NI.UGESV_0001_N122M0303] "C:\Documents and Settings\Didier\Mes documents\fichier reçu\setup_fr.exe"
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitDownload] "C:\Program Files\BitDownload\BitDownload.exe" /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-682003330-299502267-725345543-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'freenet')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
    O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: WiFi Station pour Livebox.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Logiciel Bluetooth\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm
    O15 - Trusted Zone: https://www.orange.fr/portail
    O15 - Trusted Zone: http://click.getmirar.com (HKLM)
    O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe
    O23 - Service: Freenet 0.7 darknet-8888 (freenet-darknet-8888) - Unknown owner - C:\Program Files\Freenet\bin\wrapper-windows-x86-32.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    0
  13. doc69du70 Messages postés 35 Statut Membre 1
     
    que doi-je faire maintenant?
    0
  14. doc69du70 Messages postés 35 Statut Membre 1
     
    desolé pour le retard je ferai ca se week end
    0
  15. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    OK
    A+
    0
  16. doc69du70 Messages postés 35 Statut Membre 1
     
    merci
    0
Précédent
  • 1
  • 2