Probleme sur mon ordinateur , aidez moi !
swilver
Messages postés
36
Statut
Membre
-
swilver Messages postés 36 Statut Membre -
swilver Messages postés 36 Statut Membre -
Bonjour à tous
J'explique mon problème
Depuis quelques temps j'ai mon antivirus qui détecte un cheval de troie,et en aucune manière je n'arrive à le supprimer
ceci qui m'embete énormément
Je poste mon rapport Hijackthis
Merci à tous
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:27, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: aswilov.no-ip.org 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5EAB4521-7AFD-489E-8E58-1D5087A1F243} - (no file)
O2 - BHO: (no name) - {71BC9792-13C8-F7E7-A5DC-F700EE3C2D3A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {873BA7BF-3605-4674-9C14-9E03B30C4415} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Cammaestro 4.2GU build 1104.72
O4 - HKLM\..\Run: [SManager] smanager.7.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - D:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - D:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/3124aec729f817224805/netzip/RdxIE601.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B41B0E94-0518-4832-9E97-8263242FF050} (CLive66_Checker_Ctrl Class) - http://webserver.live66.com/msn/Live66_Checker3.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - https://www.ea.com/ea-studios/popcap
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A19591B-CF07-4FAF-9AC1-2A8DEE6ED6AF}: NameServer = 192.168.2.1
O20 - Winlogon Notify: ssttr - C:\WINDOWS\
O20 - Winlogon Notify: wvuvstr - wvuvstr.dll (file missing)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - ALWIL Software - (no file)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
J'explique mon problème
Depuis quelques temps j'ai mon antivirus qui détecte un cheval de troie,et en aucune manière je n'arrive à le supprimer
ceci qui m'embete énormément
Je poste mon rapport Hijackthis
Merci à tous
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:27, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: aswilov.no-ip.org 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5EAB4521-7AFD-489E-8E58-1D5087A1F243} - (no file)
O2 - BHO: (no name) - {71BC9792-13C8-F7E7-A5DC-F700EE3C2D3A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {873BA7BF-3605-4674-9C14-9E03B30C4415} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Cammaestro 4.2GU build 1104.72
O4 - HKLM\..\Run: [SManager] smanager.7.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - D:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - D:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/3124aec729f817224805/netzip/RdxIE601.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B41B0E94-0518-4832-9E97-8263242FF050} (CLive66_Checker_Ctrl Class) - http://webserver.live66.com/msn/Live66_Checker3.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - https://www.ea.com/ea-studios/popcap
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A19591B-CF07-4FAF-9AC1-2A8DEE6ED6AF}: NameServer = 192.168.2.1
O20 - Winlogon Notify: ssttr - C:\WINDOWS\
O20 - Winlogon Notify: wvuvstr - wvuvstr.dll (file missing)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - ALWIL Software - (no file)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
A voir également:
- Probleme sur mon ordinateur , aidez moi !
- Mon ordinateur rame - Guide
- Comment réinitialiser un ordinateur - Guide
- # Sur ordinateur - Guide
- Clavier de l'ordinateur - Guide
- Parametres de mon ordinateur - Guide
4 réponses
bonjour
relance hijackthis
selectionne do a system scan only
et coches les lignes suivant
O1 - Hosts: aswilov.no-ip.org 127.0.0.1
O2 - BHO: (no name) - {5EAB4521-7AFD-489E-8E58-1D5087A1F243} - (no file)
O2 - BHO: (no name) - {71BC9792-13C8-F7E7-A5DC-F700EE3C2D3A} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {873BA7BF-3605-4674-9C14-9E03B30C4415} - (no file)
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [SManager] smanager.7.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - https://www.ea.com/ea-studios/popcap
O20 - Winlogon Notify: ssttr - C:\WINDOWS\
O20 - Winlogon Notify: wvuvstr - wvuvstr.dll (file missing)
puis clic sur le bouton "Fix Checked"
puis tu me repost un rapport hijackthis.
tu desinstaller avast
http://www.commentcamarche.net/faq/sujet 8172 desinstaller proprement avast
tu installes antivir
http://www.commentcamarche.net/telecharger/telecharger 55 antivir
pour bien régler antivir
https://forum.malekal.com/viewtopic.php?f=45&t=4192
tu fais une analyse et tu colle le rapport
tu installes avg antispyware
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware#description
tu fais une analyse et tu colle le rapport
tu installes ccleaner
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
nettoies et corriges les erreurs
relance hijackthis
selectionne do a system scan only
et coches les lignes suivant
O1 - Hosts: aswilov.no-ip.org 127.0.0.1
O2 - BHO: (no name) - {5EAB4521-7AFD-489E-8E58-1D5087A1F243} - (no file)
O2 - BHO: (no name) - {71BC9792-13C8-F7E7-A5DC-F700EE3C2D3A} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {873BA7BF-3605-4674-9C14-9E03B30C4415} - (no file)
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [SManager] smanager.7.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - https://www.ea.com/ea-studios/popcap
O20 - Winlogon Notify: ssttr - C:\WINDOWS\
O20 - Winlogon Notify: wvuvstr - wvuvstr.dll (file missing)
puis clic sur le bouton "Fix Checked"
puis tu me repost un rapport hijackthis.
tu desinstaller avast
http://www.commentcamarche.net/faq/sujet 8172 desinstaller proprement avast
tu installes antivir
http://www.commentcamarche.net/telecharger/telecharger 55 antivir
pour bien régler antivir
https://forum.malekal.com/viewtopic.php?f=45&t=4192
tu fais une analyse et tu colle le rapport
tu installes avg antispyware
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware#description
tu fais une analyse et tu colle le rapport
tu installes ccleaner
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
nettoies et corriges les erreurs
N'importe quoi le fantôme, quand on ne sait pas se servir d'hijackthis on ne conseille rien.
De plus belle preuve que l'utilisateur n'a rien compris à ton charabia.
De plus belle preuve que l'utilisateur n'a rien compris à ton charabia.
Non, mais on te fait faire n'importe quoi et te propose des choses sans savoir ce que tu veux et ce que tu sais, complétement nul quoi.
Commence par faire ceci :
Télécharge ComboFix
---> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Ferme ton navigateur web avant d'exécuter ce programme
Double-clic dessus et appuye sur "1" pour continuer
Attends quelques minutes..
Un rapport va s'ouvrir enregistre son contenu, puis copie et colle le ici stp
Tu peux jeter le programme dès que c'est fait.
Commence par faire ceci :
Télécharge ComboFix
---> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Ferme ton navigateur web avant d'exécuter ce programme
Double-clic dessus et appuye sur "1" pour continuer
Attends quelques minutes..
Un rapport va s'ouvrir enregistre son contenu, puis copie et colle le ici stp
Tu peux jeter le programme dès que c'est fait.
Bonsoir
Merci a gil le fantome j'ai quand meme effectué ce qu'il m'a conseillé
et apparement cela fonctionne.!
Néanmoins j'ai quand meme effectué ce que tu m'as demandé :
ComboFix 08-05-11.1 - Chris 2008-05-12 20:00:24.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1036 [GMT 2:00]
Endroit: C:\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\explorer.exe
C:\Program Files\outlook
C:\setup.exe
C:\temp\tn3
C:\WINDOWS\config.ini
C:\WINDOWS\system32\aeuhurgp.ini
C:\WINDOWS\system32\afvuhktq.ini
C:\WINDOWS\system32\bxkhykhm.ini
C:\WINDOWS\system32\bxmpbwkp.ini
C:\WINDOWS\system32\cprvtepj.ini
C:\WINDOWS\system32\ctgcmaua.ini
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\core.sys
C:\WINDOWS\system32\dswqwqqp.ini
C:\WINDOWS\system32\ejlttbts.ini
C:\WINDOWS\system32\etopgiyu.ini
C:\WINDOWS\system32\ftxunqkk.ini
C:\WINDOWS\system32\fyaytgse.ini
C:\WINDOWS\system32\gjacueig.ini
C:\WINDOWS\system32\gqpjmqge.ini
C:\WINDOWS\system32\hauxscmd.ini
C:\WINDOWS\system32\jlmukqws.ini
C:\WINDOWS\system32\jnjqulul.ini
C:\WINDOWS\system32\klfhitgr.ini
C:\WINDOWS\system32\kprkmvva.ini
C:\WINDOWS\system32\ktggglfw.ini
C:\WINDOWS\system32\lhcnqwcv.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nghykbmq.ini
C:\WINDOWS\system32\nmamebvy.ini
C:\WINDOWS\system32\nnqkkbua.ini
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\qqubtlan.ini
C:\WINDOWS\system32\rjelggon.ini
C:\WINDOWS\system32\rttss.bak1
C:\WINDOWS\system32\rttss.bak2
C:\WINDOWS\system32\rttss.ini
C:\WINDOWS\system32\rytivspw.ini
C:\WINDOWS\system32\saiammqa.ini
C:\WINDOWS\system32\shhcpglo.ini
C:\WINDOWS\system32\ugcfkbyj.ini
C:\WINDOWS\system32\ukauwyup.ini
c:\WINDOWS\system32\umomjb.dat
C:\WINDOWS\system32\umomjb.exe
C:\WINDOWS\system32\umomjb_nav.dat
c:\WINDOWS\system32\umomjb_navps.dat
C:\WINDOWS\system32\vghfloyu.ini
C:\WINDOWS\system32\viwmdgli.ini
C:\WINDOWS\system32\vyktarny.ini
C:\WINDOWS\system32\xoorrjdy.ini
C:\WINDOWS\system32\xpgkepib.ini
C:\WINDOWS\system32\ydgbhevw.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CORE
-------\Legacy_DOMAINSERVICE
-------\Service_core
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-12 to 2008-05-12 ))))))))))))))))))))))))))))))))))))
.
2008-05-12 19:57 . 2008-05-12 19:57 1,895,716 --a------ C:\ComboFix.exe
2008-05-12 14:33 . 2008-05-12 14:33 <REP> d-------- C:\Documents and Settings\Chris\Application Data\Grisoft
2008-05-12 14:24 . 2008-05-12 14:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-12 14:24 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-05-12 14:23 . 2008-05-12 14:23 <REP> d-------- C:\Program Files\Avira
2008-05-12 14:23 . 2008-05-12 14:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-12 14:22 . 2008-05-12 14:22 22,311,160 --a------ C:\antivir_workstation_winu_en_h.exe
2008-05-12 14:22 . 2008-05-12 14:22 12,413,440 --a------ C:\avgas-setup-7.5.1.43.exe
2008-05-12 13:23 . 2008-05-12 13:23 <REP> d-------- C:\Program Files\Trend Micro
2008-05-12 11:43 . 2008-05-12 11:55 <REP> d-------- C:\Program Files\a-squared Free
2008-05-12 11:42 . 2008-05-12 11:42 26,047,232 --a------ C:\a2FreeSetup.exe
2008-05-10 17:06 . 2008-05-10 17:06 <REP> d-------- C:\ePSXe
2008-05-10 16:46 . 2008-05-10 17:24 <REP> d-------- C:\Program Files\Grandia2
2008-05-05 15:51 . 2008-05-05 15:51 <REP> d-------- C:\Program Files\Creative Labs
2008-05-05 15:51 . 1999-07-06 14:13 40,960 --a------ C:\WINDOWS\system32\eax.dll
2008-05-05 15:49 . 2008-05-05 15:49 <REP> d-------- C:\Program Files\Eidos Interactive
2008-05-03 23:01 . 2008-05-12 20:10 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-03 23:01 . 2008-05-03 23:01 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-03 23:00 . 2008-05-03 23:00 <REP> d-------- C:\Program Files\iTunes
2008-05-03 23:00 . 2008-05-03 23:00 <REP> d-------- C:\Program Files\iPod
2008-05-03 22:59 . 2008-05-03 22:59 <REP> d-------- C:\Program Files\Bonjour
2008-05-03 22:58 . 2008-05-03 22:59 <REP> d-------- C:\Program Files\QuickTime
2008-05-03 22:55 . 2008-05-03 22:55 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-05-03 22:55 . 2008-02-18 11:16 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2008-05-03 04:01 . 2008-05-03 04:01 <REP> d-------- C:\Program Files\MyFil 2.0
2008-04-29 15:41 . 2008-04-29 15:41 <REP> d-------- C:\Program Files\Eurekr.com
2008-04-29 15:34 . 2008-04-29 15:34 <REP> d-------- C:\Downloaded Videos
2008-04-29 15:33 . 2005-08-27 02:38 1,435,272 --a------ C:\WINDOWS\system32\Flash.ocx
2008-04-29 15:33 . 2004-03-08 23:00 131,856 --a------ C:\WINDOWS\system32\MSADODC.ocx
2008-04-25 08:49 . 2006-06-02 13:27 1,475 --a------ C:\Explorateur Windows.lnk
2008-04-25 08:43 . 2008-04-25 08:44 <REP> d-------- C:\Lancement rapide
2008-04-21 04:52 . 2008-04-21 04:52 <REP> d-------- C:\Program Files\Ligos
2008-04-21 04:47 . 2008-04-21 05:03 <REP> d-------- C:\Program Files\The Moon Project
2008-04-16 14:55 . 2008-04-16 14:55 627,432 --a------ C:\hamachi_hamachi_0.9.9.9_francais_14515.rar
2008-04-14 15:40 . 2008-04-14 16:21 <REP> d-------- C:\Documents and Settings\Chris\Application Data\Command & Conquer 3 - Les guerres du Tiberium
2008-04-13 17:26 . 2008-01-19 17:11 164,352 -ra------ C:\WINDOWS\system32\Unrar.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-12 09:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-10 15:15 28,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-05-10 14:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-08 22:18 --------- d-----w C:\Documents and Settings\Chris\Application Data\uTorrent
2008-05-07 08:16 --------- d-----w C:\Program Files\FLV Player
2008-05-05 13:14 --------- d-----w C:\Program Files\Alcohol Soft
2008-05-03 20:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-01 15:59 --------- d-----w C:\Documents and Settings\Chris\Application Data\vmntoolbar
2008-04-09 06:26 --------- d-----w C:\Program Files\Avant Browser
2008-04-06 00:04 --------- d-----w C:\Program Files\iSafer
2008-04-05 23:18 --------- d-----w C:\Program Files\Electronic Arts
2008-04-05 11:23 10,345 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-04-05 11:23 --------- d-----w C:\Program Files\Hamachi
2008-03-31 21:07 --------- d-----w C:\Documents and Settings\Chris\Application Data\Command & Conquer 3 Les guerres du Tiberium
2008-03-31 20:42 98,304 ----a-w C:\WINDOWS\system32CmdLineExt.dll
2008-03-25 15:13 --------- d-----w C:\Documents and Settings\Chris\Application Data\Hamachi
2008-03-24 15:45 --------- d-----w C:\Program Files\FlashGet
2008-02-26 16:33 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-12-31 16:38 22,328 ----a-w C:\Documents and Settings\Chris\Application Data\PnkBstrK.sys
2006-10-04 12:16 56 --sh--r C:\WINDOWS\system32\8E63F90FF4.sys
2006-10-04 12:16 12,884 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
------- Sigcheck -------
2006-06-23 13:28 581120 1f063bdbd1afef9ac0abd02384d40376 C:\WINDOWS\$NtServicePackUninstall$\wininet.dll
2002-08-29 11:45 1162752 9cdc704e99fa1426fde0e512ec85f9d2 C:\WINDOWS\$NtUninstallKB916281-IE6SP1-20060526.162249$\wininet.dll
2006-04-28 15:08 581120 fbc2bb53e9aa8e775d57bff836dd7445 C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$\wininet.dll
2006-02-24 15:21 581120 d3b3596c80dc1af334bf96fd1c1f16b8 C:\WINDOWS\SDold\Download\d0b512292503f3df24b40792e5368ea1\rtmgdr\wininet.dll
2006-02-25 01:55 592384 4ab45744bce77197b5653cb64593d6e0 C:\WINDOWS\SDold\Download\d0b512292503f3df24b40792e5368ea1\RTMQFE\wininet.dll
2004-08-19 17:09 694784 848baaf9d7e2a2ce9ca1cd0c2db43833 C:\WINDOWS\ServicePackFiles\i386\wininet.dll
2004-08-19 17:09 694784 848baaf9d7e2a2ce9ca1cd0c2db43833 C:\WINDOWS\system32\wininet.dll
2004-08-19 17:09 978432 c2e06cb7cfb5dbd8767ddd5e2e18cf71 C:\WINDOWS\explorer.exe
2002-08-29 11:45 1856512 982301a02c30cc9cf422c7f1ba5f831e C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
2004-08-19 17:09 978432 c2e06cb7cfb5dbd8767ddd5e2e18cf71 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 17:25 94208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 22:05 344064]
"SoundMan"="SOUNDMAN.EXE" [2004-12-22 11:09 77824 C:\WINDOWS\SOUNDMAN.EXE]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"NeroFilterCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2001-07-09 11:50 155648]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 09:37 40960]
"WireLessKeyboard"="C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe" [2005-11-30 13:48 94208]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 17:09 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"C:\\Games\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2008-01-07 16:22]
S3 Z302Mic;Vimicro Z302 Mic Audio Filter Driver;C:\WINDOWS\system32\drivers\UsbMicfilt.sys [2002-05-14 05:05]
S3 ZSMC302;Cammaestro 4.2GU build 1104.72;C:\WINDOWS\system32\Drivers\usbvm302.sys [2005-01-13 12:06]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-12 18:00:00 C:\WINDOWS\Tasks\86FCA4D0930F4F58.job"
- c:\docume~1\chris\applic~1\logrea~1\MPEG BITS BASE.exe
"2008-04-24 07:21:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 20:08:04
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1087 bytes hidden from API
Scan termin‚ avec succŠs
Les fichiers cach‚s: 1
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-12 20:13:59 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-12 18:13:57
Pre-Run: 7,869,435,904 octets libres
Post-Run: 7,884,140,544 octets libres
223
Voila merci beaucoup
Merci a gil le fantome j'ai quand meme effectué ce qu'il m'a conseillé
et apparement cela fonctionne.!
Néanmoins j'ai quand meme effectué ce que tu m'as demandé :
ComboFix 08-05-11.1 - Chris 2008-05-12 20:00:24.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1036 [GMT 2:00]
Endroit: C:\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\explorer.exe
C:\Program Files\outlook
C:\setup.exe
C:\temp\tn3
C:\WINDOWS\config.ini
C:\WINDOWS\system32\aeuhurgp.ini
C:\WINDOWS\system32\afvuhktq.ini
C:\WINDOWS\system32\bxkhykhm.ini
C:\WINDOWS\system32\bxmpbwkp.ini
C:\WINDOWS\system32\cprvtepj.ini
C:\WINDOWS\system32\ctgcmaua.ini
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\core.sys
C:\WINDOWS\system32\dswqwqqp.ini
C:\WINDOWS\system32\ejlttbts.ini
C:\WINDOWS\system32\etopgiyu.ini
C:\WINDOWS\system32\ftxunqkk.ini
C:\WINDOWS\system32\fyaytgse.ini
C:\WINDOWS\system32\gjacueig.ini
C:\WINDOWS\system32\gqpjmqge.ini
C:\WINDOWS\system32\hauxscmd.ini
C:\WINDOWS\system32\jlmukqws.ini
C:\WINDOWS\system32\jnjqulul.ini
C:\WINDOWS\system32\klfhitgr.ini
C:\WINDOWS\system32\kprkmvva.ini
C:\WINDOWS\system32\ktggglfw.ini
C:\WINDOWS\system32\lhcnqwcv.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nghykbmq.ini
C:\WINDOWS\system32\nmamebvy.ini
C:\WINDOWS\system32\nnqkkbua.ini
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\qqubtlan.ini
C:\WINDOWS\system32\rjelggon.ini
C:\WINDOWS\system32\rttss.bak1
C:\WINDOWS\system32\rttss.bak2
C:\WINDOWS\system32\rttss.ini
C:\WINDOWS\system32\rytivspw.ini
C:\WINDOWS\system32\saiammqa.ini
C:\WINDOWS\system32\shhcpglo.ini
C:\WINDOWS\system32\ugcfkbyj.ini
C:\WINDOWS\system32\ukauwyup.ini
c:\WINDOWS\system32\umomjb.dat
C:\WINDOWS\system32\umomjb.exe
C:\WINDOWS\system32\umomjb_nav.dat
c:\WINDOWS\system32\umomjb_navps.dat
C:\WINDOWS\system32\vghfloyu.ini
C:\WINDOWS\system32\viwmdgli.ini
C:\WINDOWS\system32\vyktarny.ini
C:\WINDOWS\system32\xoorrjdy.ini
C:\WINDOWS\system32\xpgkepib.ini
C:\WINDOWS\system32\ydgbhevw.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CORE
-------\Legacy_DOMAINSERVICE
-------\Service_core
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-12 to 2008-05-12 ))))))))))))))))))))))))))))))))))))
.
2008-05-12 19:57 . 2008-05-12 19:57 1,895,716 --a------ C:\ComboFix.exe
2008-05-12 14:33 . 2008-05-12 14:33 <REP> d-------- C:\Documents and Settings\Chris\Application Data\Grisoft
2008-05-12 14:24 . 2008-05-12 14:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-12 14:24 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-05-12 14:23 . 2008-05-12 14:23 <REP> d-------- C:\Program Files\Avira
2008-05-12 14:23 . 2008-05-12 14:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-12 14:22 . 2008-05-12 14:22 22,311,160 --a------ C:\antivir_workstation_winu_en_h.exe
2008-05-12 14:22 . 2008-05-12 14:22 12,413,440 --a------ C:\avgas-setup-7.5.1.43.exe
2008-05-12 13:23 . 2008-05-12 13:23 <REP> d-------- C:\Program Files\Trend Micro
2008-05-12 11:43 . 2008-05-12 11:55 <REP> d-------- C:\Program Files\a-squared Free
2008-05-12 11:42 . 2008-05-12 11:42 26,047,232 --a------ C:\a2FreeSetup.exe
2008-05-10 17:06 . 2008-05-10 17:06 <REP> d-------- C:\ePSXe
2008-05-10 16:46 . 2008-05-10 17:24 <REP> d-------- C:\Program Files\Grandia2
2008-05-05 15:51 . 2008-05-05 15:51 <REP> d-------- C:\Program Files\Creative Labs
2008-05-05 15:51 . 1999-07-06 14:13 40,960 --a------ C:\WINDOWS\system32\eax.dll
2008-05-05 15:49 . 2008-05-05 15:49 <REP> d-------- C:\Program Files\Eidos Interactive
2008-05-03 23:01 . 2008-05-12 20:10 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-03 23:01 . 2008-05-03 23:01 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-03 23:00 . 2008-05-03 23:00 <REP> d-------- C:\Program Files\iTunes
2008-05-03 23:00 . 2008-05-03 23:00 <REP> d-------- C:\Program Files\iPod
2008-05-03 22:59 . 2008-05-03 22:59 <REP> d-------- C:\Program Files\Bonjour
2008-05-03 22:58 . 2008-05-03 22:59 <REP> d-------- C:\Program Files\QuickTime
2008-05-03 22:55 . 2008-05-03 22:55 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-05-03 22:55 . 2008-02-18 11:16 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2008-05-03 04:01 . 2008-05-03 04:01 <REP> d-------- C:\Program Files\MyFil 2.0
2008-04-29 15:41 . 2008-04-29 15:41 <REP> d-------- C:\Program Files\Eurekr.com
2008-04-29 15:34 . 2008-04-29 15:34 <REP> d-------- C:\Downloaded Videos
2008-04-29 15:33 . 2005-08-27 02:38 1,435,272 --a------ C:\WINDOWS\system32\Flash.ocx
2008-04-29 15:33 . 2004-03-08 23:00 131,856 --a------ C:\WINDOWS\system32\MSADODC.ocx
2008-04-25 08:49 . 2006-06-02 13:27 1,475 --a------ C:\Explorateur Windows.lnk
2008-04-25 08:43 . 2008-04-25 08:44 <REP> d-------- C:\Lancement rapide
2008-04-21 04:52 . 2008-04-21 04:52 <REP> d-------- C:\Program Files\Ligos
2008-04-21 04:47 . 2008-04-21 05:03 <REP> d-------- C:\Program Files\The Moon Project
2008-04-16 14:55 . 2008-04-16 14:55 627,432 --a------ C:\hamachi_hamachi_0.9.9.9_francais_14515.rar
2008-04-14 15:40 . 2008-04-14 16:21 <REP> d-------- C:\Documents and Settings\Chris\Application Data\Command & Conquer 3 - Les guerres du Tiberium
2008-04-13 17:26 . 2008-01-19 17:11 164,352 -ra------ C:\WINDOWS\system32\Unrar.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-12 09:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-10 15:15 28,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-05-10 14:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-08 22:18 --------- d-----w C:\Documents and Settings\Chris\Application Data\uTorrent
2008-05-07 08:16 --------- d-----w C:\Program Files\FLV Player
2008-05-05 13:14 --------- d-----w C:\Program Files\Alcohol Soft
2008-05-03 20:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-01 15:59 --------- d-----w C:\Documents and Settings\Chris\Application Data\vmntoolbar
2008-04-09 06:26 --------- d-----w C:\Program Files\Avant Browser
2008-04-06 00:04 --------- d-----w C:\Program Files\iSafer
2008-04-05 23:18 --------- d-----w C:\Program Files\Electronic Arts
2008-04-05 11:23 10,345 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-04-05 11:23 --------- d-----w C:\Program Files\Hamachi
2008-03-31 21:07 --------- d-----w C:\Documents and Settings\Chris\Application Data\Command & Conquer 3 Les guerres du Tiberium
2008-03-31 20:42 98,304 ----a-w C:\WINDOWS\system32CmdLineExt.dll
2008-03-25 15:13 --------- d-----w C:\Documents and Settings\Chris\Application Data\Hamachi
2008-03-24 15:45 --------- d-----w C:\Program Files\FlashGet
2008-02-26 16:33 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-12-31 16:38 22,328 ----a-w C:\Documents and Settings\Chris\Application Data\PnkBstrK.sys
2006-10-04 12:16 56 --sh--r C:\WINDOWS\system32\8E63F90FF4.sys
2006-10-04 12:16 12,884 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
------- Sigcheck -------
2006-06-23 13:28 581120 1f063bdbd1afef9ac0abd02384d40376 C:\WINDOWS\$NtServicePackUninstall$\wininet.dll
2002-08-29 11:45 1162752 9cdc704e99fa1426fde0e512ec85f9d2 C:\WINDOWS\$NtUninstallKB916281-IE6SP1-20060526.162249$\wininet.dll
2006-04-28 15:08 581120 fbc2bb53e9aa8e775d57bff836dd7445 C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$\wininet.dll
2006-02-24 15:21 581120 d3b3596c80dc1af334bf96fd1c1f16b8 C:\WINDOWS\SDold\Download\d0b512292503f3df24b40792e5368ea1\rtmgdr\wininet.dll
2006-02-25 01:55 592384 4ab45744bce77197b5653cb64593d6e0 C:\WINDOWS\SDold\Download\d0b512292503f3df24b40792e5368ea1\RTMQFE\wininet.dll
2004-08-19 17:09 694784 848baaf9d7e2a2ce9ca1cd0c2db43833 C:\WINDOWS\ServicePackFiles\i386\wininet.dll
2004-08-19 17:09 694784 848baaf9d7e2a2ce9ca1cd0c2db43833 C:\WINDOWS\system32\wininet.dll
2004-08-19 17:09 978432 c2e06cb7cfb5dbd8767ddd5e2e18cf71 C:\WINDOWS\explorer.exe
2002-08-29 11:45 1856512 982301a02c30cc9cf422c7f1ba5f831e C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
2004-08-19 17:09 978432 c2e06cb7cfb5dbd8767ddd5e2e18cf71 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 17:25 94208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 22:05 344064]
"SoundMan"="SOUNDMAN.EXE" [2004-12-22 11:09 77824 C:\WINDOWS\SOUNDMAN.EXE]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"NeroFilterCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2001-07-09 11:50 155648]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 09:37 40960]
"WireLessKeyboard"="C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe" [2005-11-30 13:48 94208]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 17:09 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"C:\\Games\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2008-01-07 16:22]
S3 Z302Mic;Vimicro Z302 Mic Audio Filter Driver;C:\WINDOWS\system32\drivers\UsbMicfilt.sys [2002-05-14 05:05]
S3 ZSMC302;Cammaestro 4.2GU build 1104.72;C:\WINDOWS\system32\Drivers\usbvm302.sys [2005-01-13 12:06]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-12 18:00:00 C:\WINDOWS\Tasks\86FCA4D0930F4F58.job"
- c:\docume~1\chris\applic~1\logrea~1\MPEG BITS BASE.exe
"2008-04-24 07:21:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 20:08:04
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1087 bytes hidden from API
Scan termin‚ avec succŠs
Les fichiers cach‚s: 1
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-12 20:13:59 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-12 18:13:57
Pre-Run: 7,869,435,904 octets libres
Post-Run: 7,884,140,544 octets libres
223
Voila merci beaucoup
Très bien continu avec lui, je jongle pas entre divers personnes.
PC toujours infecté.
PC toujours infecté.
Euh,il y a surement un malentendu
je ne fais que le remercier de son intervention , car il a essayé de m'aider , peut etre pas entierement mais il a essayé et je trouve que c'est normal de le remercier
Néanmoins , je te remercie grandement toi aussi
et je ne comprends pas pourquoi tu te mets dans un etat comme celui car je le remercie et je pense / j'ai pensé que ca fonctionne
je reste à ton écoute
Bon après midi
je ne fais que le remercier de son intervention , car il a essayé de m'aider , peut etre pas entierement mais il a essayé et je trouve que c'est normal de le remercier
Néanmoins , je te remercie grandement toi aussi
et je ne comprends pas pourquoi tu te mets dans un etat comme celui car je le remercie et je pense / j'ai pensé que ca fonctionne
je reste à ton écoute
Bon après midi
Scan saved at 14:04:49, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Cammaestro 4.2GU build 1104.72
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - D:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - D:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/3124aec729f817224805/netzip/RdxIE601.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B41B0E94-0518-4832-9E97-8263242FF050} (CLive66_Checker_Ctrl Class) - http://webserver.live66.com/msn/Live66_Checker3.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A19591B-CF07-4FAF-9AC1-2A8DEE6ED6AF}: NameServer = 192.168.2.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - ALWIL Software - (no file)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe