Trojan win 32 gen other interpreter SVP
lilas
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
J'ai écouté les conseils avisés et télécharger combofix dont voici le rapport et un nouveau rapport hijackthis que voici à la suite. Qu'est ce que je dois faire ensuite ? c'est du chinois pour moi. Depuis le symbole d'avast n'est plus dans la barre en bas à droite de mon écran ??? Merci de m'aider je ne suis pas forte en informatique
ComboFix 08-06-20.4 - HP_Administrateur 2008-06-26 18:32:20.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.595 [GMT 2:00]
Endroit: C:\Documents and Settings\HP_Administrateur\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\All Users\Documents\_desktop.ini
C:\Documents and Settings\All Users\Documents\Journaux MCE\_desktop.ini
C:\Documents and Settings\All Users\Documents\Journaux MCE\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Alanis Morissette\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Alanis Morissette\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Alanis Morissette\Everything - Single\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Alanis Morissette\Everything - Single\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Deardorf Peterson Group\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Deardorf Peterson Group\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Deardorf Peterson Group\Portal\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Deardorf Peterson Group\Portal\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\chantillons de musique\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\chantillons de musique\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\King Sunny Ade & His African Beats\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\King Sunny Ade & His African Beats\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\King Sunny Ade & His African Beats\Synchro Series\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\King Sunny Ade & His African Beats\Synchro Series\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Mark Knopfler\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Mark Knopfler\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Mark Knopfler\shangri-la\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Mark Knopfler\shangri-la\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Robert Randolph & the Family Band\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Robert Randolph & the Family Band\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Robert Randolph & the Family Band\Unclassified\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Robert Randolph & the Family Band\Unclassified\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Rosie Thomas\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Rosie Thomas\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Rosie Thomas\Only With Laughter Can You Win\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Rosie Thomas\Only With Laughter Can You Win\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0008FB02\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0008FB02\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0008FB41\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0008FB41\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\The Shins\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\The Shins\Chutes Too Narrow\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\The Shins\Chutes Too Narrow\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\The Shins\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\chantillons d'images\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\chantillons d'images\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Impressionism - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Impressionism - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Landscapes - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Landscapes - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Masterpieces - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Masterpieces - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Nature - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Nature - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Travel - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Travel - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Vintage - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Vintage - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes vid‚os\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Desktop_.ini
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\_desktop.ini
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\Desktop_.ini
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\TempRec\_desktop.ini
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\TempRec\Desktop_.ini
C:\WINDOWS\system32\config\48181980.Evt
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ASC3550P
-------\Service_asc3550p
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-26 to 2008-06-26 ))))))))))))))))))))))))))))))))))))
.
2008-06-23 20:43 . 2008-06-23 20:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-06-23 19:20 . 2008-06-23 19:20 5,376 --a------ C:\WINDOWS\system32\drivers\MS1000.sys
2008-06-23 19:19 . 2008-06-26 18:17 <REP> d-------- C:\Program Files\The Cleaner Free
2008-06-18 19:01 . 2008-06-24 20:49 <REP> d-------- C:\Program Files\adslTV
2008-06-18 19:01 . 2008-06-18 19:01 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\vlc
2008-06-14 11:40 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 11:40 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-26 16:28 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-26 16:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-26 16:26 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\Lavasoft
2008-06-25 19:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-25 18:47 1,672 ----a-w C:\Documents and Settings\HP_Administrateur\Application Data\wklnhst.dat
2008-06-25 18:11 --------- d-----w C:\Program Files\eMule
2008-06-22 15:37 --------- d-----w C:\Program Files\LimeWire
2008-06-22 14:11 --------- d-----w C:\Program Files\BitTorrent Fastest Tool
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-04 14:19 --------- d-----w C:\Program Files\Google
2008-05-03 20:52 --------- d-----w C:\Program Files\GemMasterFrench
2008-05-03 09:35 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-05-03 09:35 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-04-28 18:38 --------- d-----w C:\Program Files\7-Zip
2008-04-28 17:07 --------- d-----w C:\Program Files\BitDownload
2007-01-19 21:26 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" [2007-10-18 12:34 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 13:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-04 16:19 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:34 64512]
"ftutil2"="ftutil2.dll" [2004-06-07 14:05 106496 C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-22 01:56 16261632 C:\WINDOWS\RTHDCPL.EXE]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-02-22 02:59 143360]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-21 02:06 7622656]
"nwiz"="nwiz.exe" [2006-06-21 02:06 1519616 C:\WINDOWS\system32\nwiz.exe]
"DMAScheduler"="c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 10:05 90112]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 23:14 237568]
"PCDrProfiler"="" []
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 23:34 249856]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 07:11 49152]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-03 11:34 185896]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"mobiswing"="C:\PROGRA~1\BITTOR~1\BitP.exe" [2007-11-10 17:11 40960]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\eMule.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\BitDownload\\BitDownload.exe"=
"C:\\Program Files\\adslTV\\adsltv.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 13:00]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
tapisrv REG_MULTI_SZ Tapisrv
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbf681e0-6abf-11dc-aae0-0008d3075b9d}]
\Shell\AutoRun\command - F:\AutoTransfer.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-26 16:31:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
HI JACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51, on 2008-06-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\BITTOR~1\BitP.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\HP_Administrateur\Mes documents\mes logiciels\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Windows Live Toolbar\msn_sl.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~1\BitP.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
J'ai écouté les conseils avisés et télécharger combofix dont voici le rapport et un nouveau rapport hijackthis que voici à la suite. Qu'est ce que je dois faire ensuite ? c'est du chinois pour moi. Depuis le symbole d'avast n'est plus dans la barre en bas à droite de mon écran ??? Merci de m'aider je ne suis pas forte en informatique
ComboFix 08-06-20.4 - HP_Administrateur 2008-06-26 18:32:20.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.595 [GMT 2:00]
Endroit: C:\Documents and Settings\HP_Administrateur\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\All Users\Documents\_desktop.ini
C:\Documents and Settings\All Users\Documents\Journaux MCE\_desktop.ini
C:\Documents and Settings\All Users\Documents\Journaux MCE\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Alanis Morissette\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Alanis Morissette\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Alanis Morissette\Everything - Single\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Alanis Morissette\Everything - Single\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Deardorf Peterson Group\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Deardorf Peterson Group\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Deardorf Peterson Group\Portal\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Deardorf Peterson Group\Portal\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\chantillons de musique\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\chantillons de musique\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\King Sunny Ade & His African Beats\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\King Sunny Ade & His African Beats\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\King Sunny Ade & His African Beats\Synchro Series\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\King Sunny Ade & His African Beats\Synchro Series\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Mark Knopfler\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Mark Knopfler\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Mark Knopfler\shangri-la\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Mark Knopfler\shangri-la\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Robert Randolph & the Family Band\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Robert Randolph & the Family Band\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Robert Randolph & the Family Band\Unclassified\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Robert Randolph & the Family Band\Unclassified\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Rosie Thomas\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Rosie Thomas\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Rosie Thomas\Only With Laughter Can You Win\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Rosie Thomas\Only With Laughter Can You Win\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0008FB02\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0008FB02\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0008FB41\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0008FB41\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\The Shins\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\The Shins\Chutes Too Narrow\_desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\The Shins\Chutes Too Narrow\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Ma musique\The Shins\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\chantillons d'images\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\chantillons d'images\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Impressionism - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Impressionism - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Landscapes - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Landscapes - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Masterpieces - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Masterpieces - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Nature - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Nature - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Travel - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Travel - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Vintage - GalleryPlayer\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes Images\Vintage - GalleryPlayer\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Mes vid‚os\_desktop.ini
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Desktop_.ini
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\_desktop.ini
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\Desktop_.ini
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\TempRec\_desktop.ini
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\TempRec\Desktop_.ini
C:\WINDOWS\system32\config\48181980.Evt
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ASC3550P
-------\Service_asc3550p
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-26 to 2008-06-26 ))))))))))))))))))))))))))))))))))))
.
2008-06-23 20:43 . 2008-06-23 20:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-06-23 19:20 . 2008-06-23 19:20 5,376 --a------ C:\WINDOWS\system32\drivers\MS1000.sys
2008-06-23 19:19 . 2008-06-26 18:17 <REP> d-------- C:\Program Files\The Cleaner Free
2008-06-18 19:01 . 2008-06-24 20:49 <REP> d-------- C:\Program Files\adslTV
2008-06-18 19:01 . 2008-06-18 19:01 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\vlc
2008-06-14 11:40 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 11:40 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-26 16:28 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-26 16:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-26 16:26 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\Lavasoft
2008-06-25 19:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-25 18:47 1,672 ----a-w C:\Documents and Settings\HP_Administrateur\Application Data\wklnhst.dat
2008-06-25 18:11 --------- d-----w C:\Program Files\eMule
2008-06-22 15:37 --------- d-----w C:\Program Files\LimeWire
2008-06-22 14:11 --------- d-----w C:\Program Files\BitTorrent Fastest Tool
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-04 14:19 --------- d-----w C:\Program Files\Google
2008-05-03 20:52 --------- d-----w C:\Program Files\GemMasterFrench
2008-05-03 09:35 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-05-03 09:35 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-04-28 18:38 --------- d-----w C:\Program Files\7-Zip
2008-04-28 17:07 --------- d-----w C:\Program Files\BitDownload
2007-01-19 21:26 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" [2007-10-18 12:34 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 13:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-04 16:19 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:34 64512]
"ftutil2"="ftutil2.dll" [2004-06-07 14:05 106496 C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-22 01:56 16261632 C:\WINDOWS\RTHDCPL.EXE]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-02-22 02:59 143360]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-21 02:06 7622656]
"nwiz"="nwiz.exe" [2006-06-21 02:06 1519616 C:\WINDOWS\system32\nwiz.exe]
"DMAScheduler"="c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 10:05 90112]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 23:14 237568]
"PCDrProfiler"="" []
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 23:34 249856]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 07:11 49152]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-03 11:34 185896]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"mobiswing"="C:\PROGRA~1\BITTOR~1\BitP.exe" [2007-11-10 17:11 40960]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\eMule.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\BitDownload\\BitDownload.exe"=
"C:\\Program Files\\adslTV\\adsltv.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 13:00]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
tapisrv REG_MULTI_SZ Tapisrv
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbf681e0-6abf-11dc-aae0-0008d3075b9d}]
\Shell\AutoRun\command - F:\AutoTransfer.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-26 16:31:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
HI JACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51, on 2008-06-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\BITTOR~1\BitP.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\HP_Administrateur\Mes documents\mes logiciels\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Windows Live Toolbar\msn_sl.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~1\BitP.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
A voir également:
- Trojan win 32 gen other interpreter SVP
- 32 bits - Guide
- Power iso 32 bit - Télécharger - Gravure
- Win rar - Télécharger - Compression & Décompression
- Télécharger windows 7 32 bits usb - Télécharger - Systèmes d'exploitation
- Clé de produit windows 7 professionnel 32 bits gratuit - Guide
2 réponses
slt
va dans le post ou cela a été demandé! car il en reste
sinon
pour remettre votre icône a coté de l'horloge il vous suffi juste d'aller a la partition C /Progamme Files/Awil .../Avast et cliqué juste sur l'icone ashDisp
va dans le post ou cela a été demandé! car il en reste
sinon
pour remettre votre icône a coté de l'horloge il vous suffi juste d'aller a la partition C /Progamme Files/Awil .../Avast et cliqué juste sur l'icone ashDisp
lilas
bonjour merci pour le conseil mais je ne sais pas ce que ça veux aller dans le post et faire quoi ? désolé mais je comprends pas. Il faudrait me détailler car je suis novice . Merci de votre aide
