Problème Trojan-gen
torpimer
Messages postés
23
Statut
Membre
-
torpimer Messages postés 23 Statut Membre -
torpimer Messages postés 23 Statut Membre -
Bonjour,
Besoin d'aide. D'avance merci.
Avast m'a détecté Trojan-gen sur mon PC. J'ai donc appliqué à la lettre la procédure du forum et voici les différents rapports:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 18:35:23 13/12/2008
+ Résultat de l'analyse:
:mozilla.41:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.6:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.7:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.9:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.13:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Pauline\Cookies\pauline@atdmt[1].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Remi\Cookies\remi@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.94:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.95:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.96:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.97:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\Remi\Cookies\remi@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.32:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.42:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.43:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.133:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.134:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.135:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.65:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.66:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Pauline\Cookies\pauline@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
Fin du rapport
BitDefender Online Scanner
Rapport d'analyse généré à: Sat, Dec 13, 2008 - 19:25:26
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;
Statistiques
Temps
00:37:54
Fichiers
64131
Directoires
6420
Secteurs de boot
0
Archives
963
Paquets programmes
7612
Résultats
Virus identifiés
0
Fichiers infectés
0
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
0
Info sur les moteurs
Définition virus
2349223
Version des moteurs
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Analyse des plugins
17
Archive des plugins
45
Unpack des plugins
7
E-mail plugins
6
Système plugins
4
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
Aucun virus trouvé.
*********************************************************
Rapport HIJACKTHIS
************************************************************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:36:41, on 13/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.8.10.12:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{53DA7CD0-4491-44B5-A423-2681456DC774}: NameServer = 194.2.0.50,194.2.0.30
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
Besoin d'aide. D'avance merci.
Avast m'a détecté Trojan-gen sur mon PC. J'ai donc appliqué à la lettre la procédure du forum et voici les différents rapports:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 18:35:23 13/12/2008
+ Résultat de l'analyse:
:mozilla.41:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.6:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.7:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.9:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.13:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Pauline\Cookies\pauline@atdmt[1].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Remi\Cookies\remi@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.94:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.95:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.96:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.97:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\Remi\Cookies\remi@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.32:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.42:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.43:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.133:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.134:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.135:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.65:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.66:C:\Documents and Settings\Laurence\Application Data\Mozilla\Firefox\Profiles\8wiykc0w.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Pauline\Cookies\pauline@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
Fin du rapport
BitDefender Online Scanner
Rapport d'analyse généré à: Sat, Dec 13, 2008 - 19:25:26
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;
Statistiques
Temps
00:37:54
Fichiers
64131
Directoires
6420
Secteurs de boot
0
Archives
963
Paquets programmes
7612
Résultats
Virus identifiés
0
Fichiers infectés
0
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
0
Info sur les moteurs
Définition virus
2349223
Version des moteurs
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Analyse des plugins
17
Archive des plugins
45
Unpack des plugins
7
E-mail plugins
6
Système plugins
4
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
Aucun virus trouvé.
*********************************************************
Rapport HIJACKTHIS
************************************************************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:36:41, on 13/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.8.10.12:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{53DA7CD0-4491-44B5-A423-2681456DC774}: NameServer = 194.2.0.50,194.2.0.30
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
A voir également:
- Problème Trojan-gen
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Oxy-gen - Télécharger - Généalogie
- Win32:malware-gen ✓ - Forum Virus
- Win64:malwarex-gen - Forum Virus
- Virus trojan al11 ✓ - Forum Virus
