Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

aide urgente svp ! virus sur PC

rozo78

Par rozo78
dans Analyses et éradication malwares

 Partager

Messages recommandés

rozo78 Junior Member

rozo78

Posté(e)
Posté(e)

Bonjour,

depuis 2 jours, mon PC est infecté.

Mon fond d'écran est remplacé par des fonds d'écran qui changent chaque jour et une fenêtre type publicitaire s'ouvre également sans que je ne puisse la fermer.

De plus j'ai des messages d'alerte qui apparaissent lorsque je me connecte au net.

J'ai Norton d'installé mais il ne détecte rien du tout.

 

voici mon rapport HiJack This (très long !)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:06:46, on 10/02/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Wintab32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ZPOINT32.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\PROGRA~1\INSTAN~1\INSTAN~1\IWCTRL.EXE

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE

C:\Program Files\Logitech\iTouch\iTouch.exe

C:\PROGRA~1\Wanadoo\CnxMon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe

C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe

C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe

C:\PROGRA~1\Wanadoo\TaskbarIcon.exe

C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe

C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\winvi\wupda.exe

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe

C:\DOCUME~1\PIERRE\LOCALS~1\Temp\bwgo00016193.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

C:\Program Files\Google\Google Updater\GoogleUpdater.exe

C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\Program Files\Sun\StarOffice 8\program\soffice.exe

C:\Program Files\Sun\StarOffice 8\program\soffice.BIN

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe

c:\program files\internet explorer\iexplore.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.us-start.com/start.php

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll (file missing)

O2 - BHO: trafficninja.biz extension - {266A3562-AB67-480E-9F09-D54604FD817B} - C:\WINDOWS\system32\ninjaext.dll

O2 - BHO: ads_optimizer - {26E45419-7205-4fac-BBFE-174BC7337A79} - C:\WINDOWS\system32\nsbDC0.dll (file missing)

O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\UpMedia\ContentTool.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O4 - HKLM\..\Run: [ZPOINT32] C:\WINDOWS\system32\ZPOINT32.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [iW Controlcenter] C:\PROGRA~1\INSTAN~1\INSTAN~1\IWCTRL.EXE

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"

O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"

O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"

O4 - HKLM\..\Run: [Acecad.Wtxpload] C:\WINDOWS\Acecad\Wtxpload.exe Acecad

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [postSetupCheck] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background

O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [sRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [sRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'Default user')

O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe

O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: EPSON CardMonitor.lnk = ?

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe

O4 - Global Startup: Picture Package Menu.lnk = ?

O4 - Global Startup: Picture Package VCD Maker.lnk = ?

O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O15 - Trusted Zone: http://www.secuser.com

O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - http://esupport.epson-europe.com/ePC/activex/EpsonSetup.cab

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-3-48.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://mouchailloux.spaces.live.com//Photo...ad/MsnPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1146921266750

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/ac.../ActiveData.cab

O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/es/SysWebTelecom.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab30149.cab

O18 - Protocol: bw+0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: Msteptisvasd - Logitech - C:\WINDOWS\system32\drivers\LMouFlt2.sys

O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE

O23 - Service: WinFast® Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: NexTab (Wintab32) - Unknown owner - C:\WINDOWS\system32\Wintab32.exe

O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/PIERRE/LOCALS~1/Temp/msoclip1/01/clip_image002.gif

 

--

End of file - 30816 bytes

 

 

 

merci pour votre aide !!!

rozo78 Junior Member

rozo78

Posté(e)
  • Auteur
Posté(e)

et voici mon rapport MSNFix

 

MSNFix 1.657

 

C:\Documents and Settings\PIERRE\Bureau\MSNFix\MSNFix

Fix exécuté le 10/02/2008 - 18:06:16,73 By PIERRE

mode normal

 

************************ Recherche les fichiers présents

 

Aucun Fichier trouvé

 

************************ Recherche les dossiers présents

 

... C:\Temp\

 

 

 

 

************************ Suppression des fichiers

 

 

 

************************ Suppression des dossiers

 

/!\ ... C:\Temp\

 

 

************************ Nettoyage du registre

 

 

 

************************ Fichiers suspects

 

Aucun Fichier trouvé

 

 

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 10022008_18081978.zip

 

 

Information ...... Information ...... Information ......

 

/!\ /!\ MSNFix n'est pas affilié a livekill CleanMessenger /!\ /!\

 

Ce pseudo antivirus copie les bases de MSNFix pour se tenir a jour

 

 

/!\ /!\ MSNFix is not affiliated with Livekill CleanMessenger /!\ /!\

 

------------------------------------------------------------------------

Auteur : !aur3n7 Contact: http://changelog.fr

------------------------------------------------------------------------

 

--------------------------------------------- END ---------------------------------------------

rozo78 Junior Member

rozo78

Posté(e)
  • Auteur
Posté(e)

et mon combo fix :

 

ComboFix 08-02.05.3 - PIERRE 2008-02-10 18:22:16.2 - NTFSx86

Endroit: C:\Documents and Settings\PIERRE\Local Settings\Temporary Internet Files\Content.IE58KKNWJO\ComboFix[1].exe

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

((((((((((((((((((((((((((((( Fichiers créés 2008-01-10 to 2008-02-10 ))))))))))))))))))))))))))))))))))))

.

 

2008-02-10 17:06 . 2008-02-10 17:06 <REP> d-------- C:\Program Files\Trend Micro

2008-02-07 22:02 . 2008-02-09 23:31 <REP> d-------- C:\Program Files\winvi

2008-02-07 21:41 . 2008-02-07 15:42 74,137 --a------ C:\Program Files\uninstall_activeX.exe

2008-02-07 21:40 . 2007-11-21 01:04 218,496 -ra------ C:\Program Files\FlashUtil9e.exe

2008-02-07 20:36 . 2008-02-07 20:36 <REP> d-------- C:\Program Files\u320-en

2008-02-02 13:30 . 2008-02-02 13:30 <REP> d-------- C:\Program Files\Norton Security Scan

2008-02-01 23:07 . 2008-02-01 23:07 41 --a------ C:\WINDOWS\system32\blue.SITENAME

2008-02-01 22:37 . 2002-07-04 12:55 94,964 --a------ C:\WINDOWS\system32\drivers\Hlp.sys

2008-02-01 22:37 . 2008-02-01 22:39 184 --a------ C:\WINDOWS\edtinst.ini

2008-01-15 21:15 . 1998-07-30 14:54 2,123,776 --a------ C:\WINDOWS\system32\QuickTimeMusicalInstruments.qtx

2008-01-15 21:15 . 1998-03-20 12:00 969,216 --a------ C:\WINDOWS\system32\qd3d.dll

2008-01-15 21:15 . 1998-03-26 16:00 747,008 --a------ C:\WINDOWS\system32\Indeo4.qtx

2008-01-15 21:15 . 1998-03-20 12:00 596,992 --a------ C:\WINDOWS\system32\rave.dll

2008-01-15 21:15 . 1998-03-20 12:00 253,952 --a------ C:\WINDOWS\system32\QD3D_IR2.q3x

2008-01-15 21:15 . 1998-07-30 14:54 202,240 --a------ C:\WINDOWS\system32\QuickTime.cpl

2008-01-15 21:15 . 1998-03-20 12:00 126,976 --a------ C:\WINDOWS\system32\3DViewer.dll

2008-01-15 21:15 . 1998-03-20 12:00 44,032 --a------ C:\WINDOWS\system32\QD3DCustomElements.q3x

2008-01-15 21:15 . 1998-07-30 14:53 27,136 --a------ C:\WINDOWS\system32\QTUninst.dll

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-02-10 17:03 --------- d-----w C:\Documents and Settings\PIERRE\Application Data\StarOffice8

2008-02-10 16:54 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared

2008-02-10 16:43 374 ----a-w C:\Documents and Settings\PIERRE\Application Data\internaldb8467.dat

2008-02-10 16:37 555 ----a-w C:\Documents and Settings\PIERRE\Application Data\internaldb6334.dat

2008-02-10 16:37 18,432 ----a-w C:\Documents and Settings\PIERRE\Application Data\internaldb41.dat

2008-02-10 16:01 --------- d-----w C:\Program Files\LimeWire

2008-02-09 22:32 --------- d-----w C:\Program Files\Fichiers communs\Adobe

2008-02-09 20:49 --------- dc----w C:\Documents and Settings\All Users\Application Data\Google Updater

2008-02-07 14:42 23,109 ----a-w C:\Program Files\install.log

2008-02-06 16:38 --------- dc----w C:\Documents and Settings\All Users\Application Data\Sony Corporation

2008-02-06 16:37 --------- d-----w C:\Documents and Settings\PIERRE\Application Data\Sony Corporation

2008-02-06 16:01 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-02-06 15:56 --------- d-----w C:\Program Files\Sony

2008-01-28 20:48 --------- d-----w C:\Documents and Settings\PIERRE\Application Data\Skype

2008-01-28 17:45 --------- d-----w C:\Documents and Settings\PIERRE\Application Data\skypePM

2008-01-17 20:58 --------- d-----w C:\Program Files\WinTV

2008-01-17 20:58 --------- d-----w C:\Program Files\vtplus

2008-01-15 20:15 --------- d-----w C:\Program Files\QuickTime

2008-01-08 21:32 --------- d-----w C:\Program Files\Incomplete

2007-12-27 22:27 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01001_Coinstaller_Critical.Wdf

2007-12-27 22:27 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_Spyder3_01001.Wdf

2007-12-27 22:20 --------- d-----w C:\Program Files\Datacolor

2007-12-26 19:20 --------- d-----w C:\Program Files\Fichiers communs\xing shared

2007-12-26 19:20 --------- d-----w C:\Program Files\Fichiers communs\Real

2007-12-16 17:20 --------- d-----w C:\Program Files\LeechFTP

2007-12-16 16:10 18,944 ----a-w C:\WINDOWS\eraser.exe

2007-12-10 21:10 10,884,472 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe

2007-12-10 21:10 --------- d-----w C:\Program Files\Illustrate

2007-12-09 18:04 675,579 ----a-w C:\WINDOWS\PROGRAM.exe

2007-12-09 18:04 363,980 ----a-w C:\WINDOWS\1-fe5e180d56ed9c233080898276c260cc.exe

2007-12-09 18:04 203,592 ----a-w C:\WINDOWS\distro_SelectRebatesSetup_um1001.exe

2007-12-09 18:04 139,264 ----a-w C:\WINDOWS\MirarDownloader_876260.exe

2007-11-28 18:55 40,737 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe

2007-11-21 00:04 2,987,392 ----a-r C:\Program Files\Flash9e.ocx

2007-11-19 22:33 102,400 ----a-w C:\WINDOWS\MBDownloader_876932.exe

2007-11-17 16:14 32 -c--a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat

2007-03-16 16:54 20 -c-h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT

2007-02-27 19:58 1,764,352 ----a-w C:\Program Files\epson1138eu.exe

2007-02-27 19:57 5,897,728 ----a-w C:\Program Files\epson5060eu.exe

2006-08-01 21:55 824,824 ----a-w C:\Program Files\sonicstageinstaller.exe

2006-04-15 21:51 548,730 ----a-w C:\Program Files\u320-en.zip

2005-11-23 22:09 611,954 ----a-w C:\Program Files\u340-en.zip

2005-11-20 13:28 9,663,232 ----a-w C:\Program Files\OutlookExpress506FRA.bin

2005-11-20 13:23 8,274,695 ----a-w C:\Program Files\vlc-0.8.2-win32.exe

2005-11-02 20:32 7,256,768 ----a-w C:\Program Files\SkypeSetup.exe

2005-09-17 16:31 11,284,970 ----a-w C:\Program Files\cdbxp_setup_3.0.116.zip

2005-08-27 12:38 1,435,272 ----a-w C:\Program Files\Flash8.ocx

2005-04-21 13:28 6,144 --sha-w C:\Program Files\Thumbs.db

2004-12-16 11:01 8,273 ----a-w C:\Program Files\snylcd53.cat

2004-12-10 20:20 2,824 ----a-w C:\Program Files\HS95P_65.icm

2004-12-10 19:52 2,824 ----a-w C:\Program Files\HS95P_93.icm

2004-11-30 16:39 1,636 ----a-w C:\Program Files\SnyLCD53.inf

2004-10-24 21:39 1,112 ----a-w C:\Documents and Settings\PIERRE\Application Data\ViewerApp.dat

2004-08-22 12:22 3,844,558 ----a-w C:\Program Files\SFF-6.2.1d9(DCPRO).exe

2004-08-21 20:30 718,556 ----a-w C:\Program Files\PIMForC3D35Patch.zip

2004-06-20 10:01 9,304,688 ----a-w C:\Program Files\MPSetupXP.exe

2004-06-06 17:08 4,474,271 ----a-w C:\Program Files\it222fra.exe

2004-06-03 19:42 59,992 ----a-w C:\Program Files\msnaddin.exe

2004-06-02 19:58 21,386,357 ----a-w C:\Program Files\dwmx2004_701update_fr.exe

2004-05-25 11:30 836,608 ----a-w C:\Program Files\iview385.exe

2003-09-22 13:16 9,982,321 ----a-w C:\Program Files\illumi153_fr.exe

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266A3562-AB67-480E-9F09-D54604FD817B}]

2007-08-20 18:58 75264 --a------ C:\WINDOWS\system32\ninjaext.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26E45419-7205-4fac-BBFE-174BC7337A79}]

C:\WINDOWS\system32\nsbDC0.dll

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]

"LDM"="C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2004-11-13 21:02 20480]

"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-05-08 04:17 81920]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-09 20:10 68856]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 08:59 204288]

"WinUpdater"="C:\Program Files\winvi\update.exe" [2008-02-07 19:12 174143]

"WebSUpdater"="C:\Program Files\winvi\wupda.exe" [2008-02-07 19:12 198185]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ZPOINT32"="C:\WINDOWS\system32\ZPOINT32.exe" [2002-07-04 13:49 20480]

"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-11-14 22:04 100056]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-05-25 22:02 86016]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-25 22:02 6746112]

"IW Controlcenter"="C:\PROGRA~1\INSTAN~1\INSTAN~1\IWCTRL.EXE" [2002-07-29 15:18 750592]

"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-06-26 01:32 172032]

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-18 18:55 49152]

"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 14:18 241664]

"URLLSTCK.exe"="C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe" [2004-01-27 15:58 70760]

"nwiz"="nwiz.exe" [2005-05-25 22:02 1519616 C:\WINDOWS\system32\nwiz.exe]

"EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2001-12-20 09:42 35328]

"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 09:33 892928]

"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2003-12-03 17:18 20480]

"WooCnxMon"="C:\PROGRA~1\Wanadoo\CnxMon.exe" [2002-11-12 16:34 24576]

"SoundMan"="SOUNDMAN.EXE" [2003-06-10 12:12 55296 C:\WINDOWS\SOUNDMAN.EXE]

"RoxioEngineUtility"="C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" [2003-05-01 18:44 65536]

"RoxioDragToDisc"="C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2004-10-13 22:40 868352]

"RoxioAudioCentral"="C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-07-15 12:36 319488]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-04 23:00 282624]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-06-14 15:24 278528]

"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2006-04-04 10:55 71304]

"Advanced Tools Check"="C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE" [2003-08-20 11:55 74896]

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 00:18 57344]

"Acecad.Wtxpload"="C:\WINDOWS\Acecad\Wtxpload.exe" [2005-04-30 23:14 57344]

"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\TaskbarIcon.exe" [2003-12-03 17:18 53248]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-06-14 18:32 132760]

"Auto Run Software for Photo Frame"="" []

"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]

"postSetupCheck"="C:\WINDOWS\system32" [2008-02-10 18:30 0]

"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-12-26 20:19 185632]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]

"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2005-01-27 14:59 263776]

"Symantec Network Driver Update Warning"="C:\PROGRA~1\Symantec\LIVEUP~1\SNDWarn.EXE" [2004-04-30 17:02 91256]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SRUUninstall"="C:\WINDOWS\System32\msiexec.exe" [2005-03-21 14:00 78848]

 

R1 Asapi;ASAPI;C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 20:27]

R1 cdrdrv;cdrdrv;C:\WINDOWS\system32\drivers\cdrdrv.sys [2002-07-26 14:32]

R1 hlp;FAST HLP Driver;C:\WINDOWS\system32\Drivers\Hlp.Sys [2002-07-04 12:55]

R1 lstone;Pinnacle Systems DV500 Overlay;C:\WINDOWS\system32\DRIVERS\lstone2k.sys [2002-06-27 15:20]

R1 MemAlloc;MemAlloc;C:\WINDOWS\system32\drivers\memalloc.sys [2002-06-06 15:08]

R1 vobcom;vobcom;C:\WINDOWS\system32\drivers\vobcom.sys [2001-10-04 11:53]

R1 vobiw;vobiw;C:\WINDOWS\system32\drivers\vobiw.sys [2002-08-09 16:23]

R2 V7;V7;C:\WINDOWS\system32\drivers\V7.sys [2000-03-10 01:24]

R3 EPUSBSTOR;EPSON USB Storage Driver;C:\WINDOWS\system32\DRIVERS\epusbsto.sys [2001-09-10 00:00]

R3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 11:35]

R3 HCWBT8xx;Hauppauge WinTV 848/9 WDM Video Driver;C:\WINDOWS\system32\drivers\HCWBT8XX.sys [2004-10-08 20:04]

R3 NPDriver;Norton Unerase Protection Driver;C:\WINDOWS\system32\Drivers\NPDRIVER.SYS [2002-08-14 06:03]

R3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2004-02-14 05:09]

R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]

R3 W2acehid;Acecad HID;C:\WINDOWS\system32\DRIVERS\w2acehid.sys [2005-05-02 22:35]

R3 Wtcls2k;Wtcls2k;C:\WINDOWS\system32\DRIVERS\wtcls2k.sys [2005-05-01 02:19]

S0 NVDual;NVDual;C:\WINDOWS\system32\DRIVERS\nvDual.sys []

S2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys [2002-03-22 12:07]

S2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2002-03-22 12:07]

S2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2002-03-22 12:07]

S2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys [2002-03-22 12:07]

S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys []

S3 Msteptisvasd;Msteptisvasd;C:\WINDOWS\system32\drivers\LMouFlt2.sys [2001-12-19 10:42]

S3 Spyder3;Datacolor Spyder3;C:\WINDOWS\system32\DRIVERS\Spyder3.sys [2007-10-10 00:53]

S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58]

S3 WFsys;WinFox Control I/O Driver;C:\WINDOWS\system32\DRIVERS\wfsys.sys [2002-04-22 15:15]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f84af05c-c920-11d9-a297-0007cb0000ff}]

\Shell\AutoRun\command - G:\setupSNK.exe

 

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-02-09 18:02:18 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - PIERRE.job"

- C:\PROGRA~1\NORTON~1\NORTON~1\NAVW32.EXEh/task:

"2008-02-08 21:55:03 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur.job"

- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/task:

"2008-02-02 12:30:08 C:\WINDOWS\Tasks\Norton Security Scan.job"

- C:\Program Files\Norton Security Scan\Nss.exe

"2008-02-10 14:05:55 C:\WINDOWS\Tasks\Symantec NetDetect.job"

- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-02-10 18:31:00

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

Temps d'accomplissement: 2008-02-10 18:32:28

ComboFix-quarantined-files.txt 2008-02-10 17:32:23

ComboFix2.txt 2008-02-10 16:51:28

.

2008-01-09 23:12:15 --- E O F ---

 

 

que faire maintenant ????

herve8 Member

herve8

Posté(e)
Posté(e) (modifié)
up !

 

(je sais que les rapports sont très longs mais j'ai vraiment besoin de votre aide !)

Bonjour

 

Je ne connais pas grand chose dans les rapports hijackthis mais je vais sur le site pour faire analyser mon rapport quand j'ai des doutes sur mon pc

J'ai fait copier ton rapport sur le site et il y a des choses a fixer.

 

 

http://www.hijackthis.de/fr

 

J'ai aussi télécharger le prog de zebulon qui est Zeb Help Process. Il se trouve sur la page d'accueil du site dans la partie téléchargement.

cela aide aussi

 

Bon courage comme les specialistes sont absents.

 

Hervé

Modifié par herve8
Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Humm....

Petit coup de gueule par rapport à tes infections....

 

 

O2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll (file missing)

O2 - BHO: trafficninja.biz extension - {266A3562-AB67-480E-9F09-D54604FD817B} - C:\WINDOWS\system32\ninjaext.dll

O2 - BHO: ads_optimizer - {26E45419-7205-4fac-BBFE-174BC7337A79} - C:\WINDOWS\system32\nsbDC0.dll (file missing)

O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\UpMedia\ContentTool.dll

 

infection AdRotator/TrafficSol

et ho... LimeWire installé... :

 

2008-02-10 16:01 --------- d-----w C:\Program Files\LimeWire

 

Cette infection vient par des téléchargements sur LimeWire, lire : http://forum.malekal.com/viewtopic.php?f=33&t=6465

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.us-start.com/start.php

O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background

O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background

 

Infection via un faux codec soit suite à une publicité, soit pour visualiser des videos pornographiques.

Lire : http://forum.malekal.com/viewtopic.php?f=3...;p=61369#p61369

 

 

Surement ce qui t'interresse à l'heure actuelle est la désinfection de ton PC et que tu t'en fiches peut-être de ce que je raconte...

Mais tout ça pour dire que tes infections sont venues par négligence.... et qu'il faudrait peut-être faire un peu plus attention à l'avenir sur ce qui est fait avec ce PC sur internet... ça t'éviterait ce genre de désagréments.

rozo78 Junior Member

rozo78

Posté(e)
  • Auteur
Posté(e)
Humm....

Petit coup de gueule par rapport à tes infections....

infection AdRotator/TrafficSol

et ho... LimeWire installé... :

Cette infection vient par des téléchargements sur LimeWire, lire : http://forum.malekal.com/viewtopic.php?f=33&t=6465

Infection via un faux codec soit suite à une publicité, soit pour visualiser des videos pornographiques.

Lire : http://forum.malekal.com/viewtopic.php?f=3...;p=61369#p61369

Surement ce qui t'interresse à l'heure actuelle est la désinfection de ton PC et que tu t'en fiches peut-être de ce que je raconte...

Mais tout ça pour dire que tes infections sont venues par négligence.... et qu'il faudrait peut-être faire un peu plus attention à l'avenir sur ce qui est fait avec ce PC sur internet... ça t'éviterait ce genre de désagréments.

 

 

limewire a certes été installé mais jamais utilisé...c'est donc curieux.

Par ailleurs, aucune connexion a des sites pornographiques (sinon des fenêtres intempestives qui s'ouvrent.

Donc effectivement je demande de l'aide, pas ce genre de réflexion qui ne m'avance en rien...

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...