Aller au contenu

Novo2105

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    2

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Français

Novo2105's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Novo2105
    Bonjour à tous, n'étant pas sûr que mon 1er message vous soit bien parveu, je vous envoie un second heeeelp... voila il semble que je sois infectl par une myriade de virus tels que : - Trjan - spy.win32@mx - w32.Myzor.FK@yf je vous soumet rapport ci dessous. Merci pour votre aide [11/22/2007, 6:15:34] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Novi\Local Settings\Temporary Internet Files\Content.IE5\4EOPLBCZ\VirtumundoBeGone[1].exe" ) [11/22/2007, 6:15:46] - Detected System Information: [11/22/2007, 6:15:46] - Windows Version: 5.1.2600, Service Pack 2 [11/22/2007, 6:15:46] - Current Username: Novi (Admin) [11/22/2007, 6:15:46] - Windows is in NORMAL mode. [11/22/2007, 6:15:46] - Searching for Browser Helper Objects: [11/22/2007, 6:15:46] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [11/22/2007, 6:15:46] - BHO 2: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} () [11/22/2007, 6:15:46] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/22/2007, 6:15:46] - Checking for HKLM\...\Winlogon\Notify\ctbr [11/22/2007, 6:15:46] - Key not found: HKLM\...\Winlogon\Notify\ctbr, continuing. [11/22/2007, 6:15:46] - BHO 3: {23B760D6-C98B-450B-9B32-26C7775CDF83} () [11/22/2007, 6:15:46] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/22/2007, 6:15:46] - Checking for HKLM\...\Winlogon\Notify\isfmdl [11/22/2007, 6:15:46] - Key not found: HKLM\...\Winlogon\Notify\isfmdl, continuing. [11/22/2007, 6:15:46] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} () [11/22/2007, 6:15:46] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/22/2007, 6:15:46] - Checking for HKLM\...\Winlogon\Notify\SDHelper [11/22/2007, 6:15:46] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing. [11/22/2007, 6:15:46] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [11/22/2007, 6:15:46] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} () [11/22/2007, 6:15:46] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/22/2007, 6:15:46] - No filename found. Continuing. [11/22/2007, 6:15:46] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [11/22/2007, 6:15:46] - Finished Searching Browser Helper Objects [11/22/2007, 6:15:46] - Finishing up... [11/22/2007, 6:15:46] - Nothing found! Exiting... [11/22/2007, 6:23:18] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Novi\Local Settings\Temporary Internet Files\Content.IE5\4EOPLBCZ\VirtumundoBeGone[1].exe" ) [11/22/2007, 6:23:21] - Detected System Information: [11/22/2007, 6:23:21] - Windows Version: 5.1.2600, Service Pack 2 [11/22/2007, 6:23:21] - Current Username: Novi (Admin) [11/22/2007, 6:23:21] - Windows is in NORMAL mode. [11/22/2007, 6:23:21] - Searching for Browser Helper Objects: [11/22/2007, 6:23:21] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [11/22/2007, 6:23:21] - BHO 2: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} () [11/22/2007, 6:23:21] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/22/2007, 6:23:21] - Checking for HKLM\...\Winlogon\Notify\ctbr [11/22/2007, 6:23:21] - Key not found: HKLM\...\Winlogon\Notify\ctbr, continuing. [11/22/2007, 6:23:21] - BHO 3: {23B760D6-C98B-450B-9B32-26C7775CDF83} () [11/22/2007, 6:23:21] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/22/2007, 6:23:21] - Checking for HKLM\...\Winlogon\Notify\isfmdl [11/22/2007, 6:23:21] - Key not found: HKLM\...\Winlogon\Notify\isfmdl, continuing. [11/22/2007, 6:23:21] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} () [11/22/2007, 6:23:21] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/22/2007, 6:23:21] - Checking for HKLM\...\Winlogon\Notify\SDHelper [11/22/2007, 6:23:21] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing. [11/22/2007, 6:23:21] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [11/22/2007, 6:23:21] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} () [11/22/2007, 6:23:21] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/22/2007, 6:23:21] - No filename found. Continuing. [11/22/2007, 6:23:21] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [11/22/2007, 6:23:21] - Finished Searching Browser Helper Objects [11/22/2007, 6:23:21] - Finishing up... [11/22/2007, 6:23:21] - Nothing found! Exiting...
  2. Novo2105
    Hello à toute l'équipe... je suis tout nouveau tout frais... voila, je reçois 2 messages d'alerte, à savoir : - Alert system. Trjan-spy.win32@mx - W32.Myzor.fk@ et y fô bien dire que mon PC péclote depuis. J'ai fait un scan que je vous soumet ci-dessous. Merci pour votre précieuse assistance et à très bientôt. Logfile of HijackThis v1.99.1 Scan saved at 18:46:23, on 18.11.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Video Add-on\icthis.exe C:\Program Files\Video Add-on\isfmntr.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Video Add-on\icmntr.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Video Add-on\isfmm.exe C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Lemoncast\lemoncast.exe C:\Program Files\Fichiers communs\MonContenuassistant\mc.exe C:\Program Files\Fichiers communs\WinPCDoctor\strpmon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Saxo\Saxo.exe C:\Program Files\AntiSpywareShield\AntiSpywareShield.exe C:\Program Files\SEC\MagicTune3.5_Client\GammaTray.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Nokia\PC Suite pour Nokia 9210i Communicator\ConnectState.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe C:\Program Files\Nokia\PC Suite pour Nokia 9210i Communicator\ECTaskScheduler.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\YesMessenger\YesMessenger.exe C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE C:\Program Files\Bluewin\Quick Help\bin\mpbtn.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: (no name) - {23B760D6-C98B-450B-9B32-26C7775CDF83} - C:\Program Files\Video Add-on\isfmdl.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: IE Custom Tools - {70CC76D5-A4EE-4F25-9931-B109A63E298E} - C:\Program Files\Video Add-on\ictmdl.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\FR\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=120307 serial=DR12WRX-0516938-TWR lang=FR O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [carpediem] C:\Program Files\Lemoncast\lemoncast.exe O4 - HKLM\..\Run: [salestart] "C:\Program Files\Fichiers communs\MonContenuassistant\mc.exe" dm=http://moncontenuassistant.com; ad=http://moncontenuassistant.com O4 - HKLM\..\Run: [salestart(1)] "C:\Program Files\Fichiers communs\WinPCDoctor\strpmon.exe" dm=http://winpcdoctor.com; ad=http://winpcdoctor.com O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [saxo] C:\Program Files\Saxo\Saxo.exe regstart O4 - HKCU\..\Run: [AntiSpywareShield] C:\Program Files\AntiSpywareShield\AntiSpywareShield.exe O4 - Startup: YesMessenger.lnk = C:\Program Files\YesMessenger\YesMessenger.exe O4 - Global Startup: Color Calibration.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Lien PC Suite pour Nokia 9210i Communicator.lnk = C:\Program Files\Nokia\PC Suite pour Nokia 9210i Communicator\ConnectState.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: MagicTune3.5.lnk = ? O4 - Global Startup: NaturalColorLoad.lnk = ? O4 - Global Startup: Planificateur de tâches de PC Suite pour Nokia 9210i Communicator.lnk = C:\Program Files\Nokia\PC Suite pour Nokia 9210i Communicator\ECTaskScheduler.exe O4 - Global Startup: Quick Help.lnk = C:\Program Files\Bluewin\Quick Help\bin\matcli.exe O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.topsoftwarefeed.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.topsoftwarefeed.com/redirect.php (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1131524385578 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
×
×
  • Créer...