Aller au contenu

fouty

Membres
  • Compteur de contenus

    1
  • Inscription

  • Dernière visite

fouty's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. bonjour j'ai besoin d'aide ZHP m'a trouver 2malwares voici le rapport Zeb Help Process 2 by Nicolas Coolman - Rapport de synthèse du 14/12/2008 15:47:35 PROCESSUS MALWARE (Rootkit, trojan, ver, spyware, adware,...) O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaultname O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaulturl PROCESSUS SUPERFLU DU SYSTEME C:\Windows\system32\igfxpers.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = O20 - Winlogon Notify: C:\Windows\System32\igfxdev.dll O44 - LFC:Last File Created - C:\Windows\System32\perfc009.dat -->14/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\perfc00C.dat -->14/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\perfh009.dat -->14/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\perfh00C.dat -->14/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\reg.exe -->17/10/2008 TOOLBAR INUTILE (Navigateur internet) O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - C:\PROGRA~1\Yahoo!\common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - C:\PROGRA~1\Yahoo!\common\yinsthelper.dll PROCESSUS D'ACTION INCONNUE O42 - Logiciel: MSVCRT PROCESSUS INUTILE (Au démarrage du système) C:\Program Files\Bonjour\mDNSResponder.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe PROTECTION DU SYSTEME (Antivirus, FireWall, Anti-Malwares) Avira®AntiVir PersonalEdition Premium Avira®AntiVir PersonalEdition Avira®AntiVir Internet Security Suite Symantec®Norton Antivirus Microsoft®Windows Defender Avira AntiVir PersonalEdition Premium Anvira Antivir Premium RAPPORT SIMPLIFIE C:\Windows\system32\igfxpers.exe C:\Program Files\Bonjour\mDNSResponder.exe P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin.dll P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin2.dll P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin3.dll P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin4.dll P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin5.dll P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin6.dll P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin7.dll R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKLM\..\policies\Explorer: [bindDirectlyToPropertySetStorage] Data="0" O5 - control.ini: inetcpl.cpl=no O20 - Winlogon Notify: C:\Windows\System32\igfxdev.dll O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - %ProgramFiles%\Windows Media Player\wmpnetwk.exe O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - C:\PROGRA~1\Yahoo!\common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - C:\PROGRA~1\Yahoo!\common\yinsthelper.dll O42 - Logiciel: EVEREST Ultimate Edition v4.60 O42 - Logiciel: SFR - Kit de connexion O42 - Logiciel: TeamViewer 3 O42 - Logiciel: MSVCRT O42 - Logiciel: Windows Live Contrôle parental O44 - LFC:Last File Created - C:\Windows\System32\authuitu.dll -->11/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\chajei.ime -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\cintlgnt.ime -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\compcln.exe -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\DevicePairing.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\DevicePairingProxy.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\DevicePairingWizard.exe -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\dot3.tmf -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\EhStorAPI.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\EhStorAuthn.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\EhStorPwdMgr.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\EhStorShell.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\fdBth.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\fdBthProxy.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\FunctionDiscoveryFolder.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\IMJP10.IME -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\imkr80.ime -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\infocardcpl.cpl -->24/09/2008 O44 - LFC:Last File Created - C:\Windows\System32\jupdate-1.6.0_07-b06.log -->24/09/2008 O44 - LFC:Last File Created - C:\Windows\System32\jupdate-1.6.0_11-b03.log -->03/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\msdxm.ocx -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\perfc009.dat -->14/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\perfc00C.dat -->14/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\perfh009.dat -->14/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\perfh00C.dat -->14/12/2008 O44 - LFC:Last File Created - C:\Windows\System32\phon.ime -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\PhotoScreensaver.scr -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\pintlgnt.ime -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\qintlgnt.ime -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\quick.ime -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\reg.exe -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\scavenge.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\spcmsg.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\sperror.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\spinstall.exe -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\spreview.exe -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\spwizui.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\StructuredQuerySchema.bin -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\tintlgnt.ime -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\unimdm.tsp -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\WcnNetsh.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\wcnwiz2.dll -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\WFP.TMF -->17/10/2008 O44 - LFC:Last File Created - C:\Windows\System32\winload.exe -->17/10/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ACER.SCR-AE6EEAA7.pf -->07/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-881338199-2757663508-3465898061-1000.snp.db -->30/11/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db.trx -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC3_129C1FC0.db -->30/11/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFaultHistory.db -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFgAppHistory.db -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlGlobalHistory.db -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-881338199-2757663508-3465898061-1000.db -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-881338199-2757663508-3465898061-1000.db -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgRobust.db -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVWSC.EXE-569A89B1.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CLEANMGR.EXE-E3C5E89D.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DFRGNTFS.EXE-7E4077FE.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DRIVEDEFRAG.EXE-B9D9C22D.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIREFOX.EXE-255143D4.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIREFOX.EXE-CE15188F.pf -->11/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FLASHUTIL10A.EXE-F38539B4.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\HELPER.EXE-B22D28BB.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEINSTAL.EXE-E191F095.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IELOWUTIL.EXE-3885C25E.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IGFXEXT.EXE-D5F523DB.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\INTEGRATOR.EXE-7884CEB1.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\JAVA.EXE-E27B75C2.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\JP2LAUNCHER.EXE-7C1F11C1.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\KAVUNINSTALL.EXE-1A5CF5B4.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSFEEDSSYNC.EXE-6E6FBDF4.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf -->12/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSNMSGR.EXE-9974F251.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ONECLICKSTARTER.EXE-6B9E1127.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\OPERA.EXE-103FF2EC.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\OSE.EXE-533D8AC9.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PfSvPerfStats.bin -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PREUPD.EXE-FE8602D5.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PROCESSMANAGER.EXE-0C3361C8.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PSI.EXE-B0E5451A.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RESCUECENTER.EXE-90796A8E.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RIBBONS.SCR-9E2C8FF1.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-AAB1BBB5.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SCANNINGPROCESS.EXE-AE04B918.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SETHC.EXE-6A2DC453.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SETUP_WM.EXE-674F654A.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SPEEDOPTIMIZER.EXE-21563DB2.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SSVAGENT.EXE-42E515EF.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SYSTEMCONTROL.EXE-FB98EB84.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SYSTEMINFORMATION.EXE-B50EC0C5.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TUNEUPDEFRAGSERVICE.EXE-D0A510AF.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\UPDATE.EXE-C8590104.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\UPDATEWIZARD.EXE-62CE9C4A.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf -->12/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLCOMM.EXE-272FF9F7.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLLOGINPROXY.EXE-9E0DCEF8.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLMAIL.EXE-1507296E.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLTUSER.EXE-697D492E.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf -->13/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf -->14/12/2008 O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHP2.EXE-2B098B11.pf -->14/12/2008 O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaultname O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaulturl merci d'avance
×
×
  • Créer...