augustin.blanc

Membres

Afficher le profil Afficher son activité

Compteur de contenus
4
Inscription
le 2 février 2009
Dernière visite
le 5 février 2009

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par augustin.blanc

"Virus" p1.htm p2.htm p3.htm

augustin.blanc a répondu à un(e) sujet de augustin.blanc dans Analyses et éradication malwares

Rapport OTMoveIT Error: Unable to interpret <proce s s e s > in the current context! Error: Unable to interpret <explorer.exe> in the current context! ========== FILE S ========== C:\WINDOW S \ s y s tem32\L S HPRN.EXE moved s ucce s s fully. File/Folder C:\WINDOW S \ s y s tem\ s mv s s .exe not found. ========== COMMAND S ========== File delete failed. C:\DOCUME~1\delphine\LOCAL S ~1\Temp\~DF35A6.tmp s cheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\delphine\LOCAL S ~1\Temp\~DF59EA.tmp s cheduled to be deleted on reboot. U s er' s Temp folder emptied. U s er' s Temporary Internet File s folder emptied. U s er' s Internet Explorer cache folder emptied. Local S ervice Temp folder emptied. File delete failed. C:\Document s and S etting s \Local S ervice\Local S etting s \Temporary Internet File s \Content.IE5\index.dat s cheduled to be deleted on reboot. Local S ervice Temporary Internet File s folder emptied. File delete failed. C:\WINDOW S \temp\_ava s t4_\Web s hloc k .txt s cheduled to be deleted on reboot. File delete failed. C:\WINDOW S \temp\Perflib_Perfdata_71c.dat s cheduled to be deleted on reboot. Window s Temp folder emptied. Java cache emptied. Temp folder s emptied. OTMoveIt3 by OldTimer - Ver s ion 1.0.8.0 log created on 02032009_201122 Rapport ComboFix ComboFix 09-02-02.04 - delphine 2009-02-03 20:21:46.1 - NTF S x86 Micro s oft Window s XP É dition familiale 5.1.2600.3.1252.1.1036.18.447.123 [GMT 1:00] Lanc é depui s : c:\document s and s etting s \delphine\Bureau\COlaf.exe AV: ava s t! antiviru s 4.8.1296 [VP S 090203-0] *On-acce s s s canning di s abled* (Updated) * Un nouveau point de re s tauration a é t é cr é é . ((((((((((((((((((((((((((((( Fichier s cr é é s du 2009-01-03 au 2009-02-03 )))))))))))))))))))))))))))))))))))) . 2009-02-03 20:11 . 2009-02-03 20:11 <REP> d-------- C:\_OTMoveIt 2009-02-02 19:38 . 2009-02-02 19:38 579,584 --a------ c:\window s \ s y s tem32\dllcache\u s er32.dll 2009-02-02 19:37 . 2009-02-02 19:37 <REP> d-------- c:\window s \ERUNT 2009-02-02 19:36 . 2005-02-02 20:18 <REP> d-------- c:\document s and s etting s \Admini s trateur\WINDOW S 2009-02-02 19:36 . 2004-08-16 17:55 <REP> d--h----- c:\document s and s etting s \Admini s trateur\Voi s inage r é s eau 2009-02-02 19:36 . 2004-08-16 17:55 <REP> d--h----- c:\document s and s etting s \Admini s trateur\Voi s inage d'impre s s ion 2009-02-02 19:36 . 2004-08-16 17:55 <REP> d--h----- c:\document s and s etting s \Admini s trateur\Mod è le s 2009-02-02 19:36 . 2004-08-16 18:19 <REP> dr------- c:\document s and s etting s \Admini s trateur\Me s document s 2009-02-02 19:36 . 2004-08-16 17:55 <REP> dr------- c:\document s and s etting s \Admini s trateur\Menu D é marrer 2009-02-02 19:36 . 2005-02-02 20:28 <REP> dr------- c:\document s and s etting s \Admini s trateur\Favori s 2009-02-02 19:36 . 2009-02-02 19:38 <REP> dr------- c:\document s and s etting s \Admini s trateur\Bureau 2009-02-02 19:36 . 2005-02-02 20:28 <REP> d-------- c:\document s and s etting s \Admini s trateur\Application Data\You've Got Picture s S creen s aver 2009-02-02 19:36 . 2005-02-02 20:31 <REP> d-------- c:\document s and s etting s \Admini s trateur\Application Data\ S ymantec 2009-02-02 19:36 . 2009-02-02 19:36 <REP> d-------- c:\document s and s etting s \Admini s trateur 2009-02-02 19:32 . 2009-02-02 20:09 <REP> d-------- C:\ S DFix 2009-02-01 12:49 . 2009-02-01 12:49 <REP> d-------- c:\window s \ s y s tem32\fr 2009-02-01 12:49 . 2009-02-01 12:49 <REP> d-------- c:\window s \ s y s tem32\bit s 2009-02-01 12:49 . 2009-02-01 12:50 <REP> d-------- c:\window s \l2 s chema s 2009-02-01 12:42 . 2009-02-01 12:51 <REP> d-------- c:\window s \ S ervicePac k File s 2009-02-01 12:31 . 2009-02-01 12:31 <REP> d-------- c:\window s \EHome 2009-01-25 19:43 . 2009-01-14 16:11 38,496 --a------ c:\window s \ s y s tem32\driver s \mbam s wi s s army. s y s 2009-01-25 18:30 . 2009-02-03 07:37 4,321 --a------ c:\window s \p3.htm 2009-01-25 18:28 . 2009-02-03 07:35 4,299 --a------ c:\window s \p2.htm 2009-01-25 18:26 . 2009-02-03 07:33 4,321 --a------ c:\window s \p1.htm 2009-01-10 11:08 . 2009-01-10 11:08 <REP> d-------- c:\program file s \Free Audio Pac k 2009-01-10 11:01 . 2009-01-10 11:01 <REP> d-------- c:\document s and s etting s \All U s er s \Application Data\TEMP 2009-01-10 11:01 . 2009-01-10 11:01 398 --a------ c:\window s \AudioConverter.INI 2009-01-10 08:55 . 2009-01-10 10:46 <REP> d-------- C:\AudioConverter 2009-01-10 08:54 . 2009-01-10 08:54 <REP> d-------- c:\program file s \ea s etech 2009-01-10 08:39 . 2009-01-10 08:39 <REP> d-------- c:\program file s \iPod 2009-01-10 08:38 . 2009-01-10 08:39 <REP> d-------- c:\program file s \iTune s 2009-01-10 08:38 . 2009-01-10 08:39 <REP> d-------- c:\document s and s etting s \All U s er s \Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-10 08:35 . 2009-01-10 08:36 <REP> d-------- c:\program file s \Quic k Time 2009-01-05 23:33 . 2009-01-05 23:33 3,751,995 --a------ c:\window s \ s y s tem32\GPhoto s . s cr 2009-01-03 09:36 . 2009-01-03 09:36 <REP> d-------- c:\window s \ s y s tem32\IO S UB S Y S . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-30 14:00 --------- d-----w c:\program file s \eMule 2009-01-25 18:43 --------- d-----w c:\program file s \Malwarebyte s ' Anti-Malware 2009-01-14 15:11 15,504 ----a-w c:\window s \ s y s tem32\driver s \mbam. s y s 2009-01-10 07:35 --------- d-----w c:\program file s \Fichier s commun s \Apple 2009-01-03 08:36 --------- d-----w c:\program file s \Google 2008-12-11 10:57 333,952 ----a-w c:\window s \ s y s tem32\driver s \ s rv. s y s 2005-12-28 18:42 56 -- s h--r c:\window s \ s y s tem32\36784046CF. s y s . ((((((((((((((((((((((((((((((((( Point s de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* le s é l é ment s vide s & le s é l é ment s initiaux l é gitime s ne s ont pa s li s t é s REGEDIT4 [H K EY_CURRENT_U S ER\ S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Run] "M s nM s gr"="c:\program file s \Window s Live\Me s s enger\M s nM s gr.Exe" [2007-10-18 5724184] "ctfmon.exe"="c:\window s \ s y s tem32\ctfmon.exe" [2008-04-14 15360] [H K EY_LOCAL_MACHINE\ S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Run] "IMJPMIG8.1"="c:\window s \IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "PHIME2002A S ync"="c:\window s \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\window s \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE" [2004-08-05 455168] " S unJavaUpdate S ched"="c:\program file s \Java\j2re1.4.2_05\bin\ju s ched.exe" [2004-06-03 32881] "PCM S ervice"="c:\app s \Powercinema\PCM S ervice.exe" [2004-10-08 81920] "ANIWZC S 2 S ervice"="c:\program file s \ANI\ANIWZC S 2 S ervice\WZC S LDR2.exe" [2005-10-19 49152] "HP S oftware Update"="c:\program file s \HP\HP S oftware Update\HPWu S chd2.exe" [2006-02-19 49152] "ava s t!"="c:\progra~1\ALWIL S ~1\Ava s t4\a s hDi s p.exe" [2008-11-26 81000] "zBrow s er Launcher"="c:\program file s \Logitech\iTouch\iTouch.exe" [2004-03-18 892928] "HPWirele s s "="c:\program file s \HP Wirele s s Adapter\HPWLAN.exe" [2006-10-04 618496] "Quic k Time Ta s k "="c:\program file s \Quic k Time\qtta s k .exe" [2008-11-04 413696] "iTune s Helper"="c:\program file s \iTune s \iTune s Helper.exe" [2008-11-20 290088] "VTTimer"="VTTimer.exe" [2004-03-26 c:\window s \ s y s tem32\VTTimer.exe] " S oundMan"=" S OUNDMAN.EXE" [2004-05-14 c:\window s \ S OUNDMAN.EXE] [H K EY_U S ER S \.DEFAULT\ S oftware\Micro s oft\Window s \CurrentVer s ion\Run] "CTFMON.EXE"="c:\window s \ s y s tem32\CTFMON.EXE" [2008-04-14 15360] c:\document s and s etting s \All U s er s \Menu D ‚ marrer\Programme s \D ‚ marrage\ D ‚ marrage rapide de HP Photo s mart Premier.ln k - c:\program file s \HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728] HP Digital Imaging Monitor.ln k - c:\program file s \HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472] Ni k e+ Utility.ln k - c:\program file s \Ni k e+ Utility\Ni k e+ Utility.exe [2008-04-30 1228800] Red ‚ marrer le ge s tionnaire de connexion.ln k - c:\program file s \HP Wirele s s Printer Adapter\ConnectMgr.exe [2008-06-08 1122304] [H K EY_LOCAL_MACHINE\ s oftware\micro s oft\ s hared tool s \m s config\ s tartupreg\!AVG Anti- S pyware] --a------ 2007-06-11 10:25 6731312 c:\program file s \Gri s oft\AVG Anti- S pyware 7.5\avga s .exe [H K EY_LOCAL_MACHINE\ s oftware\micro s oft\ s hared tool s \m s config\ s tartupreg\AirPort Ba s e S tation Agent] --a------ 2008-05-20 14:17 737280 c:\program file s \AirPort\APAgent.exe [H K EY_LOCAL_MACHINE\ s oftware\micro s oft\ s hared tool s \m s config\ s tartupreg\DAEMON Tool s Lite] --a------ 2008-03-21 09:30 486856 c:\program file s \DAEMON Tool s Lite\daemon.exe [H K EY_LOCAL_MACHINE\ s oftware\micro s oft\ s hared tool s \m s config\ s tartupreg\Google De s k top S earch] --a------ 2007-08-12 10:21 1838592 c:\program file s \Google\Google De s k top S earch\GoogleDe s k top.exe [H K EY_LOCAL_MACHINE\ s oftware\micro s oft\ s ecurity center\Monitoring\ S ymantecAntiViru s ] "Di s ableMonitoring"=dword:00000001 [H K EY_LOCAL_MACHINE\ s oftware\micro s oft\ s ecurity center\Monitoring\ S ymantecFirewall] "Di s ableMonitoring"=dword:00000001 [H K LM\~\ s ervice s \ s haredacce s s \parameter s \firewallpolicy\ s tandardprofile\AuthorizedApplication s \Li s t] "%ProgramFile s %\\AOL 9.0\\aol.exe"= "%ProgramFile s %\\UBI S OFT\\ S plinter Cell Pandora Tomorrow\\logo_ubi.exe"= "%ProgramFile s %\\UBI S OFT\\ S plinter Cell Pandora Tomorrow\\pandora.exe"= "%windir%\\ s y s tem32\\ s e s s mgr.exe"= "c:\\APP S \\Inventime\\my.exe"= "\\\\Augu s tin-laptop\\Lecteur CD\\ s etup\\hpznet01.exe"= "\\\\Augu s tin-laptop\\Lecteur CD\\ s etup\\hponicif s 01.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpq s te08.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpo s fx08.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpo s id01.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpq s cnvw.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpq k ygrp.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program File s \\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program File s \\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpoew s 01.exe"= "c:\\Program File s \\HP\\Digital Imaging\\bin\\hpqnr s 08.exe"= "%windir%\\Networ k Diagno s tic\\xpnetdiag.exe"= "c:\\Program File s \\eMule\\emule.exe"= "c:\\Program File s \\AirPort\\APAgent.exe"= "c:\\Program File s \\Bonjour\\mDN S Re s ponder.exe"= "c:\\Program File s \\iTune s \\iTune s .exe"= "c:\\Program File s \\Window s Live\\Me s s enger\\m s nm s gr.exe"= "c:\\Program File s \\Window s Live\\Me s s enger\\livecall.exe"= [H K LM\~\ s ervice s \ s haredacce s s \parameter s \firewallpolicy\ s tandardprofile\GloballyOpenPort s \Li s t] "5353:UDP"= 5353:UDP:Bonjour "2766:UDP"= 2766:UDP:Window s Media Format S D K (iexplore.exe) "2767:UDP"= 2767:UDP:Window s Media Format S D K (iexplore.exe) "2780:UDP"= 2780:UDP:Window s Media Format S D K (iexplore.exe) R1 a s w S P;ava s t! S elf Protection;c:\window s \ s y s tem32\driver s \a s w S P. s y s [2009-01-10 111184] R2 a s wF s Bl k ;a s wF s Bl k ;c:\window s \ s y s tem32\driver s \a s wF s Bl k . s y s [2009-01-10 20560] R2 HPEAPP k t;Realte k EAPP k t Protocol(HP);c:\window s \ s y s tem32\driver s \HPEAPP k t. s y s [2008-06-08 68864] R3 hpnuh s t;HP NU S B Ho s t;c:\window s \ s y s tem32\driver s \hpnuh s t. s y s [2008-06-08 10752] R3 HPNUHUB;HP NU S B Hub;c:\window s \ s y s tem32\driver s \hpnuhub. s y s [2008-06-08 37120] R3 LCcfltr;Logitech U S B Filter Driver;c:\window s \ s y s tem32\driver s \LCcfltr. s y s [2008-03-29 14095] R3 RTLWU S B;Wirele s s Adapter;c:\window s \ s y s tem32\driver s \hpl8187. s y s [2008-06-08 189440] R3 S jyP k t; S jyP k t;c:\window s \ s y s tem32\driver s \ S jyP k t. s y s [2008-06-08 13532] S 3 fbxu s b;Carte r é s eau virtuelle FreeBox U S B;c:\window s \ s y s tem32\driver s \fbxu s b32. s y s [2005-10-26 21344] S 3 HPNUCMP;HP NU S B Compo s ite;c:\window s \ s y s tem32\driver s \hpnucmp. s y s [2008-06-08 11648] . Contenu du do s s ier 'T â che s planifi é e s ' 2009-02-02 c:\window s \Ta s k s \Apple S oftwareUpdate.job - c:\program file s \Apple S oftware Update\ S oftwareUpdate.exe [2008-07-30 11:34] 2005-08-15 c:\window s \Ta s k s \Rappel d'enregi s trement 2.job - c:\window s \ s y s tem32\OOBE\oobebaln.exe [2008-04-14 03:34] 2005-08-15 c:\window s \Ta s k s \Rappel d'enregi s trement 3.job - c:\window s \ s y s tem32\OOBE\oobebaln.exe [2008-04-14 03:34] 2009-02-03 c:\window s \Ta s k s \RegCure Program Chec k .job - c:\program file s \RegCure\RegCure.exe [2008-04-21 22:21] 2009-01-29 c:\window s \Ta s k s \RegCure.job - c:\program file s \RegCure\RegCure.exe [2008-04-21 22:21] . - - - - ORPHELIN S S UPPRIME S - - - - M S Config S tartUp-Pica s a Media Detector - c:\program file s \Pica s a2\Pica s aMediaDetector.exe . ------- Examen s uppl é mentaire ------- . u S tart Page = hxxp://www.google.fr/ uDefault_ S earch_URL = hxxp://www.google.com/ie u S earchMigratedDefaultURL = hxxp:// s earch.yahoo.com/ s earch?p={ s earchTerm s }&ei=utf-8&fr=b1ie7 uInternet Connection Wizard, S hellNext = hxxp://www.hotmail.com/ uInternet S etting s ,ProxyOverride = *.local u S earchURL,(Default) = hxxp://www.google.com/ s earch?q=% s IE: Add to Google Photo s S creen s a&ver - c:\window s \ s y s tem32\GPhoto s . s cr/200 IE: E&xporter ver s Micro s oft Excel - c:\progra~1\MICRO S ~3\OFFICE11\EXCEL.EXE/3000 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/ s can_fr/ s can8/o s can8.cab . ************************************************************************** catchme 0.3.1367 W2 K /XP/Vi s ta - root k it/ s tealth malware detector by Gmer, http://www.gmer.net Root k it s can 2009-02-03 20:27:38 Window s 5.1.2600 S ervice Pac k 3 NTF S Recherche de proce s s u s cach é s ... Recherche d' é l é ment s en d é marrage automatique cach é s ... Recherche de fichier s cach é s ... S can termin é avec s ucc è s Fichier s cach é s : 0 ************************************************************************** [H K EY_LOCAL_MACHINE\ S y s tem\Control S et001\ S ervice s \My s qlInventime] "ImagePath"="c:\my s ql\bin\my s qld-nt My s qlInventime" . --------------------- CLE S DE REGI S TRE BLOQUEE S --------------------- [H K EY_LOCAL_MACHINE\ s oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\U s erData\Local S y s tem\Component s \ Ø • € | ÿ ÿ ÿ ÿ • € | ù • 9~*] "C040211900063D11C8EF10054038389C"="C?\\WINDOW S \\ s y s tem32\\FM20ENU.DLL" . ------------------------ Autre s proce s s u s actif s ------------------------ . c:\program file s \Alwil S oftware\Ava s t4\a s wUpd S v.exe c:\program file s \Alwil S oftware\Ava s t4\a s h S erv.exe c:\program file s \Fichier s commun s \Apple\Mobile Device S upport\bin\AppleMobileDevice S ervice.exe c:\program file s \Gri s oft\AVG Anti- S pyware 7.5\guard.exe c:\program file s \Bonjour\mDN S Re s ponder.exe c:\window s \ s y s tem32\wdfmgr.exe c:\program file s \Alwil S oftware\Ava s t4\a s hMai S v.exe c:\program file s \Alwil S oftware\Ava s t4\a s hWeb S v.exe c:\program file s \HP\Digital Imaging\bin\hpqnr s 08.exe c:\program file s \iPod\bin\iPod S ervice.exe c:\program file s \HP\Digital Imaging\bin\hpqimzone.exe c:\program file s \HP\Digital Imaging\bin\hpq s te08.exe . ************************************************************************** . Heure de fin: 2009-02-03 20:32:55 - La machine a red é marr é ComboFix-quarantined-file s .txt 2009-02-03 19:32:51 Avant-CF: 5 262 278 656 octet s libre s Apr è s -CF: 5,191,585,792 octet s libre s 206 --- E O F --- 2009-02-03 05:11:31 j'ai pas sauvé le rapport Kapersky... il a enlevé un ver qui trainait dans un webserver.exe si mes souvenirs sont bons En tout cas, les fenêtres ne s'ouvrent plus... par contre j'ai une erreur au démarrage que je vais essayer de traiter ce soir. Merci beaucoup pour ton aide Angélique. Augustin
- le 5 février 2009
- 7 réponses
"Virus" p1.htm p2.htm p3.htm

augustin.blanc a répondu à un(e) sujet de augustin.blanc dans Analyses et éradication malwares

Merci Angélique. Je vais pas avoir le temps de faire tout ça avant de partir au boulot... je ferais ça ce soir. Augustin
- le 3 février 2009
- 7 réponses
"Virus" p1.htm p2.htm p3.htm

augustin.blanc a répondu à un(e) sujet de augustin.blanc dans Analyses et éradication malwares

Merci Angélique de t'occuper de mon cas. J'ai fait ce que tu avais dit... voilà le rapport SDFix : S DFix: Ver s ion 1.240 Run by Admini s trateur on 02/02/2009 at 19:40 Micro s oft Window s XP [ver s ion 5.1.2600] Running From: C:\ S DFix Chec k ing S ervice s : Re s toring Default S ecurity Value s Re s toring Default Ho s t s File Rebooting Chec k ing File s : No Trojan File s Found Removing Temp File s AD S Chec k : Final Chec k : catchme 0.3.1361.2 W2 K /XP/Vi s ta - root k it/ s tealth malware detector by Gmer, http://www.gmer.net Root k it s can 2009-02-02 20:05:18 Window s 5.1.2600 S ervice Pac k 3 NTF S s canning hidden proce s s e s ... s canning hidden s ervice s & s y s tem hive ... [H K EY_LOCAL_MACHINE\ S Y S TEM\CurrentControl S et\ S ervice s \ s ptd\Cfg] " s 1"=dword:2df9c43f " s 2"=dword:110480d0 "h0"=dword:00000001 [H K EY_LOCAL_MACHINE\ S Y S TEM\CurrentControl S et\ S ervice s \ s ptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program File s \DAEMON Tool s Lite\" "h0"=dword:00000000 " k hjeh"=hex:4a,92,98,a3,c0,c5,69,ff,20,69,4e,b8,20,61,13,b8,a4,b0,fc,33,27,.. [H K EY_LOCAL_MACHINE\ S Y S TEM\CurrentControl S et\ S ervice s \ s ptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,49,54,91,60,87,ae,9e,0c,61,e7,1e,31,77,07,96,1d,7f,.. " k hjeh"=hex:28,7a,6c,b4,db,f9,cb,7a,2d,c1,61,2a,ae,8c,b5,2a,0d,28,61,b8,61,.. [H K EY_LOCAL_MACHINE\ S Y S TEM\CurrentControl S et\ S ervice s \ s ptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] " k hjeh"=hex:59,75,31,09,eb,f9,4c,d6,dc,e8,28,e0,13,70,f1,d8,bd,08,67,75,ee,.. [H K EY_LOCAL_MACHINE\ S Y S TEM\Control S et002\ S ervice s \ s ptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program File s \DAEMON Tool s Lite\" "h0"=dword:00000000 " k hjeh"=hex:4a,92,98,a3,c0,c5,69,ff,20,69,4e,b8,20,61,13,b8,a4,b0,fc,33,27,.. [H K EY_LOCAL_MACHINE\ S Y S TEM\Control S et002\ S ervice s \ s ptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,49,54,91,60,87,ae,9e,0c,61,e7,1e,31,77,07,96,1d,7f,.. " k hjeh"=hex:28,7a,6c,b4,db,f9,cb,7a,2d,c1,61,2a,ae,8c,b5,2a,0d,28,61,b8,61,.. [H K EY_LOCAL_MACHINE\ S Y S TEM\Control S et002\ S ervice s \ s ptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] " k hjeh"=hex:59,75,31,09,eb,f9,4c,d6,dc,e8,28,e0,13,70,f1,d8,bd,08,67,75,ee,.. [H K EY_LOCAL_MACHINE\ S Y S TEM\Control S et003\ S ervice s \ s ptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program File s \DAEMON Tool s Lite\" "h0"=dword:00000000 " k hjeh"=hex:4a,92,98,a3,c0,c5,69,ff,20,69,4e,b8,20,61,13,b8,a4,b0,fc,33,27,.. [H K EY_LOCAL_MACHINE\ S Y S TEM\Control S et003\ S ervice s \ s ptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,49,54,91,60,87,ae,9e,0c,61,e7,1e,31,77,07,96,1d,7f,.. " k hjeh"=hex:28,7a,6c,b4,db,f9,cb,7a,2d,c1,61,2a,ae,8c,b5,2a,0d,28,61,b8,61,.. [H K EY_LOCAL_MACHINE\ S Y S TEM\Control S et003\ S ervice s \ s ptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] " k hjeh"=hex:59,75,31,09,eb,f9,4c,d6,dc,e8,28,e0,13,70,f1,d8,bd,08,67,75,ee,.. s canning hidden regi s try entrie s ... s canning hidden file s ... s can completed s ucce s s fully hidden proce s s e s : 0 hidden s ervice s : 0 hidden file s : 0 Remaining S ervice s : Authorized Application K ey Export: [H K EY_LOCAL_MACHINE\ s y s tem\currentcontrol s et\ s ervice s \ s haredacce s s \parameter s \firewallpolicy\ s tandardprofile\authorizedapplication s \li s t] "%ProgramFile s %\\AOL 9.0\\aol.exe"="%ProgramFile s %\\AOL 9.0\\aol.exe:*:Enabled:AOL" "%ProgramFile s %\\UBI S OFT\\ S plinter Cell Pandora Tomorrow\\logo_ubi.exe"="%ProgramFile s %\\UBI S OFT\\ S plinter Cell Pandora Tomorrow\\logo_ubi.exe:*:Enabled: S PLINTER CELL PANDORA" "%ProgramFile s %\\UBI S OFT\\ S plinter Cell Pandora Tomorrow\\pandora.exe"="%ProgramFile s %\\UBI S OFT\\ S plinter Cell Pandora Tomorrow\\pandora.exe:*:Enabled:PANDORA" "%windir%\\ s y s tem32\\ s e s s mgr.exe"="%windir%\\ s y s tem32\\ s e s s mgr.exe:*:enabled:@xp s p2re s .dll,-22019" "C:\\APP S \\Inventime\\my.exe"="C:\\APP S \\Inventime\\my.exe:*:Enabled:INVENTIME" "\\\\Augu s tin-laptop\\Lecteur CD\\ s etup\\hpznet01.exe"="\\\\Augu s tin-laptop\\Lecteur CD\\ s etup\\hpznet01.exe:*:Enabled:hpznet01.exe" "\\\\Augu s tin-laptop\\Lecteur CD\\ s etup\\hponicif s 01.exe"="\\\\Augu s tin-laptop\\Lecteur CD\\ s etup\\hponicif s 01.exe:*:Enabled:hponicif s 01.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpq s te08.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpq s te08.exe:*:Enabled:hpq s te08.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpo s fx08.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpo s fx08.exe:*:Enabled:hpo s fx08.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpo s id01.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpo s id01.exe:*:Enabled:hpo s id01.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpq s cnvw.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpq s cnvw.exe:*:Enabled:hpq s cnvw.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpq k ygrp.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpq k ygrp.exe:*:Enabled:hpq k ygrp.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program File s \\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program File s \\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program File s \\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program File s \\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpoew s 01.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpoew s 01.exe:*:Enabled:hpoew s 01.exe" "C:\\Program File s \\HP\\Digital Imaging\\bin\\hpqnr s 08.exe"="C:\\Program File s \\HP\\Digital Imaging\\bin\\hpqnr s 08.exe:*:Enabled:hpqnr s 08.exe" "%windir%\\Networ k Diagno s tic\\xpnetdiag.exe"="%windir%\\Networ k Diagno s tic\\xpnetdiag.exe:*:Enabled:@xp s p3re s .dll,-20000" "C:\\Program File s \\eMule\\emule.exe"="C:\\Program File s \\eMule\\emule.exe:*:Enabled:eMule" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\66exmdn k 44.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\66exmdn k 44.exe:*:Di s abled:66exmdn k 44" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\36exmdn k 44.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\36exmdn k 44.exe:*:Di s abled:36exmdn k 44" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\9exmdn k 44a.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\9exmdn k 44a.exe:*:Di s abled:9exmdn k 44a" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\78exmdn k 44b.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\78exmdn k 44b.exe:*:Di s abled:78exmdn k 44b" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\19exmdn k 45a.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\19exmdn k 45a.exe:*:Di s abled:19exmdn k 45a" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\4exmdn k 45a.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\4exmdn k 45a.exe:*:Di s abled:4exmdn k 45a" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\38exmdn k 45a.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\38exmdn k 45a.exe:*:Di s abled:38exmdn k 45a" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\33exmdn k 45a.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\33exmdn k 45a.exe:*:Di s abled:33exmdn k 45a" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\26exmdn k 45a.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\26exmdn k 45a.exe:*:Di s abled:26exmdn k 45a" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\14exmdn k 45a.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\14exmdn k 45a.exe:*:Di s abled:14exmdn k 45a" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\47exmdn k 46.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\47exmdn k 46.exe:*:Di s abled:47exmdn k 46" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\91exmdn k 46.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\91exmdn k 46.exe:*:Di s abled:91exmdn k 46" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\95exmdn k 46.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\95exmdn k 46.exe:*:Di s abled:95exmdn k 46" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\77exmdn k 46.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\77exmdn k 46.exe:*:Di s abled:77exmdn k 46" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\37exmdn k 46.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\37exmdn k 46.exe:*:Di s abled:37exmdn k 46" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\63exmdn k 46.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\63exmdn k 46.exe:*:Di s abled:63exmdn k 46" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\68exmdn k 46.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\68exmdn k 46.exe:*:Di s abled:68exmdn k 46" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\65exmdn k 50.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\65exmdn k 50.exe:*:Di s abled:65exmdn k 50" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\49exmdn k 50.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\49exmdn k 50.exe:*:Di s abled:49exmdn k 50" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\93exmdn k 50.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\93exmdn k 50.exe:*:Di s abled:93exmdn k 50" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\29exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\29exmdn k 54.exe:*:Di s abled:29exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\87exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\87exmdn k 54.exe:*:Di s abled:87exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\10exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\10exmdn k 54.exe:*:Di s abled:10exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\67exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\67exmdn k 54.exe:*:Di s abled:67exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\42exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\42exmdn k 54.exe:*:Di s abled:42exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\8exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\8exmdn k 54.exe:*:Di s abled:8exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\56exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\56exmdn k 54.exe:*:Di s abled:56exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\92exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\92exmdn k 54.exe:*:Di s abled:92exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\90exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\90exmdn k 54.exe:*:Di s abled:90exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\78exmdn k 54.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\78exmdn k 54.exe:*:Di s abled:78exmdn k 54" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\0exmdn k 56.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\0exmdn k 56.exe:*:Di s abled:0exmdn k 56" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\69exmdn k 56.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\69exmdn k 56.exe:*:Di s abled:69exmdn k 56" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\95exmdn k 56.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\95exmdn k 56.exe:*:Di s abled:95exmdn k 56" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\16exmdn k 56.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\16exmdn k 56.exe:*:Di s abled:16exmdn k 56" "C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\92exmdn k 56.exe"="C:\\Document s and S etting s \\delphine\\Local S etting s \\Temp\\92exmdn k 56.exe:*:Di s abled:92exmdn k 56" "C:\\Program File s \\AirPort\\APAgent.exe"="C:\\Program File s \\AirPort\\APAgent.exe:*:Enabled:APAgent" "C:\\Program File s \\Bonjour\\mDN S Re s ponder.exe"="C:\\Program File s \\Bonjour\\mDN S Re s ponder.exe:*:Enabled:Bonjour" "C:\\Program File s \\iTune s \\iTune s .exe"="C:\\Program File s \\iTune s \\iTune s .exe:*:Enabled:iTune s " "C:\\Program File s \\Window s Live\\Me s s enger\\m s nm s gr.exe"="C:\\Program File s \\Window s Live\\Me s s enger\\m s nm s gr.exe:*:Enabled:Window s Live Me s s enger" "C:\\Program File s \\Window s Live\\Me s s enger\\livecall.exe"="C:\\Program File s \\Window s Live\\Me s s enger\\livecall.exe:*:Enabled:Window s Live Me s s enger (Phone)" [H K EY_LOCAL_MACHINE\ s y s tem\currentcontrol s et\ s ervice s \ s haredacce s s \parameter s \firewallpolicy\domainprofile\authorizedapplication s \li s t] "%windir%\\ s y s tem32\\ s e s s mgr.exe"="%windir%\\ s y s tem32\\ s e s s mgr.exe:*:enabled:@xp s p2re s .dll,-22019" "%windir%\\Networ k Diagno s tic\\xpnetdiag.exe"="%windir%\\Networ k Diagno s tic\\xpnetdiag.exe:*:Enabled:@xp s p3re s .dll,-20000" "C:\\Program File s \\Window s Live\\Me s s enger\\m s nm s gr.exe"="C:\\Program File s \\Window s Live\\Me s s enger\\m s nm s gr.exe:*:Enabled:Window s Live Me s s enger" "C:\\Program File s \\Window s Live\\Me s s enger\\livecall.exe"="C:\\Program File s \\Window s Live\\Me s s enger\\livecall.exe:*:Enabled:Window s Live Me s s enger (Phone)" Remaining File s : File s with Hidden Attribute s : Wed 2 Feb 2005 215 A. S HR --- "C:\BOOT.BA K " Wed 28 Dec 2005 56 .. S HR --- "C:\WINDOW S \ s y s tem32\36784046CF. s y s " S at 26 Jan 2008 6,219,320 A..H. --- "C:\Bac k up Gho s t\Program File s \Pica s a2\ s etup.exe" S un 4 Mar 2007 468,787 .. S H. --- "C:\Bac k up Gho s t\WINDOW S \ s y s tem32\qrqru.ba k 1" Mon 12 Mar 2007 616,448 A. S H. --- "C:\Bac k up Gho s t\WINDOW S \Temp\hrbadm0i.TMP" S un 6 Apr 2008 4,348 .. S H. --- "C:\Document s and S etting s \All U s er s \DRM\DRMv1.ba k " Thu 29 Jan 2009 9,934,392 A..H. --- "C:\Program File s \Google\Pica s a3\ s etup.exe" Tue 23 Oct 2007 584 A..H. --- "C:\Program File s \InterActual\InterActual Player\iti50.tmp" S at 8 Jul 2006 4,348 A. S H. --- "C:\Bac k up Gho s t\Document s and S etting s \All U s er s \DRM\DRMv1.ba k " Mon 13 Nov 2006 0 A. S H. --- "C:\Bac k up Gho s t\Document s and S etting s \All U s er s \DRM\Cache\Indiv01.tmp" S un 30 S ep 2007 0 A..H. --- "C:\Bac k up Gho s t\WINDOW S \ S oftwareDi s tribution\Download\12bb35ec2265dce083ec92c86f1e1ffc\BIT5.tmp" S un 30 S ep 2007 0 A..H. --- "C:\Bac k up Gho s t\WINDOW S \ S oftwareDi s tribution\Download\1db9e52f9e862450a2af87f2f5a16dbc\BIT4.tmp" S un 30 S ep 2007 0 A..H. --- "C:\Bac k up Gho s t\WINDOW S \ S oftwareDi s tribution\Download\2beb5c1d00b4ac7c5cbc5be7194a21c2\BIT2.tmp" Mon 31 Dec 2007 0 A..H. --- "C:\Bac k up Gho s t\WINDOW S \ S oftwareDi s tribution\Download\3baf18ad8b1aef3a4fc43c15f7b3a2c9\BIT2.tmp" Mon 31 Dec 2007 0 A..H. --- "C:\Bac k up Gho s t\WINDOW S \ S oftwareDi s tribution\Download\771350e502329b319ea4189fe126f571\BIT1.tmp" S un 30 S ep 2007 0 A..H. --- "C:\Bac k up Gho s t\WINDOW S \ S oftwareDi s tribution\Download\925da4180c37428c7fc37822f170a5da\BIT3.tmp" S un 30 S ep 2007 0 A..H. --- "C:\Bac k up Gho s t\WINDOW S \ S oftwareDi s tribution\Download\cf7ced0e70c80a1e476f1abf49afecb1\BIT1.tmp" Fini s hed! et le rapport HijackThis Logfile of Trend Micro Hijac k Thi s v2.0.2 S can s aved at 20:16:33, on 02/02/2009 Platform: Window s XP S P3 (WinNT 5.01.2600) M S IE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running proce s s e s : C:\WINDOW S \ S y s tem32\ s m s s .exe C:\WINDOW S \ s y s tem32\winlogon.exe C:\WINDOW S \ s y s tem32\ s ervice s .exe C:\WINDOW S \ s y s tem32\l s a s s .exe C:\WINDOW S \ s y s tem32\ s vcho s t.exe C:\WINDOW S \ S y s tem32\ s vcho s t.exe C:\WINDOW S \Explorer.EXE C:\Program File s \Alwil S oftware\Ava s t4\a s wUpd S v.exe C:\Program File s \Alwil S oftware\Ava s t4\a s h S erv.exe C:\WINDOW S \ s y s tem32\ s pool s v.exe C:\Program File s \Fichier s commun s \Apple\Mobile Device S upport\bin\AppleMobileDevice S ervice.exe C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\guard.exe C:\Program File s \Bonjour\mDN S Re s ponder.exe C:\WINDOW S \ s y s tem32\ s l s erv.exe C:\WINDOW S \ s y s tem32\ s vcho s t.exe C:\Program File s \Alwil S oftware\Ava s t4\a s hMai S v.exe C:\Program File s \Alwil S oftware\Ava s t4\a s hWeb S v.exe C:\WINDOW S \ s y s tem32\notepad.exe C:\WINDOW S \ s y s tem32\VTTimer.exe C:\WINDOW S \ S OUNDMAN.EXE C:\Program File s \Java\j2re1.4.2_05\bin\ju s ched.exe C:\App s \Powercinema\PCM S ervice.exe C:\Program File s \HP\HP S oftware Update\HPWu S chd2.exe C:\PROGRA~1\ALWIL S ~1\Ava s t4\a s hDi s p.exe C:\Program File s \Logitech\iTouch\iTouch.exe C:\Program File s \HP Wirele s s Adapter\HPWLAN.exe C:\Program File s \iTune s \iTune s Helper.exe C:\WINDOW S \ s y s tem32\L S HPRN.EXE C:\Program File s \Window s Live\Me s s enger\M s nM s gr.Exe C:\WINDOW S \ s y s tem32\ctfmon.exe C:\Program File s \HP\Digital Imaging\bin\hpqtra08.exe C:\Program File s \Ni k e+ Utility\Ni k e+ Utility.exe C:\Program File s \HP Wirele s s Printer Adapter\ConnectMgr.exe C:\Program File s \iPod\bin\iPod S ervice.exe C:\Program File s \HP\Digital Imaging\bin\hpqnr s 08.exe C:\Program File s \HP\Digital Imaging\bin\hpqimzone.exe C:\Program File s \HP\Digital Imaging\bin\hpq S TE08.exe C:\Program File s \Internet Explorer\iexplore.exe C:\Program File s \Fichier s commun s \Micro s oft S hared\Window s Live\WLLoginProxy.exe C:\Program File s \Internet Explorer\iexplore.exe C:\Program File s \Trend Micro\Hijac k Thi s \Hijac k Thi s .exe C:\WINDOW S \ s y s tem32\HPZinw12.exe R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://www.google.fr/ R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_Page_URL = http://go.micro s oft.com/fwlin k /?Lin k Id=69157 R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_ S earch_URL = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S earch Page = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R0 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://go.micro s oft.com/fwlin k /?Lin k Id=69157 R1 - H K CU\ S oftware\Micro s oft\Internet Connection Wizard, S hellNext = http://www.hotmail.com/ R1 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main,Window Title = Pac k ard Bell R1 - H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Internet S etting s ,ProxyOverride = *.local R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Toolbar,Lin k s FolderName = Lien s O2 - BHO: AcroIEHlprObj Cla s s - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program File s \Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'A s s i s tant de connexion Window s Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program File s \Fichier s commun s \Micro s oft S hared\Window s Live\Window s LiveLogin.dll O2 - BHO: S T - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program File s \M S N App s \ S T\01.03.0000.1005\en-xu\ s tmain.dll O2 - BHO: M S NToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program File s \M S N App s \M S N Toolbar\M S N Toolbar\01.02.5000.1021\fr\m s ntb.dll O3 - Toolbar: M S N - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program File s \M S N App s \M S N Toolbar\M S N Toolbar\01.02.5000.1021\fr\m s ntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program File s \Yahoo!\Companion\In s tall s \cpn\yt.dll O4 - H K LM\..\Run: [iMJPMIG8.1] "C:\WINDOW S \IME\imjp8_1\IMJPMIG.EXE" / S poil /RemAdvDef /Migration32 O4 - H K LM\..\Run: [PHIME2002A S ync] C:\WINDOW S \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE / S YNC O4 - H K LM\..\Run: [PHIME2002A] C:\WINDOW S \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE /IMEName O4 - H K LM\..\Run: [VTTimer] VTTimer.exe O4 - H K LM\..\Run: [ s oundMan] S OUNDMAN.EXE O4 - H K LM\..\Run: [ s unJavaUpdate S ched] C:\Program File s \Java\j2re1.4.2_05\bin\ju s ched.exe O4 - H K LM\..\Run: [PCM S ervice] "c:\App s \Powercinema\PCM S ervice.exe" O4 - H K LM\..\Run: [ANIWZC S 2 S ervice] C:\Program File s \ANI\ANIWZC S 2 S ervice\WZC S LDR2.exe O4 - H K LM\..\Run: [HP S oftware Update] C:\Program File s \HP\HP S oftware Update\HPWu S chd2.exe O4 - H K LM\..\Run: [ava s t!] C:\PROGRA~1\ALWIL S ~1\Ava s t4\a s hDi s p.exe O4 - H K LM\..\Run: [zBrow s er Launcher] C:\Program File s \Logitech\iTouch\iTouch.exe O4 - H K LM\..\Run: [HPWirele s s ] "C:\Program File s \HP Wirele s s Adapter\HPWLAN.exe" O4 - H K LM\..\Run: [Quic k Time Ta s k ] "C:\Program File s \Quic k Time\qtta s k .exe" -atboottime O4 - H K LM\..\Run: [iTune s Helper] "C:\Program File s \iTune s \iTune s Helper.exe" O4 - H K LM\..\Run: [Printer S ecurityLayer] C:\WINDOW S \ s y s tem32\L S HPRN.EXE O4 - H K CU\..\Run: [M s nM s gr] "C:\Program File s \Window s Live\Me s s enger\M s nM s gr.Exe" /bac k ground O4 - H K CU\..\Run: [ctfmon.exe] C:\WINDOW S \ s y s tem32\ctfmon.exe O4 - H K U S \ S -1-5-19\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er ' S ERVICE LOCAL') O4 - H K U S \ S -1-5-20\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er ' S ERVICE R É S EAU') O4 - H K U S \ S -1-5-18\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er ' S Y S TEM') O4 - H K U S \.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er 'Default u s er') O4 - Global S tartup: D é marrage rapide de HP Photo s mart Premier.ln k = C:\Program File s \HP\Digital Imaging\bin\hpqthb08.exe O4 - Global S tartup: HP Digital Imaging Monitor.ln k = C:\Program File s \HP\Digital Imaging\bin\hpqtra08.exe O4 - Global S tartup: Ni k e+ Utility.ln k = C:\Program File s \Ni k e+ Utility\Ni k e+ Utility.exe O4 - Global S tartup: Red é marrer le ge s tionnaire de connexion.ln k = ? O6 - H K LM\ S oftware\Policie s \Micro s oft\Internet Explorer\Re s triction s pre s ent O8 - Extra context menu item: Add to Google Photo s S creen s a&ver - re s ://C:\WINDOW S \ s y s tem32\GPhoto s . s cr/200 O8 - Extra context menu item: E&xporter ver s Micro s oft Excel - re s ://C:\PROGRA~1\MICRO S ~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tool s ' menuitem: Con s ole Java ( S un) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program File s \Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOW S \bdo s candel.exe O9 - Extra 'Tool s ' menuitem: Unin s tall BitDefender Online S canner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOW S \bdo s candel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICRO S ~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOW S \ s y s tem32\ S hdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOW S \Networ k Diagno s tic\xpnetdiag.exe O9 - Extra 'Tool s ' menuitem: @xp s p3re s .dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOW S \Networ k Diagno s tic\xpnetdiag.exe O9 - Extra button: Me s s enger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program File s \Me s s enger\m s m s g s .exe O9 - Extra 'Tool s ' menuitem: Window s Me s s enger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program File s \Me s s enger\m s m s g s .exe O14 - IERE S ET.INF: S TART_PAGE_URL=file://C:\APP S \IE\offline\fr.htm O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (M S N Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/re s ource s /M S NPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BD S CANONLINE Control) - http://www.bitdefender.fr/ s can_fr/ s can8/o s can8.cab O20 - AppInit_DLL s : C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - S ervice: ANIWZC S d S ervice (ANIWZC S d S ervice) - Alpha Networ k s Inc. - C:\Program File s \ANI\ANIWZC S 2 S ervice\ANIWZC S d S .exe O23 - S ervice: Apple Mobile Device - Apple Inc. - C:\Program File s \Fichier s commun s \Apple\Mobile Device S upport\bin\AppleMobileDevice S ervice.exe O23 - S ervice: ava s t! iAV S 4 Control S ervice (a s wUpd S v) - ALWIL S oftware - C:\Program File s \Alwil S oftware\Ava s t4\a s wUpd S v.exe O23 - S ervice: ava s t! Antiviru s - ALWIL S oftware - C:\Program File s \Alwil S oftware\Ava s t4\a s h S erv.exe O23 - S ervice: ava s t! Mail S canner - ALWIL S oftware - C:\Program File s \Alwil S oftware\Ava s t4\a s hMai S v.exe O23 - S ervice: ava s t! Web S canner - ALWIL S oftware - C:\Program File s \Alwil S oftware\Ava s t4\a s hWeb S v.exe O23 - S ervice: AVG Anti- S pyware Guard - GRI S OFT s .r.o. - C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\guard.exe O23 - S ervice: S ervice Bonjour (Bonjour S ervice) - Apple Inc. - C:\Program File s \Bonjour\mDN S Re s ponder.exe O23 - S ervice: GoogleDe s k topManager - Google - C:\Program File s \Google\Google De s k top S earch\GoogleDe s k top.exe O23 - S ervice: Google Updater S ervice (gu s vc) - Google - C:\Program File s \Google\Common\Google Updater\GoogleUpdater S ervice.exe O23 - S ervice: HP Port Re s olver - Hewlett-Pac k ard Company - C:\WINDOW S \ s y s tem32\ s pool\driver s \w32x86\3\HPBPRO.EXE O23 - S ervice: HP S tatu s S erver - Hewlett-Pac k ard Company - C:\WINDOW S \ s y s tem32\ s pool\driver s \w32x86\3\HPBOID.EXE O23 - S ervice: In s tallDriver Table Manager (IDriverT) - Macrovi s ion Corporation - C:\Program File s \Fichier s commun s \In s tall S hield\Driver\11\Intel 32\IDriverT.exe O23 - S ervice: S ervice de l ’ iPod (iPod S ervice) - Apple Inc. - C:\Program File s \iPod\bin\iPod S ervice.exe O23 - S ervice: My s qlInventime - Un k nown owner - c:\my s ql\bin\my s qld-nt.exe O23 - S ervice: Pml Driver HPZ12 - HP - C:\WINDOW S \ s y s tem32\HPZipm12.exe O23 - S ervice: S martLin k S ervice ( S L S ervice) - - C:\WINDOW S \ S Y S TEM32\ s l s erv.exe -- End of file - 9948 byte s Pour l'instant, les pages s'ouvrent toujours toutes seules
- le 2 février 2009
- 7 réponses
"Virus" p1.htm p2.htm p3.htm

augustin.blanc a posté un sujet dans Analyses et éradication malwares

Bonjour à tous, je fais appel à vous aujourd'hui parce que depuis maintenant plusieurs jours mon PC ouvre tout seul des pages IE qui pointent sur - C:\WINDOWS\p1.htm - C:\WINDOWS\p2.htm - C:\WINDOWS\p3.htm Ces pages sont bloquées par IE mais c'est penible... il s'en ouvre à peu prêt une toutes les 30 secondes. J'ai scanner avec AVAST (je sais... ça ne me protège pas ) avec Anti-Malware mais rien n'y fait. Je vous poste le rapport HijackThis et suis à l'écoute de tous vos bons conseils... merci d'avance : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:53:50, on 02/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\HP Wireless Adapter\HPWLAN.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\LSHPRN.EXE C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Nike+ Utility\Nike+ Utility.exe C:\Program Files\HP Wireless Printer Adapter\ConnectMgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Commun\Logiciels\HiJackThis.exe C:\WINDOWS\system32\HPZinw12.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hotmail.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: HP3EC661 HP001CC43EC661 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [devenv] C:\WINDOWS\system\smvss.exe /w O4 - HKLM\..\Run: [HPWireless] "C:\Program Files\HP Wireless Adapter\HPWLAN.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PrinterSecurityLayer] C:\WINDOWS\system32\LSHPRN.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Nike+ Utility.lnk = C:\Program Files\Nike+ Utility\Nike+ Utility.exe O4 - Global Startup: Redémarrer le gestionnaire de connexion.lnk = ? O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 10065 bytes
- le 2 février 2009
- 7 réponses

Connexion

augustin.blanc

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par augustin.blanc

"Virus" p1.htm p2.htm p3.htm

"Virus" p1.htm p2.htm p3.htm

"Virus" p1.htm p2.htm p3.htm

"Virus" p1.htm p2.htm p3.htm

Zebulon

Outils en ligne

Naviguer