PC infecté

Concerne vos problèmes de virus, troyens, Hijacks, barres de recherche. Analyse de votre PC et éradication de virus.
Seules les personnes habilitées par l'administration peuvent aider et participer aux réponses dans ce forum.

Modérateurs: Marie, Super Modérateur

Règles du forum
.
Merci de consulter la charte du forum avant de poster.
Rappel : Le langage SMS n'est pas toléré sur ce forum. Les demandes d'aide écrites en SMS ou formulées dans un français trop approximatif ne seront pas traitées.

Seuls MoJac, Marie, TopXM et jjcojax sont autorisés à répondre sur ce forum.

PC infecté

Messagepar herbalau » 18 Aoû 2008, 22:07

Hello,
Voici le rapport de Hijack. En espérant que vous pourrez m'aider à nettoyer mon PC ...

Cordialement

Laurent

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:01:05, on 18/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\a-squared Anti-Malware\a2service.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
E:\WINDOWS\system32\CTsvcCDA.exe
E:\WINDOWS\System32\FTRTSVC.exe
E:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
E:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
E:\WINDOWS\system32\LVCOMSX.EXE
E:\Program Files\Logitech\Video\LogiTray.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\a-squared Anti-Malware\a2guard.exe
E:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Logitech\Video\FxSvr2.exe
E:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
E:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Palm\Hotsync.exe
E:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
E:\WINDOWS\System32\alg.exe
E:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
E:\Program Files\Nikon\PictureProject\NkbMonitor.exe
E:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
E:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
E:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
E:\PROGRA~1\Wanadoo\ComComp.exe
E:\PROGRA~1\Wanadoo\Toaster.exe
E:\WINDOWS\System32\svchost.exe
E:\PROGRA~1\Wanadoo\Inactivity.exe
E:\PROGRA~1\Wanadoo\PollingModule.exe
E:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
E:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
E:\PROGRA~1\Wanadoo\Watch.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - E:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - E:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - E:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "E:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "E:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [WOOWATCH] E:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SMSTray] E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Flash Media] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Easy PDF Creator] E:\Program Files\Easy PDF Creator\EasyPDFCreator.exe
O4 - HKLM\..\Run: [CanalPlayerHelper] E:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
O4 - HKLM\..\Run: [a-squared] "E:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [E06FXLRD_1437867] "E:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] E:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "E:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [E06FXLRD_2682877] "E:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [CTSyncU.exe] "E:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] E:\Program Files\Video Access ActiveX Object\isamntr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BoontyBox 01net.lnk = E:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Global Startup: Acrobat Assistant.lnk = E:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = E:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = E:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = E:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Photo Express SE Calendar Checker.lnk = E:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
O4 - Global Startup: Watch.lnk = E:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
O4 - Global Startup: Windows Desktop Search.lnk = E:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://E:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - E:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5416072653
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photoservice.com/aurigma/ImageUploader4.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadManag ... ownMan.cab
O16 - DPF: {983AB2CC-3D50-11D9-ADFE-00062919A34C} (ActiveXUpload.UserCtrl) - http://www.photoservice.com/activeX/newUpload.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://zone.msn.com/bingame/fotg/defaul ... 0.0.37.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/ ... taller.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/ ... meHost.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Registe ... lashax.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.photoservice.com/telechargem ... oader4.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://bellerock.microgaming.com/freep ... ashAX2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{02575376-2A46-470A-B5CF-36FEDCE1F27E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{2EEA66D8-D733-4A4D-934C-C9444CB5888A}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{02575376-2A46-470A-B5CF-36FEDCE1F27E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{02575376-2A46-470A-B5CF-36FEDCE1F27E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - E:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Boonty Games - BOONTY - E:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: BvrpKrnl - Unknown owner - E:\Program Files\WinFax eXPert\BVRPKrnl.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - E:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - E:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - E:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Service CANALPLAY - Canal+ Active - E:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe

--
End of file - 17220 bytes


Le rapport de Panda:


;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-08-18 21:48:14
PROTECTIONS: 2
MALWARE: 59
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Norton Internet Security 2007 Yes Yes
Kaspersky Anti-Virus 8.0.0.454 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00034463 adware/wupd Adware No 0 Yes No hkey_classes_root\install.install
00034463 adware/wupd Adware No 0 Yes No hkey_classes_root\install.install.1
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@casalemedia[1].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@casalemedia[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Local Settings\Temp\Cookies\séverine@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@tradedoubler[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@tradedoubler[1].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@247realmedia[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@247realmedia[1].txt
00145453 Cookie/Bfast TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@bfast[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@fastclick[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@fastclick[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@tribalfusion[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@mediaplex[2].txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@linksynergy[2].txt
00149035 Cookie/Casinodelrio TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@casinodelrio[1].txt
00149046 Cookie/Casinotropez TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@casinotropez[2].txt
00149046 Cookie/Casinotropez TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@casinotropez[2].txt
00149064 Cookie/Maxserving TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@maxserving[1].txt
00149116 Cookie/Ccbill TrackingCookie No 0 Yes No E:\Documents and Settings\Papa\Cookies\papa@ccbill[1].txt
00159564 Cookie/WUpd TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@revenue[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@com[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@com[1].txt
00167647 Cookie/Yadro TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@yadro[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No E:\Documents and Settings\Papa\Cookies\papa@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@xiti[1].txt
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No E:\Documents and Settings\Papa\Cookies\papa@fe.lea.lycos[1].txt
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@fe.lea.lycos[1].txt
00167726 Cookie/Tickle TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@tickle[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@statcounter[2].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@statcounter[1].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@perf.overture[1].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@perf.overture[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@ad.yieldmanager[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@ad.yieldmanager[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@apmebf[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@apmebf[2].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@burstnet[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@serving-sys[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@serving-sys[3].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@bs.serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@bs.serving-sys[2].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@888[1].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@888[1].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@www.burstbeacon[1].txt
00168102 Cookie/Falkag TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@as1.falkag[2].txt
00168102 Cookie/Falkag TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@as1.falkag[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Papa\Cookies\papa@weborama[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@weborama[2].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@adtech[2].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@adtech[2].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@fl01.ct2.comclick[2].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@fl01.ct2.comclick[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@advertising[2].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@adrevolver[1].txt
00170087 Cookie/Hbmediapro TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@adopt.hbmediapro[2].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@statse.webtrendslive[1].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@statse.webtrendslive[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@ads.pointroll[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@overture[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@overture[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No E:\Documents and Settings\Papa\Cookies\papa@overture[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@questionmarket[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@zedo[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@zedo[2].txt
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@metriweb[1].txt
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@metriweb[1].txt
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Local Settings\Temp\Cookies\séverine@metriweb[1].txt
00172483 Cookie/888 TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@int.sitestat[1].txt
00172483 Cookie/888 TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@888[2].txt
00172484 Cookie/Cassava TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@int.sitestat[2].txt
00172484 Cookie/Cassava TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@cassava[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Local Settings\Temp\Cookies\séverine@bluestreak[1].txt
00173987 Cookie/Itrack TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@ilead.itrack[1].txt
00173992 Cookie/Zedo TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@c5.zedo[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@adrevolver[2].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No E:\Documents and Settings\Papa\Cookies\papa@adultfriendfinder[1].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@adultfriendfinder[2].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@searchportal.information[1].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@searchportal.information[1].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No E:\Documents and Settings\Papa\Cookies\papa@searchportal.information[1].txt
00207936 Cookie/Adviva TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@adviva[1].txt
00207936 Cookie/Adviva TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@adviva[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@atwola[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Local Settings\Temp\Cookies\séverine@smartadserver[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@smartadserver[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@smartadserver[1].txt
00286732 Cookie/Cgi-bin TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@cgi-bin[1].txt
00286739 Cookie/Hitbox TrackingCookie No 0 Yes No E:\Documents and Settings\Delphine\Cookies\delphine@ehg-dig.hitbox[2].txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No E:\Documents and Settings\Papa\Cookies\papa@ads.addynamix[1].txt
01196325 Cookie/Enhance TrackingCookie No 0 Yes No E:\Documents and Settings\Papa\Cookies\papa@enhance[2].txt
01196325 Cookie/Enhance TrackingCookie No 0 Yes No E:\Documents and Settings\Séverine\Cookies\séverine@enhance[2].txt
02990320 Application/BoontyGames HackTools No 0 Yes No E:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location =
;===================================================================================================================================================================================
No C:\divers\Morpheus.exe =
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description =
;===================================================================================================================================================================================
;===================================================================================================================================================================================
herbalau
Membre
Membre
 
Messages: 4
Inscription: 17 Aoû 2008, 13:36

Re: PC infecté

Messagepar herbalau » 18 Aoû 2008, 22:07

Messagepar flrrosa » 20 Aoû 2008, 23:39

herbalau,

téléchargez GenProc http://www.alt-shift-return.org/Info/Fi ... enProc.zip sur votre bureau

dézippez le dossier, double-cliquez sur GenProc.bat
et postez le contenu du rapport qui s'ouvre

Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html
flrrosa
Helper
Helper
 
Messages: 55
Inscription: 18 Mai 2008, 15:46


Retourner vers Virus - Sécurité - Désinfection

 


  • Articles en relation
    Réponses
    Vus
    Dernier message

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 1 invité

Ce site utilise des pages PHP entièrement recyclables