Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Virus serwab et win

Dernière réponse le 14 mar 2007 à 21:01:56 virgule41, le 6 mar 2007 à 13:44:58

Signaler ce message aux modérateurs

Mon ordinateur est infecté par le virus serwab et win
Merci de m'expliquer la procédure à suivre pour les enlever de mon disque dur.
Voici le derniers scan effectué par Hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 13:38:49, on 06/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PestPatrol5.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\JDKBQW9T\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DeskbarBHO - {5B3644BC-8144-4587-90ED-92393DC77084} - C:\Program Files\Deskbar\deskbar.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Netcom] "C:\Program Files\Netcom\Netcom.exe"
O4 - HKLM\..\Run: [TaskMon] C:\WINDOWS\System32\taskmon.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\RunOnce: [eISS_licreg] "C:\Program Files\CA\eTrust Internet Security Suite\licreg.exe" /s
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.tele2internet.fr
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/574/webolr/OCX/FlashAX.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

D'avance merci pour votre aide

Configuration: Windows XP
Firefox 2.0.0.2

Meilleures réponses pour « virus serwab et win » dans :

Virus: not-a-virus: RemoteAdmin.Win32.WinVNC (Résolu) Voir

Virus Worm.Win32.Mabezat.b Voir

J'ai le virus Worm.Win32.Mabezat.b Voir

Virus Worm.win32.perlovga.a (Résolu) Voir

Virus infecté par Backdoor.Win32.IRCBot.aaq (Résolu) Voir

Infecté par win anti virus et virus serwab (Résolu) Voir

Posez votre question Répondre

Xzr, le 6 mar 2007 à 14:23:34

Salut,

MessengerSkinner est en réalité un malware, vire-le

ouvre le répertoire program files/messenger skinner et double clique sur l’icône uninstall barrée d’une croix rouge et après redémarrage de l’ordinateur, la grosse **** de messenger skinner aura disparu.

ensuite fais ceci :

virus methode preliminaire de desinfection version fr

A+

Répondre à Xzr

virgule41, le 9 mar 2007 à 20:19:20

Salut et merci pour tes conseils.

J'ai désinstaller messenger skinner à partir de la commande : Ajout / Suppression de progamme.
Ci-après je te mets mes rapports des scans :

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 15:05:09 09/03/2007

+ Résultat de l'analyse:

:mozilla.10:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.279:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.401:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.416:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.455:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.48:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.49:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.50:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.173:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.174:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.283:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.148:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.71:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.72:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.73:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.76:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.77:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.262:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.200:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.201:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.202:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.203:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.204:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.205:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.206:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.207:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.195:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.196:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.197:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.198:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.280:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.281:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.171:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.315:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.316:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.317:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.318:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.358:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Ru4 : Aucune action entreprise.
:mozilla.13:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.371:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.151:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.152:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.153:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.154:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.155:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.130:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.131:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.132:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.133:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.143:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.144:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.145:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.261:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.208:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.209:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.210:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.212:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.213:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.

Fin du rapport

BitDefender Online Scanner

Results

Identified Viruses

1

Infected Files

1

Suspect Files

0

Warnings

0

Disinfected

0

Deleted Files

1

Engines Info

Virus Definitions

403829

Engine build

AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins

14

Archive plugins

38

Unpack plugins

6

E-mail plugins

6

System plugins

1

Scan Settings

First Action

Disinfect

Second Action

Delete

Heuristics

Yes

Enable Warnings

Yes

Scanned Extensions

*;

Exclude Extensions

Scan Emails

Yes

Scan Archives

Yes

Scan Packed

Yes

Scan Files

Yes

Scan Boot

Yes

Scanned File

Status

C:\WINDOWS\Temp\install_msgskinner.exe=>(NSIS o)=>lzma_solid_nsis0009

Infected with: Backdoor.Skinymes.Agent.A

C:\WINDOWS\Temp\install_msgskinner.exe=>(NSIS o)=>lzma_solid_nsis0009

Disinfection failed

C:\WINDOWS\Temp\install_msgskinner.exe=>(NSIS o)=>lzma_solid_nsis0009

Deleted

C:\WINDOWS\Temp\install_msgskinner.exe=>(NSIS o)

Update failed

Et enfin le dernier rapport
Logfile of HijackThis v1.99.1
Scan saved at 20:12:41, on 09/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Netcom] "C:\Program Files\Netcom\Netcom.exe"
O4 - HKLM\..\Run: [TaskMon] C:\WINDOWS\System32\taskmon.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.tele2internet.fr
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/574/webolr/OCX/FlashAX.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

A+

Répondre à virgule41

virgule41, le 13 mar 2007 à 21:23:11

Répondre à virgule41

virgule41, le 14 mar 2007 à 21:01:56

VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 15:05:09 09/03/2007

+ Résultat de l'analyse:

:mozilla.10:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.279:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.401:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.416:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.455:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.48:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.49:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.50:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.173:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.174:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.283:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.148:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.71:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.72:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.73:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.76:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.77:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.262:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.200:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.201:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.202:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.203:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.204:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.205:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.206:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.207:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.195:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.196:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.197:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.198:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.280:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.281:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.171:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.315:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.316:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.317:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.318:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.358:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Ru4 : Aucune action entreprise.
:mozilla.13:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.371:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.151:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.152:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.153:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.154:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.155:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.130:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.131:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.132:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.133:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.143:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.144:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.145:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.261:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.208:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.209:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.210:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.212:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.213:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\jukj5ing.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.

Fin du rapport

BitDefender Online Scanner

Results

Identified Viruses

1

Infected Files

1

Suspect Files

0

Warnings

0

Disinfected

0

Deleted Files

1

Engines Info

Virus Definitions

403829

Engine build

AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins

14

Archive plugins

38

Unpack plugins

6

E-mail plugins

6

System plugins

1

Scan Settings

First Action

Disinfect

Second Action

Delete

Heuristics

Yes

Enable Warnings

Yes

Scanned Extensions

*;

Exclude Extensions

Scan Emails

Yes

Scan Archives

Yes

Scan Packed

Yes

Scan Files

Yes

Scan Boot

Yes

Scanned File

Status

C:\WINDOWS\Temp\install_msgskinner.exe=>(NSIS o)=>lzma_solid_nsis0009

Infected with: Backdoor.Skinymes.Agent.A

C:\WINDOWS\Temp\install_msgskinner.exe=>(NSIS o)=>lzma_solid_nsis0009

Disinfection failed

C:\WINDOWS\Temp\install_msgskinner.exe=>(NSIS o)=>lzma_solid_nsis0009

Deleted

C:\WINDOWS\Temp\install_msgskinner.exe=>(NSIS o)

Update failed

Et enfin le dernier rapport
Logfile of HijackThis v1.99.1
Scan saved at 20:12:41, on 09/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Netcom] "C:\Program Files\Netcom\Netcom.exe"
O4 - HKLM\..\Run: [TaskMon] C:\WINDOWS\System32\taskmon.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.tele2internet.fr
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/574/webolr/OCX/FlashAX.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Merci pour vos réponses

Répondre à virgule41

Posez votre question Répondre