Salut,
Au démarrage de l'ordinateur aujourd'hui, avast a repéré les virus et j'ai fait supprimer.
Ensuite j'ai fait ccleaner puis AVG antispyware puis bitdefender puis hijackthis avant d'avoir ta réponse sur le site.
j'ai de nouveau regardé plus tard les messages et j'ai donc fait combofix.
Voici les rapports obtenus :
bitdefender : BitDefender Online Scanner
Scan report generated at: Thu, Sep 27, 2007 - 19:43:44
Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;
Statistics
Time
01:08:37
Files
345392
Folders
10465
Boot Sectors
4
Archives
8487
Packed Files
18019
Results
Identified Viruses
1
Infected Files
2
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
2
Engines Info
Virus Definitions
823988
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP372\A0049086.exe
Infected with: Backdoor.IRCBot.ABFR
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP372\A0049086.exe
Disinfection failed
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP372\A0049086.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP372\A0049087.exe
Infected with: Backdoor.IRCBot.ABFR
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP372\A0049087.exe
Disinfection failed
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP372\A0049087.exe
Deleted
Combofix:
ComboFix 07-09-21.2 - "mika et sandrine" 2007-09-27 21:52:56.2 - NTFSx86 MINIMAL
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.1256 [GMT 2:00]
.
((((((((((((((((((((((((((((( Fichiers créés 2007-08-27 to 2007-09-27 ))))))))))))))))))))))))))))))))))))
.
2007-09-24 22:11 1,156 --a------ C:\WINDOWS\mozver.dat
2007-09-24 22:04 <REP> d-------- C:\DOCUME~1\MIKAET~1\APPLIC~1\Talkback
2007-09-24 22:00 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-09-24 21:22 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-23 21:26 <REP> d-------- C:\WINDOWS\ERUNT
2007-09-21 00:46 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-09-20 23:30 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-09-20 22:14 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-09-20 22:04 <REP> d-------- C:\Program Files\Yahoo!
2007-09-20 22:04 <REP> d-------- C:\Program Files\CCleaner
2007-09-20 20:42 <REP> d-------- C:\WINDOWS\report
2007-09-20 20:40 86,094 --a------ C:\WINDOWS\BPMNT.dll
2007-09-20 20:40 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2007-09-20 20:40 267,845 --a------ C:\WINDOWS\tsc.exe
2007-09-20 20:40 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2007-09-20 20:40 <REP> d-------- C:\WINDOWS\AU_Backup
2007-09-20 20:38 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-09-20 20:38 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-09-20 20:38 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-09-20 20:38 <REP> d-------- C:\WINDOWS\AU_Temp
2007-09-20 20:38 <REP> d-------- C:\WINDOWS\AU_Log
2007-09-20 20:29 <REP> d--hs---- C:\found.000
2007-09-18 20:27 <REP> d-------- C:\Program Files\iTunes
2007-09-18 20:27 <REP> d-------- C:\Program Files\iPod
2007-09-15 18:22 <REP> d-------- C:\Program Files\Windows Live
2007-09-15 18:22 <REP> d-------- C:\Program Files\Messenger Plus! Live
2007-09-15 18:07 <REP> d-------- C:\Program Files\MSN Messenger
2007-09-15 14:55 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
2007-08-30 11:24 <REP> d-------- C:\Program Files\BitSpirit
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-27 17:46 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-09-24 22:00 --------- d-------- C:\Program Files\Google
2007-09-18 20:22 --------- d-------- C:\Program Files\Apple Software Update
2007-09-15 16:03 --------- d-------- C:\Program Files\Elaborate Bytes
2007-09-15 14:54 --------- d-------- C:\Program Files\SlySoft
2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-28 08:58 --------- d-------- C:\DOCUME~1\MIKAET~1\APPLIC~1\Ahead
2007-08-20 20:24 --------- d-------- C:\Program Files\GameSpy Arcade
2007-08-20 20:19 --------- d-------- C:\Program Files\Fichiers communs\DirectX
2007-08-17 11:41 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-15 12:03 --------- d-------- C:\Program Files\MSXML 4.0
2007-08-14 11:36 --------- d-------- C:\Program Files\Ubisoft
2007-08-12 18:40 --------- d-------- C:\Program Files\Illustrate
2007-08-12 18:39 4112760 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2007-08-12 18:38 --------- d-------- C:\Program Files\Free Audio Pack
2007-08-11 11:40 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-08-11 11:40 217088 --a------ C:\WINDOWS\system32\UAService7.exe
2007-08-11 11:38 --------- d-------- C:\Program Files\Codemasters
2007-08-09 11:56 --------- d-------- C:\Program Files\Call of Duty
2007-08-09 10:40 --------- d-------- C:\Program Files\Capcom
2007-08-09 10:32 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-08-09 10:27 81920 --a------ C:\WINDOWS\system32\Dversion.dll
2007-08-09 10:27 5120 --a------ C:\WINDOWS\system32\Fsinst16.DLL
2007-08-09 10:27 45056 --a------ C:\WINDOWS\system32\Fsinst32.dll
2007-08-09 10:27 122880 --a------ C:\WINDOWS\system32\DVC.dll
2007-08-09 10:25 --------- d-------- C:\Program Files\Fichiers communs\InstallShield
2007-08-07 19:51 --------- d-------- C:\Program Files\QuickTime
2007-08-06 12:32 --------- d-------- C:\DOCUME~1\MIKAET~1\APPLIC~1\Help
2007-08-01 19:34 --------- d-------- C:\DOCUME~1\MIKAET~1\APPLIC~1\vlc
2007-08-01 19:33 --------- d-------- C:\Program Files\VideoLAN
2007-07-31 19:27 --------- d-------- C:\Program Files\Realtek
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-29 20:36 --------- d-------- C:\Program Files\eMule
2007-07-27 21:20 --------- d-------- C:\Program Files\Motive
2007-07-27 21:08 --------- d-------- C:\Program Files\Club-Internet
2007-07-27 19:08 --------- d-------- C:\Program Files\BroadJump
2007-07-27 18:48 --------- d-------- C:\Program Files\LE COMPAGNON CLUB
2007-07-19 08:58 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
2007-06-29 11:59 318976 --a------ C:\WINDOWS\system32\dllcache\unregmp2.exe
2007-06-27 15:24 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
2006-12-28 21:55 87608 --a------ C:\DOCUME~1\MIKAET~1\APPLIC~1\ezpinst.exe
2006-12-28 21:55 47360 --a------ C:\DOCUME~1\MIKAET~1\APPLIC~1\pcouffin.sys
2006-07-06 02:37 70144 --a------ C:\Program Files\Keygen winace 2.20.exe
2002-12-29 15:42 1284 --a------ C:\Program Files\WinACE.2.20.Patch.Fr.Keygen.txt
2002-09-30 16:03 277 --a------ C:\Program Files\WinAce.url
2002-07-14 17:32 318743 --a------ C:\Program Files\Traduction francaise winace 2.20.exe
2002-07-14 17:27 2826786 --a------ C:\Program Files\Winace 2.20.exe
--------- C:\Program Files\Hijackthis Version Française
.
((((((((((((((((((((((((((((( snapshot_2007-09-24_212516,93 )))))))))))))))))))))))))))))))))))))))))
.
----a-w 181,760 2007-09-25 20:25:00 C:\WINDOWS\BDOSCAN8\bdcore.dll
----a-r 295,606 2007-09-24 20:03:14 C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A81000000003}\SC_Reader.exe
------w 276,073 2007-06-13 13:22:28 C:\WINDOWS\system32\netdll32.exe
----a-w 2,115,816 2007-06-11 11:34:00 C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
----a-w 190,696 2007-06-11 11:34:00 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
.
----a-w 181,248 2007-09-20 21:30:50 C:\WINDOWS\BDOSCAN8\bdcore.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 15:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 15:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 15:00]
"SoundMan"="SOUNDMAN.EXE" [2005-05-17 19:48 C:\WINDOWS\SOUNDMAN.EXE]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 11:31]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22]
"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]
"SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [2004-01-05 19:34]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 00:11]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-11-04 21:14]
"SideWinderTrayV4"="C:\PROGRA~1\MICROS~4\GAMECO~1\common\swtrayv4.exe" [1999-11-18 19:12]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 12:10]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 17:16]
"Motive SmartBridge"="C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe" [2006-04-21 15:41]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-15 20:27]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
R0 SI3112r;ATI-437A Serial ATA Controller;C:\WINDOWS\system32\DRIVERS\SI3112r.sys
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
S3 GcKernel;Pilote de filtre Microsoft SideWinder Value Add;C:\WINDOWS\system32\DRIVERS\GcKernel.sys
S3 HIDSwvd;Minipilote de périphérique Microsoft SideWinder HID virtuel;C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys
S3 snpstd2;USB PC Camera (SN9C103);C:\WINDOWS\system32\DRIVERS\snpstd2.sys
S3 sony_ssm.sys;sony_ssm.sys;\??\C:\DOCUME~1\MIKAET~1\LOCALS~1\Temp\sony_ssm.sys
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys
S3 WmFilter;Logitech WingMan HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{034e285b-861e-11db-a900-00038a000015}]
AutoRun\command- K:\InstallTomTomHOME.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-09-18 18:22:52 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-27 21:54:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-27 21:55:18
C:\ComboFix2.txt ... 2007-09-24 21:25
.
--- E O F ---
J'ai dû rafire hijackthis car je n'avais pas enregistré le rapport:
Logfile of HijackThis v1.99.1
Scan saved at 21:58:49, on 27/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\vsnpstd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\MICROS~4\GAMECO~1\common\swtrayv4.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\lecompagnonclub.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-internet.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~4\GAMECO~1\common\swtrayv4.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
J'ai quand même l'impression que ça doit être bon, mais j'attends de tes nouvelles pour savoir si c'est ok.
De plus, est-ce que je dois supprimer des choses notamment les sauvegardes de registre et autre documents créés.
@ plus, et merci encore.
Application cannot be executed the file is infected
