virus Asia FriendFinder

virus Asia FriendFinder - Sécurité - Virus

Recherche Recherche
Règles Règles
Aide Aide

Dans la même thématique :

Ceci répond-il à votre question ? Oui | Non

Voir les posts : Par défaut Tous Les bonnes notes Les notes insuffisantes

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : virus Asia FriendFinder

raymond1

Profil : IDNaute

Plus d'informations

08-06-2007 à 18:19:31

qui peut m'aider j'ai essayer avec les logiciels courant mais rien

Liens

Angeldark

Profil : Helper

Plus d'informations

08-06-2007 à 18:51:13

Masquer

Un bonjour/merci ?

Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.

Lance l'application (Hijackthis.exe) :
- Choisis l'option "Do a system scan and save a logfile"
- Le Bloc-Notes s'ouvre, poste son contenu :

-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse

AIDE : Tuto en vidéo sur Hijackthis

---------------
Prévention & Protection|Les logiciels gratuits|L'homme du FLCCF

raymond1

Profil : IDNaute

Plus d'informations

08-06-2007 à 18:54:38

Masquer

Logfile of HijackThis v1.99.1
Scan saved at 18:53:49, on 08.06.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\C-Channel\MyPen Light\MPLight.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\Serge\LOCALS~1\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [U.S. Robotics Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [j5241133] rundll32 C:\WINDOWS\system32\j5241133.dll sook
O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\heamqrrg.dll",realset
O4 - HKLM\..\Run: [USRobotics Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: MyPen Light.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 1063782406
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

raymond1

Profil : IDNaute

Plus d'informations

08-06-2007 à 18:55:56

Masquer

J'ai aussi d'autre page qui s'ouvre pour des antivirus

raymond1

Profil : IDNaute

Plus d'informations

08-06-2007 à 18:57:21

Masquer

winantispyware 2006

Angeldark

Profil : Helper

Plus d'informations

08-06-2007 à 19:02:03

Masquer

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer
Clique sur le bouton Scan for Vundo
Lorsque le scan est complété, clique sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

---------------
Prévention & Protection|Les logiciels gratuits|L'homme du FLCCF

raymond1

Profil : IDNaute

Plus d'informations

08-06-2007 à 19:54:48

Masquer

VundoFix V6.4.1

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Scan started at 19:33:57 08.06.2007

Listing files found while scanning....

C:\WINDOWS\system32\awttsro.dll
C:\WINDOWS\system32\ddcyw.dll
C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\wycdd.bak2
C:\WINDOWS\system32\wycdd.ini

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awttsro.dll
C:\WINDOWS\system32\awttsro.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\ddcyw.dll
C:\WINDOWS\system32\ddcyw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\wycdd.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\wycdd.bak2
C:\WINDOWS\system32\wycdd.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\wycdd.ini
C:\WINDOWS\system32\wycdd.ini Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.4.1

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Scan started at 19:41:35 08.06.2007

Listing files found while scanning....

C:\WINDOWS\system32\awttsro.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awttsro.dll
C:\WINDOWS\system32\awttsro.dll Has been deleted!

Performing Repairs to the registry.
Done!

Logfile of HijackThis v1.99.1
Scan saved at 19:54:31, on 08.06.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\C-Channel\MyPen Light\MPLight.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\Serge\LOCALS~1\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2AEE4056-23F6-4F2D-9198-543C50E9C1F7} - C:\WINDOWS\system32\ddcyw.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8A61098D-612B-4EF2-943D-64E920684061} - C:\WINDOWS\system32\awttsro.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\yytcftay.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [U.S. Robotics Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [j5241133] rundll32 C:\WINDOWS\system32\j5241133.dll sook
O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\heamqrrg.dll",realset
O4 - HKLM\..\Run: [USRobotics Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: MyPen Light.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 1063782406
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyp32 - C:\WINDOWS\SYSTEM32\winjyp32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

Angeldark

Profil : Helper

Plus d'informations

08-06-2007 à 20:11:03

Masquer

Re,

Télécharge combofix.exe (par sUBs) sur ton Bureau.
Double clique combofix.exe.
Tape sur la touche Y (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

---------------
Prévention & Protection|Les logiciels gratuits|L'homme du FLCCF

raymond1

Profil : IDNaute

Plus d'informations

08-06-2007 à 20:33:42

Masquer

"Serge" - 2007-06-08 20:15:19 Service Pack 2 NTFS
ComboFix 07-06-3B - Running from: "C:\Documents and Settings\Serge\Bureau\"

(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\baryahco.dll
C:\WINDOWS\system32\winjyp32.dll

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

((((((((((((((((((((((((( Files Created from 2007-05-08 to 2007-06-08 )))))))))))))))))))))))))))))))

2007-06-08 20:16 57,344 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\vajmfsjo.exe
2007-06-08 20:16 33,302 --a------ C:\WINDOWS\system32\jkkiged.dll
2007-06-08 19:33 <REP> d-------- C:\VundoFix Backups
2007-06-07 18:37 58,420 --a------ C:\WINDOWS\system32\yytcftay.dll
2007-06-06 21:23 757,760 --a------ C:\WINDOWS\system32\bcm1xsup.dll
2007-06-06 21:23 69,632 --a------ C:\WINDOWS\system32\bcmwlpkt.dll
2007-06-06 21:23 604,928 --a------ C:\WINDOWS\system32\drivers\BCMWL5.SYS
2007-06-06 21:23 33,664 --a------ C:\WINDOWS\system32\drivers\BCMWLNPF.SYS
2007-06-06 21:23 2,129,920 --a------ C:\WINDOWS\system32\WLBCGCBPRO731.DLL
2007-06-06 21:21 98,304 --------- C:\WINDOWS\system32\windevx.exe
2007-06-06 21:21 53,248 --------- C:\WINDOWS\system32\preflb0.dll
2007-06-06 21:21 36,864 --------- C:\WINDOWS\system32\MAXguninst.exe
2007-06-06 21:21 327,680 --------- C:\WINDOWS\system32\Diogenes.dll
2007-06-06 21:21 17,992 --------- C:\WINDOWS\system32\drivers\bcm42rly.sys
2007-06-06 21:21 126,976 --------- C:\WINDOWS\system32\windevx.dll
2007-06-06 18:59 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2007-06-06 18:51 <REP> d-------- C:\WINDOWS\SHELLNEW
2007-06-06 18:51 <REP> d-------- C:\Program Files\Microsoft.NET
2007-06-06 18:48 <REP> dr-h----- C:\MSOCache
2007-06-06 18:39 131,124 --a------ C:\WINDOWS\system32\heamqrrg.dll
2007-06-06 18:36 2,580 --a------ C:\WINDOWS\system32\gfgyyosp.exe
2007-06-06 18:36 14,868 --a------ C:\WINDOWS\system32\xsjbxboo.exe
2007-06-06 18:36 10,752 --a------ C:\WINDOWS\system32\j5241133.dll
2007-06-06 17:50 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-06-05 22:01 <REP> d-------- C:\Program Files\MAMMUT_PRIVATE
2007-06-05 21:21 <REP> d-------- C:\DOCUME~1\Serge\APPLIC~1\Google
2007-06-05 21:21 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-06-05 21:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-06-05 20:59 <REP> d-------- C:\Program Files\Fichiers communs\C-CHANNEL
2007-06-05 20:59 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\C-CHANNEL
2007-06-05 20:57 <REP> d--h----- C:\Program Files\Zero G Registry
2007-06-05 20:57 <REP> d--h----- C:\DOCUME~1\Serge\InstallAnywhere
2007-06-05 20:57 <REP> d-------- C:\Program Files\yellownet
2007-06-05 20:50 <REP> d-------- C:\Program Files\Microsoft Money
2007-06-05 20:49 <REP> d-------- C:\Program Files\PowerArchiver
2007-06-05 20:29 <REP> d-------- C:\DOCUME~1\Serge\APPLIC~1\Logitech
2007-06-05 20:12 94,208 --a------ C:\WINDOWS\system32\Msstkprp.dll
2007-06-05 20:12 90,112 --a------ C:\WINDOWS\system32\mam_ynet128.dll
2007-06-05 20:12 89,360 --a------ C:\WINDOWS\system32\Vb5db.dll
2007-06-05 20:12 8,192 --a------ C:\WINDOWS\system32\Msprpde.dll
2007-06-05 20:12 72,704 --a------ C:\WINDOWS\system32\Odbctl32.dll
2007-06-05 20:12 7,495,680 --a------ C:\WINDOWS\system32\MAM_EZ.dll
2007-06-05 20:12 659,456 --a------ C:\WINDOWS\system32\SSLInterface.dll
2007-06-05 20:12 64,512 --a------ C:\WINDOWS\system32\Mscc2de.dll
2007-06-05 20:12 6,656 --a------ C:\WINDOWS\system32\Stdftde.dll
2007-06-05 20:12 53,248 --a------ C:\WINDOWS\system32\mam_phoenix.dll
2007-06-05 20:12 49,152 --a------ C:\WINDOWS\system32\vertrag_dll_private.dll
2007-06-05 20:12 49,152 --a------ C:\WINDOWS\system32\Konto_dll_p.dll
2007-06-05 20:12 45,056 --a------ C:\WINDOWS\system32\Vertrag_dll_com_sbs.dll
2007-06-05 20:12 45,056 --a------ C:\WINDOWS\system32\network_dll.dll
2007-06-05 20:12 45,056 --a------ C:\WINDOWS\system32\kurse_dll.dll
2007-06-05 20:12 42,496 --a------ C:\WINDOWS\system32\Flxgdde.dll
2007-06-05 20:12 40,960 --a------ C:\WINDOWS\system32\Vertrag_dll_frei_p.dll
2007-06-05 20:12 385,024 --a------ C:\WINDOWS\system32\Sbc_private.dll
2007-06-05 20:12 368,640 --a------ C:\WINDOWS\system32\Exportassistent.dll
2007-06-05 20:12 36,864 --a------ C:\WINDOWS\system32\MAMMUT_CRYPT.DLL
2007-06-05 20:12 36,864 --a------ C:\WINDOWS\system32\DEPOT_MODUL_P.dll
2007-06-05 20:12 36,352 --a------ C:\WINDOWS\system32\Rchtxde.dll
2007-06-05 20:12 33,792 --a------ C:\WINDOWS\system32\Cmdlgde.dll
2007-06-05 20:12 32,768 --a------ C:\WINDOWS\system32\Vertrag_dll_wbe_p.dll
2007-06-05 20:12 32,768 --a------ C:\WINDOWS\system32\vertrag_dll_sbs_p.dll
2007-06-05 20:12 32,768 --a------ C:\WINDOWS\system32\mamprop.dll
2007-06-05 20:12 32,768 --a------ C:\WINDOWS\system32\iban_modul.dll
2007-06-05 20:12 3,870,720 --a------ C:\WINDOWS\system32\STAMMLISTE_P.dll
2007-06-05 20:12 3,510,272 --a------ C:\WINDOWS\system32\MAM_EMAILS.dll
2007-06-05 20:12 3,420,160 --a------ C:\WINDOWS\system32\mam_za_private.dll
2007-06-05 20:12 3,112,960 --a------ C:\WINDOWS\system32\Kontobewegungen_p.dll
2007-06-05 20:12 28,672 --a------ C:\WINDOWS\system32\vertrag_dll_com_frei_p.dll
2007-06-05 20:12 28,672 --a------ C:\WINDOWS\system32\mam_ras_config.dll
2007-06-05 20:12 28,672 --a------ C:\WINDOWS\system32\Cmct3de.dll
2007-06-05 20:12 252,176 --a------ C:\WINDOWS\system32\Msrd2x35.dll
2007-06-05 20:12 249,856 --a------ C:\WINDOWS\system32\DB_UTIL.DLL
2007-06-05 20:12 24,848 --a------ C:\WINDOWS\system32\Msjter35.dll
2007-06-05 20:12 24,576 --a------ C:\WINDOWS\system32\scrrnde.dll
2007-06-05 20:12 233,472 --a------ C:\WINDOWS\system32\MAM_SHOW_GRAFIK.dll
2007-06-05 20:12 22,528 --a------ C:\WINDOWS\system32\Tabctde.dll
2007-06-05 20:12 192,512 --a------ C:\WINDOWS\system32\MAM_IMPORT_PLUGIN.DLL
2007-06-05 20:12 16,896 --a------ C:\WINDOWS\system32\Winskde.dll
2007-06-05 20:12 16,384 --a------ C:\WINDOWS\system32\Inetde.dll
2007-06-05 20:12 158,208 --a------ C:\WINDOWS\system32\Mscmcde.dll
2007-06-05 20:12 14,336 --a------ C:\WINDOWS\system32\Mscomde.dll
2007-06-05 20:12 118,784 --a------ C:\WINDOWS\system32\Msstdfmt.dll
2007-06-05 20:12 112,640 --a------ C:\WINDOWS\system32\Cmctlde.dll
2007-06-05 20:12 1,949,696 --a------ C:\WINDOWS\system32\wizard_auftrag_dll.dll
2007-06-05 20:12 1,458,176 --a------ C:\WINDOWS\system32\mam_wbe.dll
2007-06-05 20:12 1,372,160 --a------ C:\WINDOWS\system32\ZV_DLL.DLL
2007-06-05 20:12 1,040,384 --a------ C:\WINDOWS\system32\MAMMUT2000_transfer.dll
2007-06-05 20:12 1,040,384 --a------ C:\WINDOWS\system32\maintain_p.dll
2007-06-05 20:03 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-06-05 20:02 <REP> d-------- C:\Program Files\Migros Livre Photo
2007-06-05 20:01 59,904 --a------ C:\WINDOWS\system32\MSCC2FR.DLL
2007-06-05 20:01 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL
2007-06-05 20:01 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2007-06-05 20:01 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2007-06-05 20:01 116,224 --a------ C:\WINDOWS\system32\pdfcmnnt.dll
2007-06-05 20:01 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-06-05 20:01 <REP> d-------- C:\Program Files\PDFCreator
2007-06-05 19:58 <REP> d-------- C:\WINDOWS\network diagnostic
2007-06-05 19:57 <REP> d-------- C:\Program Files\MSXML 4.0
2007-06-05 19:52 <REP> d-------- C:\Program Files\Lavasoft

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-08 17:50:33 65,362 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-06-08 17:50:33 449,322 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-06-05 18:59:39 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-05 17:26:59 -------- d-----w C:\Program Files\Sonic
2007-06-05 17:11:52 -------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-06-05 17:11:51 -------- d-----w C:\Program Files\Symantec
2007-06-05 16:52:51 -------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-06-05 16:35:42 -------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-16 20:43:40 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-08 15:37:50 578,560 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:37:50 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:37:50 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 15:33:58 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{2AEE4056-23F6-4F2D-9198-543C50E9C1F7}=C:\WINDOWS\system32\ddcyw.dll []
{5CA3D70E-1895-11CF-8E15-001234567890}=C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-11-07 05:20]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{8A61098D-612B-4EF2-943D-64E920684061}=C:\WINDOWS\system32\jkkiged.dll [2007-06-08 20:16]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 20:33]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar1.dll [2007-06-05 21:21]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll [2007-06-05 21:20]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 15:56]
{E12BFF69-38A7-406e-A8EF-2738107A7831}=C:\WINDOWS\system32\yytcftay.dll [2007-06-07 18:37]
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}=C:\Program Files\Microsoft Money\System\mnyviewer.dll [2001-07-25 10:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 00:20 C:\WINDOWS\STSYSTRA.EXE]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 13:52]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 17:19]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 02:02]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 17:50]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 03:10]
"Logitech Hardware Abstraction Layer"="C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE" [2006-07-19 12:03]
"@"="" []
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 12:03 C:\WINDOWS\KHALMNPR.Exe]
"C-Media Mixer"="Mixer.exe" [2002-10-15 18:00 C:\WINDOWS\mixer.exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-05-02 08:08]
"ADUserMon"="C:\Program Files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 16:39]
"Iomega Drive Icons"="C:\Program Files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 14:30]
"Deskup"="C:\Program Files\Iomega\DriveIcons\deskup.exe" [2002-07-16 10:55]
"MoneyStartUp10.0"="C:\Program Files\Microsoft Money\System\Activation.exe" [2001-07-25 10:00]
"vajmfsjo.exe"="C:\Documents and Settings\All Users\Application Data\vajmfsjo.exe" [2007-06-08 20:16]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{8A61098D-612B-4EF2-943D-64E920684061}"="C:\WINDOWS\system32\jkkiged.dll" [2007-06-08 20:16]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkiged]
jkkiged.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

Contents of the 'Scheduled Tasks' folder
2007-06-08 18:21:00 C:\WINDOWS\tasks\Symantec NetDetect.job
2007-06-08 17:28:02 C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

**************************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-08 20:19:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-08 20:21:56 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-08 20:21

--- E O F ---
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\baryahco.dll
C:\WINDOWS\system32\winjyp32.dll

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

((((((((((((((((((((((((( Files Created from 2007-05-08 to 2007-06-08 )))))))))))))))))))))))))))))))

Angeldark

Profil : Helper

Plus d'informations

08-06-2007 à 20:56:46

Masquer

Reposte un rapport Hijackthis.

---------------
Prévention & Protection|Les logiciels gratuits|L'homme du FLCCF

raymond1

Profil : IDNaute

Plus d'informations

08-06-2007 à 21:28:24

Masquer

Logfile of HijackThis v1.99.1
Scan saved at 21:27, on 2007-06-08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Application Data\vajmfsjo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\C-Channel\MyPen Light\MPLight.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explore

Messages similaires

Dans l'actualité

Les téléchargements

Albums

Les dernières actualités

Les derniers dossiers

Messages similaires

Dans l'actualité

Les téléchargements

Albums

Les dernières actualités

Les derniers dossiers

Merci