F- Secure bloqué, virus ?
Dernière réponse : dans Sécurité
Bonjour,
Depuis quelque temps lorsque mon ordinateur démarre, lorsque j'ouvre mon pack sécurité ( F-Secure) je ne pas du tout modifier le statut de mon antivirus, je pense donc qu'il s'agit d'un virus qui le bloque.
Voici le log d'hitjack this :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:39:52, on 22/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C![:p]( ":p")
rogram FilesIntelWirelessBinEvtEng.exe
C![:p]( ":p")
rogram FilesIntelWirelessBinS24EvMon.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C![:p]( ":p")
rogram FilesBonjourmDNSResponder.exe
C![:p]( ":p")
rogram FilesBelkinLogiciel Bluetoothbinbtwdins.exe
C![:p]( ":p")
rogram FilesTOSHIBAConfigFreeCFSvcs.exe
C:WINDOWSsystem32DVDRAMSV.exe
C:WINDOWSeHomeehRecvr.exe
C:WINDOWSeHomeehSched.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteAnti-Virusfsgk32st.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteCommonFSMA32.EXE
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteAnti-VirusFSGK32.EXE
C![:p]( ":p")
rogram FilesJavajre6binjqs.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteCommonFSMB32.EXE
C![:p]( ":p")
rogram FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32HPZipm12.exe
C![:p]( ":p")
rogram FilesIntelWirelessBinRegSrvc.exe
C:WINDOWSsystem32svchost.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteCommonFCH32.EXE
C:WINDOWSsystem32SearchIndexer.exe
C![:p]( ":p")
ROGRA~1COMMON~1X10Commonx10nets.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteAnti-Virusfsqh.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteCommonFAMEH32.EXE
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSPCfspc.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteAnti-Virusfssm32.exe
C:WINDOWSsystem32dllhost.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSAUAprogramfsaua.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFWESProgramfsdfwd.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSAUAprogramfsus.exe
C:WINDOWSSystem32svchost.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteAnti-Virusfsav32.exe
C:WINDOWSehomeehtray.exe
C:WINDOWSeHomeehmsas.exe
C:WINDOWSSystem32DLADLACTRLW.EXE
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteCommonFSM32.EXE
C![:p]( ":p")
rogram FilesHPHP Software UpdateHPWuSchd2.exe
C![:p]( ":p")
rogram FilesTOSHIBATOSCDSPDtoscdspd.exe
C:WINDOWSsystem32ctfmon.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSGUIfsguidll.exe
C:WINDOWSsystem32RAMASST.exe
C![:p]( ":p")
rogram FilesWindows Desktop SearchWindowsSearch.exe
C:WINDOWSsystem32igfxsrvc.exe
C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSGUIscanwizard.exe
C![:p]( ":p")
rogram FilesMozilla Firefoxfirefox.exe
C![:p]( ":p")
rogram FilesFichiers communsAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:WINDOWSsystem32SearchProtocolHost.exe
C![:D]( ":D")
ocuments and SettingsHenrykBureauHiJackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dartybox.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O1 - Hosts: HP584252 HP001871584252
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C![:p]( ":p")
rogram FilesFichiers communsAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:WINDOWSSystem32DLADLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C![:p]( ":p")
rogram FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C![:p]( ":p")
rogram FilesJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C![:p]( ":p")
rogram FilesJavajre6libdeployjqsiejqs_plugin.dll
O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM..Run: [DLA] C:WINDOWSSystem32DLADLACTRLW.EXE
O4 - HKLM..Run: [F-Secure Manager] "C![:p]( ":p")
rogram FilesDartyboxPack SecuriteCommonFSM32.EXE" /splash
O4 - HKLM..Run: [F-Secure TNB] "C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSGUITNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM..Run: [HP Software Update] C![:p]( ":p")
rogram FilesHPHP Software UpdateHPWuSchd2.exe
O4 - HKCU..Run: [TOSCDSPD] C![:p]( ":p")
rogram FilesTOSHIBATOSCDSPDtoscdspd.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: RAMASST.lnk = C:WINDOWSsystem32RAMASST.exe
O4 - Global Startup: Windows Search.lnk = C![:p]( ":p")
rogram FilesWindows Desktop SearchWindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C![:p]( ":p")
ROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C![:p]( ":p")
rogram FilesBelkinLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSPCfspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSPCfspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSPCfspcmsie.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C![:p]( ":p")
ROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C![:p]( ":p")
rogram FilesBelkinLogiciel Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C![:p]( ":p")
rogram FilesBelkinLogiciel Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C![:p]( ":p")
rogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C![:p]( ":p")
rogram FilesMessengermsmsgs.exe
O20 - Winlogon Notify: GoToAssist - C![:p]( ":p")
rogram FilesCitrixGoToAssist508G2AWinLogon.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C![:p]( ":p")
rogram FilesFichiers communsAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C![:p]( ":p")
rogram FilesBonjourmDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C![:p]( ":p")
rogram FilesBelkinLogiciel Bluetoothbinbtwdins.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C![:p]( ":p")
rogram FilesTOSHIBAConfigFreeCFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:WINDOWSsystem32DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C![:p]( ":p")
rogram FilesIntelWirelessBinEvtEng.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C![:p]( ":p")
rogram FilesDartyboxPack SecuriteAnti-Virusfsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFSAUAprogramfsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C![:p]( ":p")
rogram FilesDartyboxPack SecuriteFWESProgramfsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C![:p]( ":p")
rogram FilesDartyboxPack SecuriteCommonFSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C![:p]( ":p")
rogram FilesDartyboxPack SecuriteORSP Clientfsorsp.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C![:p]( ":p")
rogram FilesCitrixGoToAssist508g2aservice.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:WINDOWSsystem32spooldriversw32x863HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:WINDOWSsystem32spooldriversw32x863HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C![:p]( ":p")
rogram FilesFichiers communsInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C![:p]( ":p")
rogram FilesiPodbiniPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C![:p]( ":p")
rogram FilesJavajre6binjqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C![:p]( ":p")
rogram FilesIntelWirelessBinRegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C![:p]( ":p")
rogram FilesIntelWirelessBinS24EvMon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C![:p]( ":p")
ROGRA~1COMMON~1X10Commonx10nets.exe
--
End of file - 10273 bytes
Et voici une capture de mes processus :
http://img17.imageshack.us/my.php?image=processus.jpg
Merci de votre aide![:)]( ":)")
Configuration: Windows XP
Firefox 3.0.7
Depuis quelque temps lorsque mon ordinateur démarre, lorsque j'ouvre mon pack sécurité ( F-Secure) je ne pas du tout modifier le statut de mon antivirus, je pense donc qu'il s'agit d'un virus qui le bloque.
Voici le log d'hitjack this :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:39:52, on 22/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C
rogram FilesIntelWirelessBinEvtEng.exeC
rogram FilesIntelWirelessBinS24EvMon.exeC:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C
rogram FilesBonjourmDNSResponder.exeC
rogram FilesBelkinLogiciel Bluetoothbinbtwdins.exeC
rogram FilesTOSHIBAConfigFreeCFSvcs.exeC:WINDOWSsystem32DVDRAMSV.exe
C:WINDOWSeHomeehRecvr.exe
C:WINDOWSeHomeehSched.exe
C
rogram FilesDartyboxPack SecuriteAnti-Virusfsgk32st.exeC
rogram FilesDartyboxPack SecuriteCommonFSMA32.EXEC
rogram FilesDartyboxPack SecuriteAnti-VirusFSGK32.EXEC
rogram FilesJavajre6binjqs.exeC
rogram FilesDartyboxPack SecuriteCommonFSMB32.EXEC
rogram FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXEC:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32HPZipm12.exe
C
rogram FilesIntelWirelessBinRegSrvc.exeC:WINDOWSsystem32svchost.exe
C
rogram FilesDartyboxPack SecuriteCommonFCH32.EXEC:WINDOWSsystem32SearchIndexer.exe
C
ROGRA~1COMMON~1X10Commonx10nets.exeC
rogram FilesDartyboxPack SecuriteAnti-Virusfsqh.exeC
rogram FilesDartyboxPack SecuriteCommonFAMEH32.EXEC
rogram FilesDartyboxPack SecuriteFSPCfspc.exeC
rogram FilesDartyboxPack SecuriteAnti-Virusfssm32.exeC:WINDOWSsystem32dllhost.exe
C
rogram FilesDartyboxPack SecuriteFSAUAprogramfsaua.exeC
rogram FilesDartyboxPack SecuriteFWESProgramfsdfwd.exeC:WINDOWSsystem32wbemwmiapsrv.exe
C
rogram FilesDartyboxPack SecuriteFSAUAprogramfsus.exeC:WINDOWSSystem32svchost.exe
C
rogram FilesDartyboxPack SecuriteAnti-Virusfsav32.exeC:WINDOWSehomeehtray.exe
C:WINDOWSeHomeehmsas.exe
C:WINDOWSSystem32DLADLACTRLW.EXE
C
rogram FilesDartyboxPack SecuriteCommonFSM32.EXEC
rogram FilesHPHP Software UpdateHPWuSchd2.exeC
rogram FilesTOSHIBATOSCDSPDtoscdspd.exeC:WINDOWSsystem32ctfmon.exe
C
rogram FilesDartyboxPack SecuriteFSGUIfsguidll.exeC:WINDOWSsystem32RAMASST.exe
C
rogram FilesWindows Desktop SearchWindowsSearch.exeC:WINDOWSsystem32igfxsrvc.exe
C
rogram FilesDartyboxPack SecuriteFSGUIscanwizard.exeC
rogram FilesMozilla Firefoxfirefox.exeC
rogram FilesFichiers communsAppleMobile Device SupportbinAppleMobileDeviceService.exeC:WINDOWSsystem32SearchProtocolHost.exe
C
ocuments and SettingsHenrykBureauHiJackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dartybox.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O1 - Hosts: HP584252 HP001871584252
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C
rogram FilesFichiers communsAdobeAcrobatActiveXAcroIEHelperShim.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:WINDOWSSystem32DLADLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C
rogram FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dllO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C
rogram FilesJavajre6binjp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C
rogram FilesJavajre6libdeployjqsiejqs_plugin.dllO4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM..Run: [DLA] C:WINDOWSSystem32DLADLACTRLW.EXE
O4 - HKLM..Run: [F-Secure Manager] "C
rogram FilesDartyboxPack SecuriteCommonFSM32.EXE" /splashO4 - HKLM..Run: [F-Secure TNB] "C
rogram FilesDartyboxPack SecuriteFSGUITNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKLM..Run: [HP Software Update] C
rogram FilesHPHP Software UpdateHPWuSchd2.exeO4 - HKCU..Run: [TOSCDSPD] C
rogram FilesTOSHIBATOSCDSPDtoscdspd.exeO4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: RAMASST.lnk = C:WINDOWSsystem32RAMASST.exe
O4 - Global Startup: Windows Search.lnk = C
rogram FilesWindows Desktop SearchWindowsSearch.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C
ROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000O8 - Extra context menu item: Envoyer à &Bluetooth - C
rogram FilesBelkinLogiciel Bluetoothbtsendto_ie_ctx.htmO9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C
rogram FilesDartyboxPack SecuriteFSPCfspcmsie.dllO9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C
rogram FilesDartyboxPack SecuriteFSPCfspcmsie.dllO9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C
rogram FilesDartyboxPack SecuriteFSPCfspcmsie.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C
ROGRA~1MICROS~2OFFICE11REFIEBAR.DLLO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C
rogram FilesBelkinLogiciel Bluetoothbtsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C
rogram FilesBelkinLogiciel Bluetoothbtsendto_ie.htmO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO20 - Winlogon Notify: GoToAssist - C
rogram FilesCitrixGoToAssist508G2AWinLogon.dllO23 - Service: Apple Mobile Device - Apple Inc. - C
rogram FilesFichiers communsAppleMobile Device SupportbinAppleMobileDeviceService.exeO23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C
rogram FilesBonjourmDNSResponder.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C
rogram FilesBelkinLogiciel Bluetoothbinbtwdins.exeO23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C
rogram FilesTOSHIBAConfigFreeCFSvcs.exeO23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:WINDOWSsystem32DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C
rogram FilesIntelWirelessBinEvtEng.exeO23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C
rogram FilesDartyboxPack SecuriteAnti-Virusfsgk32st.exeO23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C
rogram FilesDartyboxPack SecuriteFSAUAprogramfsaua.exeO23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C
rogram FilesDartyboxPack SecuriteFWESProgramfsdfwd.exeO23 - Service: FSMA - F-Secure Corporation - C
rogram FilesDartyboxPack SecuriteCommonFSMA32.EXEO23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C
rogram FilesDartyboxPack SecuriteORSP Clientfsorsp.exeO23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C
rogram FilesCitrixGoToAssist508g2aservice.exeO23 - Service: HP Port Resolver - Hewlett-Packard Company - C:WINDOWSsystem32spooldriversw32x863HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:WINDOWSsystem32spooldriversw32x863HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C
rogram FilesFichiers communsInstallShieldDriver11Intel 32IDriverT.exeO23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C
rogram FilesiPodbiniPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C
rogram FilesJavajre6binjqs.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C
rogram FilesIntelWirelessBinRegSrvc.exeO23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C
rogram FilesIntelWirelessBinS24EvMon.exeO23 - Service: X10 Device Network Service (x10nets) - X10 - C
ROGRA~1COMMON~1X10Commonx10nets.exe--
End of file - 10273 bytes
Et voici une capture de mes processus :
http://img17.imageshack.us/my.php?image=processus.jpg
Merci de votre aide
Configuration: Windows XP
Firefox 3.0.7
Autres pages sur : secure bloque virus
Lassé par la pub ? Créez un compte
Bonjour,
Normal que tu n'aies pas les \ dans ton rapport ? oÔ
Télécharge Catchme (Przemyslaw Gmerek) sur ton Bureau.
Double clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.
Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse. (Ce rapport est sur ton bureau.)
Normal que tu n'aies pas les \ dans ton rapport ? oÔ
Télécharge Catchme (Przemyslaw Gmerek) sur ton Bureau.
et voila :
catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Apparament il n'as rien trouvé, bizarre bizarre
Tiens regarde cette capture, qu'est ce que t'en pense ?
http://img72.imageshack.us/my.php?image=virus.jpg
Merci
catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Apparament il n'as rien trouvé, bizarre bizarre
Tiens regarde cette capture, qu'est ce que t'en pense ?
http://img72.imageshack.us/my.php?image=virus.jpg
Merci
Lassé par la pub ? Créez un compte
